var-201607-0657
Vulnerability from variot

PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue. Web servers running in a CGI or CGI-like context may assign client request Proxy header values to internal HTTP_PROXY environment variables. This vulnerability can be leveraged to conduct man-in-the-middle (MITM) attacks on internal subrequests or to direct the server to initiate connections to arbitrary hosts. This vulnerability "httpoxy" Is called a problem. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. There is a security vulnerability in PHP 7.0.8 and earlier versions, the vulnerability stems from the fact that the program does not resolve namespace conflicts in RFC 3875 mode. The program does not properly handle data from untrusted client applications in the HTTP_PROXY environment variable. A remote attacker uses the specially crafted Proxy header message in the HTTP request to exploit this vulnerability to implement a man-in-the-middle attack, directing the server to send a connection to any host.

The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.24, which includes additional bug fixes. Please refer to the upstream changelog for more information:

https://php.net/ChangeLog-5.php#5.6.24

For the stable distribution (jessie), these problems have been fixed in version 5.6.24+dfsg-0+deb8u1.

For the unstable distribution (sid), these problems have been fixed in version 7.0.9-1 of the php7.0 source package.

We recommend that you upgrade your php5 packages.

Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/php-5.6.24-i586-1_slack14.2.txz: Upgraded. For more information, see: http://php.net/ChangeLog-5.php#5.6.24 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6207 ( Security fix ) +--------------------------+

Where to find the new packages: +-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.6.24-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.6.24-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.6.24-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.6.24-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/php-5.6.24-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/php-5.6.24-x86_64-1_slack14.2.txz

Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.24-i586-1.txz

Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.24-x86_64-1.txz

MD5 signatures: +-------------+

Slackware 14.0 package: 712cc177c9ac10f3d58e871ff27260dc php-5.6.24-i486-1_slack14.0.txz

Slackware x86_64 14.0 package: 47f6ad4a81517f5b2959abc73475742b php-5.6.24-x86_64-1_slack14.0.txz

Slackware 14.1 package: aea6a8869946186781e55c5ecec952b0 php-5.6.24-i486-1_slack14.1.txz

Slackware x86_64 14.1 package: ab16db742762605b9b219b37cdd7e8db php-5.6.24-x86_64-1_slack14.1.txz

Slackware 14.2 package: c88a731667e741443712267d9b30286a php-5.6.24-i586-1_slack14.2.txz

Slackware x86_64 14.2 package: ed5b31c94e2fb91f0e6c40051f51da1c php-5.6.24-x86_64-1_slack14.2.txz

Slackware -current package: c25a85fece34101d35b8785022cef94d n/php-5.6.24-i586-1.txz

Slackware x86_64 -current package: 17f8886fc0901cea6d593170ea00fe7b n/php-5.6.24-x86_64-1.txz

Installation instructions: +------------------------+

Upgrade the package as root:

upgradepkg php-5.6.24-i586-1_slack14.2.txz

Then, restart Apache httpd:

/etc/rc.d/rc.httpd stop

/etc/rc.d/rc.httpd start

+-----+

Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

===================================================================== Red Hat Security Advisory

Synopsis: Moderate: php security and bug fix update Advisory ID: RHSA-2016:1613-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1613.html Issue date: 2016-08-11 CVE Names: CVE-2016-5385 =====================================================================

  1. Summary:

An update for php is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

  1. (CVE-2016-5385)

Red Hat would like to thank Scott Geary (VendHQ) for reporting this issue.

