FreeBSD : php -- multiple vulnerabilities (6b771fe2-b84e-11e5-92f9-485d605f4717)

High Nessus Plugin ID 87854


The remote FreeBSD host is missing one or more security-related updates.


PHP reports :

- Core :

- Fixed bug #70755 (fpm_log.c memory leak and buffer overflow).

- GD :

- Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index Out of Bounds).

- SOAP :

- Fixed bug #70900 (SoapClient systematic out of memory error).

- Wddx

- Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).

- Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion Vulnerability).


- Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()).


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 87854

File Name: freebsd_pkg_6b771fe2b84e11e592f9485d605f4717.nasl

Version: $Revision: 2.1 $

Type: local

Published: 2016/01/12

Modified: 2016/01/12

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:php55, p-cpe:/a:freebsd:freebsd:php55-gd, p-cpe:/a:freebsd:freebsd:php55-wddx, p-cpe:/a:freebsd:freebsd:php55-xmlrpc, p-cpe:/a:freebsd:freebsd:php56, p-cpe:/a:freebsd:freebsd:php56-gd, p-cpe:/a:freebsd:freebsd:php56-soap, p-cpe:/a:freebsd:freebsd:php56-wddx, p-cpe:/a:freebsd:freebsd:php56-xmlrpc, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2016/01/11

Vulnerability Publication Date: 2016/01/07