Detections
Analytics

MiracleLinux 7 : rh-php70-php-7.0.27-1.el7 (AXSA:2018-3021:01)

critical Nessus Plugin ID 289151

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3021:01 advisory.

 * php: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field (CVE-2016-7412)
 * php: Use after free in wddx_deserialize (CVE-2016-7413)
 * php: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile (CVE-2016-7414)
 * php: Stack based buffer overflow in msgfmt_format_message (CVE-2016-7416)
 * php: Missing type check when unserializing SplArray (CVE-2016-7417)
 * php: Null pointer dereference in php_wddx_push_element (CVE-2016-7418)
 * php: Use-after-free vulnerability when resizing the 'properties' hash table of a serialized object (CVE-2016-7479)
 * php: Invalid read when wddx decodes empty boolean element (CVE-2016-9935)
 * php: Use After Free in unserialize() (CVE-2016-9936)
 * php: Wrong calculation in exif_convert_any_to_int function (CVE-2016-10158)
 * php: Integer overflow in phar_parse_pharfile (CVE-2016-10159)
 * php: Off-by-one error in phar_parse_pharfile when loading crafted phar archive (CVE-2016-10160)
 * php: Out-of-bounds heap read on unserialize in finish_nested_data() (CVE-2016-10161)
 * php: Null pointer dereference when unserializing PHP object (CVE-2016-10162)
 * gd: DoS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
 * gd: Integer overflow in gd_io.c (CVE-2016-10168)
 * php: Use of uninitialized memory in unserialize() (CVE-2017-5340)
 * php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function (CVE-2017-7890)
 * oniguruma: Out-of-bounds stack read in match_at() during regular expression searching (CVE-2017-9224)
 * oniguruma: Heap buffer overflow in next_state_val() during regular expression compilation (CVE-2017-9226)
 * oniguruma: Out-of-bounds stack read in mbc_enc_len() during regular expression searching (CVE-2017-9227)
 * oniguruma: Out-of-bounds heap write in bitset_set_range() (CVE-2017-9228)
 * oniguruma: Invalid pointer dereference in left_adjust_char_head() (CVE-2017-9229)
 * php: Incorrect WDDX deserialization of boolean parameters leads to DoS (CVE-2017-11143)
 * php: Incorrect return value check of OpenSSL sealing function leads to crash (CVE-2017-11144)
 * php: Out-of-bounds read in phar_parse_pharfile (CVE-2017-11147)
 * php: Stack-based buffer over-read in msgfmt_parse_message function (CVE-2017-11362)
 * php: Stack based 1-byte buffer over-write in zend_ini_do_op() function Zend/zend_ini_parser.c (CVE-2017-11628)
 * php: heap use after free in ext/standard/var_unserializer.re (CVE-2017-12932)
 * php: heap use after free in ext/standard/var_unserializer.re (CVE-2017-12934)
 * php: reflected XSS in .phar 404 page (CVE-2018-5712)
 * php, gd: Stack overflow in gdImageFillToBorder on truecolor images (CVE-2016-9933)
 * php: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow (CVE-2016-9934)
 * php: wddx_deserialize() heap out-of-bound read via php_parse_date() (CVE-2017-11145)
 * php: buffer over-read in finish_nested_data function (CVE-2017-12933)
 * php: Out-of-bound read in timelib_meridian() (CVE-2017-16642)
 * php: Denial of Service (DoS) via infinite loop in libgd gdImageCreateFromGifCtx function in ext/gd/libgd/gd_gif_in.c (CVE-2018-5711)

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/9465

Plugin Details

Severity: Critical

ID: 289151

File Name: miracle_linux_AXSA-2018-3021.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2017-9228

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:rh-php70-php-opcache, p-cpe:/a:miracle:linux:rh-php70-php-gd, p-cpe:/a:miracle:linux:rh-php70-php-intl, p-cpe:/a:miracle:linux:rh-php70-php-dba, p-cpe:/a:miracle:linux:rh-php70-php-snmp, p-cpe:/a:miracle:linux:rh-php70-php-fpm, p-cpe:/a:miracle:linux:rh-php70-php-pdo, p-cpe:/a:miracle:linux:rh-php70-php-zip, p-cpe:/a:miracle:linux:rh-php70-php-json, p-cpe:/a:miracle:linux:rh-php70-php-enchant, p-cpe:/a:miracle:linux:rh-php70-php-ldap, p-cpe:/a:miracle:linux:rh-php70-php-devel, p-cpe:/a:miracle:linux:rh-php70-php-pspell, p-cpe:/a:miracle:linux:rh-php70-php-recode, cpe:/o:miracle:linux:7, p-cpe:/a:miracle:linux:rh-php70-php, p-cpe:/a:miracle:linux:rh-php70-php-soap, p-cpe:/a:miracle:linux:rh-php70-php-bcmath, p-cpe:/a:miracle:linux:rh-php70-php-mysqlnd, p-cpe:/a:miracle:linux:rh-php70-php-xmlrpc, p-cpe:/a:miracle:linux:rh-php70-php-embedded, p-cpe:/a:miracle:linux:rh-php70-php-process, p-cpe:/a:miracle:linux:rh-php70-php-xml, p-cpe:/a:miracle:linux:rh-php70-php-dbg, p-cpe:/a:miracle:linux:rh-php70-php-odbc, p-cpe:/a:miracle:linux:rh-php70-php-mbstring, p-cpe:/a:miracle:linux:rh-php70-php-pgsql, p-cpe:/a:miracle:linux:rh-php70-php-gmp, p-cpe:/a:miracle:linux:rh-php70-php-common, p-cpe:/a:miracle:linux:rh-php70-php-cli

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/4/2018

Vulnerability Publication Date: 8/16/2016

Reference Information

CVE: CVE-2016-10158, CVE-2016-10159, CVE-2016-10160, CVE-2016-10161, CVE-2016-10162, CVE-2016-10167, CVE-2016-10168, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418, CVE-2016-7479, CVE-2016-9933, CVE-2016-9934, CVE-2016-9935, CVE-2016-9936, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11362, CVE-2017-11628, CVE-2017-12932, CVE-2017-12933, CVE-2017-12934, CVE-2017-16642, CVE-2017-5340, CVE-2017-7890, CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229, CVE-2018-5711, CVE-2018-5712