Bug Fix(es):

  • Previously, an incorrect logic in the SAPI header callback routine caused that the callback counter was not incremented. Consequently, when a script included a header callback, it could terminate unexpectedly with a segmentation fault. With this update, the callback counter is properly managed, and scripts with a header callback implementation work as expected. (BZ#1346758)

  • Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

  1. Bugs fixed (https://bugzilla.redhat.com/):

1346758 - Segmentation fault while header_register_callback 1353794 - CVE-2016-5385 PHP: sets environmental variable based on user supplied Proxy request header

  1. Package List:

Red Hat Enterprise Linux Client Optional (v. 7):

Source: php-5.4.16-36.3.el7_2.src.rpm

x86_64: php-5.4.16-36.3.el7_2.x86_64.rpm php-bcmath-5.4.16-36.3.el7_2.x86_64.rpm php-cli-5.4.16-36.3.el7_2.x86_64.rpm php-common-5.4.16-36.3.el7_2.x86_64.rpm php-dba-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-devel-5.4.16-36.3.el7_2.x86_64.rpm php-embedded-5.4.16-36.3.el7_2.x86_64.rpm php-enchant-5.4.16-36.3.el7_2.x86_64.rpm php-fpm-5.4.16-36.3.el7_2.x86_64.rpm php-gd-5.4.16-36.3.el7_2.x86_64.rpm php-intl-5.4.16-36.3.el7_2.x86_64.rpm php-ldap-5.4.16-36.3.el7_2.x86_64.rpm php-mbstring-5.4.16-36.3.el7_2.x86_64.rpm php-mysql-5.4.16-36.3.el7_2.x86_64.rpm php-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm php-odbc-5.4.16-36.3.el7_2.x86_64.rpm php-pdo-5.4.16-36.3.el7_2.x86_64.rpm php-pgsql-5.4.16-36.3.el7_2.x86_64.rpm php-process-5.4.16-36.3.el7_2.x86_64.rpm php-pspell-5.4.16-36.3.el7_2.x86_64.rpm php-recode-5.4.16-36.3.el7_2.x86_64.rpm php-snmp-5.4.16-36.3.el7_2.x86_64.rpm php-soap-5.4.16-36.3.el7_2.x86_64.rpm php-xml-5.4.16-36.3.el7_2.x86_64.rpm php-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source: php-5.4.16-36.3.el7_2.src.rpm

x86_64: php-5.4.16-36.3.el7_2.x86_64.rpm php-bcmath-5.4.16-36.3.el7_2.x86_64.rpm php-cli-5.4.16-36.3.el7_2.x86_64.rpm php-common-5.4.16-36.3.el7_2.x86_64.rpm php-dba-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-devel-5.4.16-36.3.el7_2.x86_64.rpm php-embedded-5.4.16-36.3.el7_2.x86_64.rpm php-enchant-5.4.16-36.3.el7_2.x86_64.rpm php-fpm-5.4.16-36.3.el7_2.x86_64.rpm php-gd-5.4.16-36.3.el7_2.x86_64.rpm php-intl-5.4.16-36.3.el7_2.x86_64.rpm php-ldap-5.4.16-36.3.el7_2.x86_64.rpm php-mbstring-5.4.16-36.3.el7_2.x86_64.rpm php-mysql-5.4.16-36.3.el7_2.x86_64.rpm php-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm php-odbc-5.4.16-36.3.el7_2.x86_64.rpm php-pdo-5.4.16-36.3.el7_2.x86_64.rpm php-pgsql-5.4.16-36.3.el7_2.x86_64.rpm php-process-5.4.16-36.3.el7_2.x86_64.rpm php-pspell-5.4.16-36.3.el7_2.x86_64.rpm php-recode-5.4.16-36.3.el7_2.x86_64.rpm php-snmp-5.4.16-36.3.el7_2.x86_64.rpm php-soap-5.4.16-36.3.el7_2.x86_64.rpm php-xml-5.4.16-36.3.el7_2.x86_64.rpm php-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source: php-5.4.16-36.3.el7_2.src.rpm

