Fedora 20 : php-5.5.12-1.fc20 (2014-5960)

high Nessus Plugin ID 73880
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Fedora host is missing a security update.

Description

Notice: to fix CVE-2014-0185 this version change default php-fpm unix domain socket permission to 660 (instead of 666). Check your configuration if php-fpm use UDS (default configuration use a network socket).

Upstream Changelog: 01 May 2014, PHP 5.5.12 Core :

- Fixed bug #61019 (Out of memory on command stream_get_contents). (Mike)

- Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace UNIX sockets). (Mike)

- Fixed bug #66182 (exit in stream filter produces segfault). (Mike)

- Fixed bug #66736 (fpassthru broken). (Mike)

- Fixed bug #67024 (getimagesize should recognize BMP files with negative height). (Gabor Buella)

- Fixed bug #67043 (substr_compare broke by previous change) (Tjerk)

cURL :

- Fixed bug #66562 (curl_exec returns differently than curl_multi_getcontent). (Freek Lijten)

Date :

- Fixed bug #66721 (__wakeup of DateTime segfaults when invalid object data is supplied). (Boro Sitnikovski)

Embed :

- Fixed bug #65715 (php5embed.lib isn't provided anymore).
(Anatol).

Fileinfo :

- Fixed bug #66987 (Memory corruption in fileinfo ext / bigendian). (Remi)

FPM :

- Fixed bug #66482 (unknown entry 'priority' in php-fpm.conf).

- Fixed bug #67060 (possible privilege escalation due to insecure default configuration). (CVE-2014-0185) (christian at hoffie dot info)

LDAP :

- Fixed issue with null bytes in LDAP bindings. (Matthew Daley)

mysqli :

- Fixed problem in mysqli_commit()/mysqli_rollback() with second parameter (extra comma) and third parameters (lack of escaping). (Andrey)

OpenSSL :

- Fix bug #66942 (memory leak in openssl_seal()). (Chuan Ma)

- Fix bug #66952 (memory leak in openssl_open()). (Chuan Ma)

SimpleXML :

- Fixed bug #66084 (simplexml_load_string() mangles empty node name) (Anatol)

SQLite :

- Fixed bug #66967 (Updated bundled libsqlite to 3.8.4.3).
(Anatol)

XSL :

- Fixed bug #53965 (<xsl:include> cannot find files with relative paths when loaded with 'file://'). (Anatol)

Apache2 Handler SAPI :

- Fixed Apache log issue caused by APR's lack of support for %zu (APR issue https://issues.apache.org/bugzilla/show_bug.cgi?id=56120 ). (Jeff Trawick)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1092815

https://bz.apache.org/bugzilla/show_bug.cgi?id=56120

http://www.nessus.org/u?d26f6ef2

Plugin Details

Severity: High

ID: 73880

File Name: fedora_2014-5960.nasl

Version: 1.9

Type: local

Agent: unix

Published: 5/6/2014

Updated: 1/11/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php, cpe:/o:fedoraproject:fedora:20

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/3/2014

Reference Information

CVE: CVE-2014-0185

BID: 67118

FEDORA: 2014-5960