home *** CD-ROM | disk | FTP | other *** search

---

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2004-068.nasl

< prev

next >

Wrap

Text File  |  2005-01-14  |  3KB  |  123 lines

---

1. #
2. # (C) Tenable Network Security
3. #
4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2004:068
5. #
6.  
7.  
8. if ( ! defined_func("bn_random") ) exit(0);
9. if(description)
10. {
11.  script_id(14167);
12.  script_version ("$Revision: 1.2 $");
13.  script_cve_id("CAN-2004-0594", "CAN-2004-0595");
14.  
15.  name["english"] = "MDKSA-2004:068: php";
16.  
17.  script_name(english:name["english"]);
18.  
19.  desc["english"] = "
20. The remote host is missing the patch for the advisory MDKSA-2004:068 (php).
21.  
22.  
23. Stefan Esser discovered a remotely exploitable vulnerability in PHP where a
24. remote attacker could trigger a memory_limit request termination in places where
25. an interruption is unsafe. This could be used to execute arbitrary code.
26. As well, Stefan Esser also found a vulnerability in the handling of allowed tags
27. within PHP's strip_tags() function. This could lead to a number of XSS issues on
28. sites that rely on strip_tags(); however, this only seems to affect the Internet
29. Explorer and Safari browsers.
30. The updated packages have been patched to correct the problem and all users are
31. encouraged to upgrade immediately.
32.  
33.  
34. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:068
35. Risk factor : High";
36.  
37.  
38.  
39.  script_description(english:desc["english"]);
40.  
41.  summary["english"] = "Check for the version of the php package";
42.  script_summary(english:summary["english"]);
43.  
44.  script_category(ACT_GATHER_INFO);
45.  
46.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
47.  family["english"] = "Mandrake Local Security Checks";
48.  script_family(english:family["english"]);
49.  
50.  script_dependencies("ssh_get_info.nasl");
51.  script_require_keys("Host/Mandrake/rpm-list");
52.  exit(0);
53. }
54.  
55. include("rpm.inc");
56. if ( rpm_check( reference:"libphp_common432-4.3.4-4.1.100mdk", release:"MDK10.0", yank:"mdk") )
57. {
58.  security_hole(0);
59.  exit(0);
60. }
61. if ( rpm_check( reference:"php-cgi-4.3.4-4.1.100mdk", release:"MDK10.0", yank:"mdk") )
62. {
63.  security_hole(0);
64.  exit(0);
65. }
66. if ( rpm_check( reference:"php-cli-4.3.4-4.1.100mdk", release:"MDK10.0", yank:"mdk") )
67. {
68.  security_hole(0);
69.  exit(0);
70. }
71. if ( rpm_check( reference:"php432-devel-4.3.4-4.1.100mdk", release:"MDK10.0", yank:"mdk") )
72. {
73.  security_hole(0);
74.  exit(0);
75. }
76. if ( rpm_check( reference:"libphp_common430-430-11.2.91mdk", release:"MDK9.1", yank:"mdk") )
77. {
78.  security_hole(0);
79.  exit(0);
80. }
81. if ( rpm_check( reference:"php-cgi-4.3.1-11.2.91mdk", release:"MDK9.1", yank:"mdk") )
82. {
83.  security_hole(0);
84.  exit(0);
85. }
86. if ( rpm_check( reference:"php-cli-4.3.1-11.2.91mdk", release:"MDK9.1", yank:"mdk") )
87. {
88.  security_hole(0);
89.  exit(0);
90. }
91. if ( rpm_check( reference:"php430-devel-430-11.2.91mdk", release:"MDK9.1", yank:"mdk") )
92. {
93.  security_hole(0);
94.  exit(0);
95. }
96. if ( rpm_check( reference:"libphp_common432-4.3.3-2.1.92mdk", release:"MDK9.2", yank:"mdk") )
97. {
98.  security_hole(0);
99.  exit(0);
100. }
101. if ( rpm_check( reference:"php-cgi-4.3.3-2.1.92mdk", release:"MDK9.2", yank:"mdk") )
102. {
103.  security_hole(0);
104.  exit(0);
105. }
106. if ( rpm_check( reference:"php-cli-4.3.3-2.1.92mdk", release:"MDK9.2", yank:"mdk") )
107. {
108.  security_hole(0);
109.  exit(0);
110. }
111. if ( rpm_check( reference:"php432-devel-4.3.3-2.1.92mdk", release:"MDK9.2", yank:"mdk") )
112. {
113.  security_hole(0);
114.  exit(0);
115. }
116. if (rpm_exists(rpm:"php-", release:"MDK10.0")
117.  || rpm_exists(rpm:"php-", release:"MDK9.1")
118.  || rpm_exists(rpm:"php-", release:"MDK9.2") )
119. {
120.  set_kb_item(name:"CAN-2004-0594", value:TRUE);
121.  set_kb_item(name:"CAN-2004-0595", value:TRUE);
122. }
123.