ppc64: php-5.4.16-36.3.el7_2.ppc64.rpm php-cli-5.4.16-36.3.el7_2.ppc64.rpm php-common-5.4.16-36.3.el7_2.ppc64.rpm php-debuginfo-5.4.16-36.3.el7_2.ppc64.rpm php-gd-5.4.16-36.3.el7_2.ppc64.rpm php-ldap-5.4.16-36.3.el7_2.ppc64.rpm php-mysql-5.4.16-36.3.el7_2.ppc64.rpm php-odbc-5.4.16-36.3.el7_2.ppc64.rpm php-pdo-5.4.16-36.3.el7_2.ppc64.rpm php-pgsql-5.4.16-36.3.el7_2.ppc64.rpm php-process-5.4.16-36.3.el7_2.ppc64.rpm php-recode-5.4.16-36.3.el7_2.ppc64.rpm php-soap-5.4.16-36.3.el7_2.ppc64.rpm php-xml-5.4.16-36.3.el7_2.ppc64.rpm php-xmlrpc-5.4.16-36.3.el7_2.ppc64.rpm

ppc64le: php-5.4.16-36.3.el7_2.ppc64le.rpm php-cli-5.4.16-36.3.el7_2.ppc64le.rpm php-common-5.4.16-36.3.el7_2.ppc64le.rpm php-debuginfo-5.4.16-36.3.el7_2.ppc64le.rpm php-gd-5.4.16-36.3.el7_2.ppc64le.rpm php-ldap-5.4.16-36.3.el7_2.ppc64le.rpm php-mysql-5.4.16-36.3.el7_2.ppc64le.rpm php-odbc-5.4.16-36.3.el7_2.ppc64le.rpm php-pdo-5.4.16-36.3.el7_2.ppc64le.rpm php-pgsql-5.4.16-36.3.el7_2.ppc64le.rpm php-process-5.4.16-36.3.el7_2.ppc64le.rpm php-recode-5.4.16-36.3.el7_2.ppc64le.rpm php-soap-5.4.16-36.3.el7_2.ppc64le.rpm php-xml-5.4.16-36.3.el7_2.ppc64le.rpm php-xmlrpc-5.4.16-36.3.el7_2.ppc64le.rpm

s390x: php-5.4.16-36.3.el7_2.s390x.rpm php-cli-5.4.16-36.3.el7_2.s390x.rpm php-common-5.4.16-36.3.el7_2.s390x.rpm php-debuginfo-5.4.16-36.3.el7_2.s390x.rpm php-gd-5.4.16-36.3.el7_2.s390x.rpm php-ldap-5.4.16-36.3.el7_2.s390x.rpm php-mysql-5.4.16-36.3.el7_2.s390x.rpm php-odbc-5.4.16-36.3.el7_2.s390x.rpm php-pdo-5.4.16-36.3.el7_2.s390x.rpm php-pgsql-5.4.16-36.3.el7_2.s390x.rpm php-process-5.4.16-36.3.el7_2.s390x.rpm php-recode-5.4.16-36.3.el7_2.s390x.rpm php-soap-5.4.16-36.3.el7_2.s390x.rpm php-xml-5.4.16-36.3.el7_2.s390x.rpm php-xmlrpc-5.4.16-36.3.el7_2.s390x.rpm

