Debian DSA-1572-1 : php5 - several vulnerabilities

Critical Nessus Plugin ID 32306

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.7


The remote Debian host is missing a security-related update.


Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2007-3806 The glob function allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter.

- CVE-2008-1384 Integer overflow allows context-dependent attackers to cause a denial of service and possibly have other impact via a printf format parameter with a large width specifier.

- CVE-2008-2050 Stack-based buffer overflow in the FastCGI SAPI.

- CVE-2008-2051 The escapeshellcmd API function could be attacked via incomplete multibyte chars.


Upgrade the php5 package.

For the stable distribution (etch), these problems have been fixed in version 5.2.0-8+etch11.

See Also

Plugin Details

Severity: Critical

ID: 32306

File Name: debian_DSA-1572.nasl

Version: 1.23

Type: local

Agent: unix

Published: 2008/05/13

Updated: 2021/01/04

Dependencies: 12634

Risk Information

Risk Factor: Critical

VPR Score: 6.7

CVSS v2.0

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:php5, cpe:/o:debian:debian_linux:4.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2008/05/11

Reference Information

CVE: CVE-2007-3806, CVE-2008-1384, CVE-2008-2050, CVE-2008-2051

BID: 25498, 29009

DSA: 1572

CWE: 20, 119, 189, 399