x86_64: php-5.4.16-36.3.el7_2.x86_64.rpm php-cli-5.4.16-36.3.el7_2.x86_64.rpm php-common-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-gd-5.4.16-36.3.el7_2.x86_64.rpm php-ldap-5.4.16-36.3.el7_2.x86_64.rpm php-mysql-5.4.16-36.3.el7_2.x86_64.rpm php-odbc-5.4.16-36.3.el7_2.x86_64.rpm php-pdo-5.4.16-36.3.el7_2.x86_64.rpm php-pgsql-5.4.16-36.3.el7_2.x86_64.rpm php-process-5.4.16-36.3.el7_2.x86_64.rpm php-recode-5.4.16-36.3.el7_2.x86_64.rpm php-soap-5.4.16-36.3.el7_2.x86_64.rpm php-xml-5.4.16-36.3.el7_2.x86_64.rpm php-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64: php-bcmath-5.4.16-36.3.el7_2.ppc64.rpm php-dba-5.4.16-36.3.el7_2.ppc64.rpm php-debuginfo-5.4.16-36.3.el7_2.ppc64.rpm php-devel-5.4.16-36.3.el7_2.ppc64.rpm php-embedded-5.4.16-36.3.el7_2.ppc64.rpm php-enchant-5.4.16-36.3.el7_2.ppc64.rpm php-fpm-5.4.16-36.3.el7_2.ppc64.rpm php-intl-5.4.16-36.3.el7_2.ppc64.rpm php-mbstring-5.4.16-36.3.el7_2.ppc64.rpm php-mysqlnd-5.4.16-36.3.el7_2.ppc64.rpm php-pspell-5.4.16-36.3.el7_2.ppc64.rpm php-snmp-5.4.16-36.3.el7_2.ppc64.rpm

ppc64le: php-bcmath-5.4.16-36.3.el7_2.ppc64le.rpm php-dba-5.4.16-36.3.el7_2.ppc64le.rpm php-debuginfo-5.4.16-36.3.el7_2.ppc64le.rpm php-devel-5.4.16-36.3.el7_2.ppc64le.rpm php-embedded-5.4.16-36.3.el7_2.ppc64le.rpm php-enchant-5.4.16-36.3.el7_2.ppc64le.rpm php-fpm-5.4.16-36.3.el7_2.ppc64le.rpm php-intl-5.4.16-36.3.el7_2.ppc64le.rpm php-mbstring-5.4.16-36.3.el7_2.ppc64le.rpm php-mysqlnd-5.4.16-36.3.el7_2.ppc64le.rpm php-pspell-5.4.16-36.3.el7_2.ppc64le.rpm php-snmp-5.4.16-36.3.el7_2.ppc64le.rpm

s390x: php-bcmath-5.4.16-36.3.el7_2.s390x.rpm php-dba-5.4.16-36.3.el7_2.s390x.rpm php-debuginfo-5.4.16-36.3.el7_2.s390x.rpm php-devel-5.4.16-36.3.el7_2.s390x.rpm php-embedded-5.4.16-36.3.el7_2.s390x.rpm php-enchant-5.4.16-36.3.el7_2.s390x.rpm php-fpm-5.4.16-36.3.el7_2.s390x.rpm php-intl-5.4.16-36.3.el7_2.s390x.rpm php-mbstring-5.4.16-36.3.el7_2.s390x.rpm php-mysqlnd-5.4.16-36.3.el7_2.s390x.rpm php-pspell-5.4.16-36.3.el7_2.s390x.rpm php-snmp-5.4.16-36.3.el7_2.s390x.rpm

x86_64: php-bcmath-5.4.16-36.3.el7_2.x86_64.rpm php-dba-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-devel-5.4.16-36.3.el7_2.x86_64.rpm php-embedded-5.4.16-36.3.el7_2.x86_64.rpm php-enchant-5.4.16-36.3.el7_2.x86_64.rpm php-fpm-5.4.16-36.3.el7_2.x86_64.rpm php-intl-5.4.16-36.3.el7_2.x86_64.rpm php-mbstring-5.4.16-36.3.el7_2.x86_64.rpm php-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm php-pspell-5.4.16-36.3.el7_2.x86_64.rpm php-snmp-5.4.16-36.3.el7_2.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source: php-5.4.16-36.3.el7_2.src.rpm

x86_64: php-5.4.16-36.3.el7_2.x86_64.rpm php-cli-5.4.16-36.3.el7_2.x86_64.rpm php-common-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-gd-5.4.16-36.3.el7_2.x86_64.rpm php-ldap-5.4.16-36.3.el7_2.x86_64.rpm php-mysql-5.4.16-36.3.el7_2.x86_64.rpm php-odbc-5.4.16-36.3.el7_2.x86_64.rpm php-pdo-5.4.16-36.3.el7_2.x86_64.rpm php-pgsql-5.4.16-36.3.el7_2.x86_64.rpm php-process-5.4.16-36.3.el7_2.x86_64.rpm php-recode-5.4.16-36.3.el7_2.x86_64.rpm php-soap-5.4.16-36.3.el7_2.x86_64.rpm php-xml-5.4.16-36.3.el7_2.x86_64.rpm php-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64: php-bcmath-5.4.16-36.3.el7_2.x86_64.rpm php-dba-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-devel-5.4.16-36.3.el7_2.x86_64.rpm php-embedded-5.4.16-36.3.el7_2.x86_64.rpm php-enchant-5.4.16-36.3.el7_2.x86_64.rpm php-fpm-5.4.16-36.3.el7_2.x86_64.rpm php-intl-5.4.16-36.3.el7_2.x86_64.rpm php-mbstring-5.4.16-36.3.el7_2.x86_64.rpm php-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm php-pspell-5.4.16-36.3.el7_2.x86_64.rpm php-snmp-5.4.16-36.3.el7_2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iD8DBQFXrPgaXlSAg2UNWIIRAjn0AJ9+uobkj268+7awLhgQLyNGujzgkgCgp8+D ggdX4EUo7inKwJDZgGYrNok= =Zn6M -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================= Ubuntu Security Notice USN-3045-1 August 02, 2016

php5, php7.0 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in PHP.

Software Description: - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter

Details:

It was discovered that PHP incorrectly handled certain SplMinHeap::compar e operations. A remote attacker could use this issue to cause PHP to crash,

resulting in a denial of service, or possibly execute arbitrary code. Thi s issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-4116 )

It was discovered that PHP incorrectly handled recursive method calls. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8873)

It was discovered that PHP incorrectly validated certain Exception object s when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0 4 LTS. (CVE-2015-8876)

It was discovered that PHP header() function performed insufficient filtering for Internet Explorer. A remote attacker could possibly use thi s issue to perform a XSS attack. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8935)

It was discovered that PHP incorrectly handled certain locale operations.

An attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5093)

It was discovered that the PHP php_html_entities() function incorrectly handled certain string lengths. A remote attacker could use this issue to

cause PHP to crash, resulting in a denial of service, or possibly execute

arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0 4 LTS. (CVE-2016-5094, CVE-2016-5095)

It was discovered that the PHP fread() function incorrectly handled certa in lengths. An attacker could use this issue to cause PHP to crash, resultin g in a denial of service, or possibly execute arbitrary code. This issue on ly affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5096)

It was discovered that the PHP FastCGI Process Manager (FPM) SAPI incorrectly handled memory in the access logging feature. An attacker cou ld use this issue to cause PHP to crash, resulting in a denial of service, o r possibly expose sensitive information. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5114)

It was discovered that PHP would not protect applications from contents o f the HTTP_PROXY environment variable when based on the contents of the Pro xy header from HTTP requests. A remote attacker could possibly use this issu e in combination with scripts that honour the HTTP_PROXY variable to redire ct outgoing HTTP requests. (CVE-2016-5385)

Hans Jerry Illikainen discovered that the PHP bzread() function incorrect ly performed error handling. A remote attacker could use this issue to cause

PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-5399)

It was discovered that certain PHP multibyte string functions incorrectly

handled memory. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-5768)

It was discovered that the PHP Mcrypt extension incorrectly handled memor y. A remote attacker could use this issue to cause PHP to crash, resulting i n a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5769)

It was discovered that the PHP garbage collector incorrectly handled certain objects when unserializing malicious data. A remote attacker coul d use this issue to cause PHP to crash, resulting in a denial of service, o r possibly execute arbitrary code. This issue was only addressed in Ubuntu Ubuntu 14.04 LTS. (CVE-2016-5771, CVE-2016-5773)

It was discovered that PHP incorrectly handled memory when unserializing malicious xml data. A remote attacker could use this issue to cause PHP t o crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5772)

It was discovered that the PHP php_url_parse_ex() function incorrectly handled string termination. A remote attacker could use this issue to cau se PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0 4 LTS. (CVE-2016-6288)

It was discovered that PHP incorrectly handled path lengths when extracti ng certain Zip archives. A remote attacker could use this issue to cause PHP

to crash, resulting in a denial of service, or possibly execute arbitrary

code. (CVE-2016-6289)

It was discovered that PHP incorrectly handled session deserialization. A

remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6290)

It was discovered that PHP incorrectly handled exif headers when processi ng certain JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6291, CVE-2016-6292)

It was discovered that PHP incorrectly handled certain locale operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6294)

It was discovered that the PHP garbage collector incorrectly handled certain objects when unserializing SNMP data. A remote attacker could use

this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LT S and Ubuntu 16.04 LTS. (CVE-2016-6295)

It was discovered that the PHP xmlrpc_encode_request() function incorrect ly handled certain lengths. An attacker could use this issue to cause PHP to

crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6296)

It was discovered that the PHP php_stream_zip_opener() function incorrect ly handled memory. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6297)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS: libapache2-mod-php7.0 7.0.8-0ubuntu0.16.04.2 php7.0-cgi 7.0.8-0ubuntu0.16.04.2 php7.0-cli 7.0.8-0ubuntu0.16.04.2 php7.0-fpm 7.0.8-0ubuntu0.16.04.2

Ubuntu 14.04 LTS: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.19 php5-cgi 5.5.9+dfsg-1ubuntu4.19 php5-cli 5.5.9+dfsg-1ubuntu4.19 php5-fpm 5.5.9+dfsg-1ubuntu4.19

Ubuntu 12.04 LTS: libapache2-mod-php5 5.3.10-1ubuntu3.24 php5-cgi 5.3.10-1ubuntu3.24 php5-cli 5.3.10-1ubuntu3.24 php5-fpm 5.3.10-1ubuntu3.24

In general, a standard system update will make all the necessary changes.

References: http://www.ubuntu.com/usn/usn-3045-1 CVE-2015-4116, CVE-2015-8873, CVE-2015-8876, CVE-2015-8935, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096, CVE-2016-5114, CVE-2016-5385, CVE-2016-5399, CVE-2016-5768, CVE-2016-5769, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297

Package Information: https://launchpad.net/ubuntu/+source/php7.0/7.0.8-0ubuntu0.16.04.2 https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.19 https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.24

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05333297

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05333297 Version: 2

HPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface, Multiple Remote Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2017-01-14 Last Updated: 2017-01-13

Potential Security Impact: Remote: Denial of Service (DoS), Unauthorized Disclosure of Information

Source: Hewlett Packard Enterprise, Product Security Response Team

VULNERABILITY SUMMARY A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information or Denial of Service via the Ethernet Management Interface. Please note that the Management Interface cannot access data stored on tape media, so this vulnerability does not allow for remote unauthorized disclosure of data stored on tape media or remote denial of service.

References:

  • CVE-2016-5385 - PHP, HTTPoxy
  • CVE-2016-3074 - PHP
  • CVE-2013-7456 - PHP
  • CVE-2016-5093 - PHP
  • CVE-2016-5094 - PHP
  • CVE-2016-5096 - PHP
  • CVE-2016-5766 - PHP
  • CVE-2016-5767 - PHP
  • CVE-2016-5768 - PHP
  • CVE-2016-5769 - PHP
  • CVE-2016-5770 - PHP
  • CVE-2016-5771 - PHP
  • CVE-2016-5772 - PHP
  • CVE-2016-5773 - PHP
  • CVE-2016-6207 - GD Graphics Library
  • CVE-2016-6289 - PHP
  • CVE-2016-6290 - PHP
  • CVE-2016-6291 - PHP
  • CVE-2016-6292 - PHP
  • CVE-2016-6293 - PHP
  • CVE-2016-6294 - PHP
  • CVE-2016-6295 - PHP
  • CVE-2016-6296 - PHP
  • CVE-2016-6297 - PHP
  • CVE-2016-5399 - PHP

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

  • HP StoreEver MSL6480 Tape Library prior to 5.10

BACKGROUND

CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector

CVE-2013-7456
  7.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVE-2016-3074
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-5093
  8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-5094
  8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-5096
  8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-5385
  8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)

CVE-2016-5399
  8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)

CVE-2016-5766
  8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVE-2016-5767
  8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVE-2016-5768
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-5769
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-5770
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-5771
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-5772
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-5773
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-6207
  6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVE-2016-6289
  7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVE-2016-6290
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-6291
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-6292
  6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVE-2016-6293
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-6294
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-6295
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-6296
  9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE-2016-6297
  8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499

RESOLUTION

HPE has provided the following software update to resolve the vulnerabilities for the impacted versions of the HPE StoreEver MSL6480 Tape Library:

HISTORY

Version:1 (rev.1) - 15 November 2016 Initial release

Version:2 (rev.2) - 13 January 2017 Updating CVE list

Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.

Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com

Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice

Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive

Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX

Copyright 2016 Hewlett Packard Enterprise

Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0657",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "storeever msl6480 tape library",
        "scope": null,
        "trust": 1.6,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "7"
      },
      {
        "model": "drupal",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "drupal",
        "version": "8.1.7"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "24"
      },
      {
        "model": "php",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "php",
        "version": "5.5.0"
      },
      {
        "model": "leap",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "opensuse",
        "version": "42.1"
      },
      {
        "model": "php",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "php",
        "version": "5.6.24"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "23"
      },
      {
        "model": "communications user data repository",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.0.1"
      },
      {
        "model": "drupal",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "drupal",
        "version": "8.0.0"
      },
      {
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "6.0"
      },
      {
        "model": "php",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "php",
        "version": "5.6.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "8.0"
      },
      {
        "model": "communications user data repository",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.0.0"
      },
      {
        "model": "php",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "php",
        "version": "7.0.8"
      },
      {
        "model": "communications user data repository",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.0.0"
      },
      {
        "model": "enterprise manager ops center",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.2"
      },
      {
        "model": "enterprise linux workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "6.0"
      },
      {
        "model": "storeever msl6480 tape library",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "hp",
        "version": "5.09"
      },
      {
        "model": "system management homepage",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "hp",
        "version": "7.5.5.0"
      },
      {
        "model": "php",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "php",
        "version": "5.5.38"
      },
      {
        "model": "php",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "php",
        "version": "7.0.0"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "6.0"
      },
      {
        "model": "enterprise manager ops center",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.3.2"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apache http server",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "go programming language",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "haproxy",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hhvm",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "python",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "the php group",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "lighttpd",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "nginx",
        "version": null
      },
      {
        "model": "fedora",
        "scope": null,
        "trust": 0.8,
        "vendor": "fedora",
        "version": null
      },
      {
        "model": "php",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "the php group",
        "version": "7.0.8"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.8,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "system management homepage",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "enterprise edition v4.1 to  v6.5"
      },
      {
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "standard edition v4.1 to  v6.5"
      },
      {
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "standard-j edition v4.1 to  v6.5"
      },
      {
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "web edition v4.1 to  v6.5"
      },
      {
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "development environment  v6.1 to  v6.5"
      },
      {
        "model": "webotx application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "enterprise v8.2 to  v9.4"
      },
      {
        "model": "webotx application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "express v8.2 to  v9.4"
      },
      {
        "model": "webotx application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "foundation v8.2 to  v8.5"
      },
      {
        "model": "webotx application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "standard v8.2 to  v9.4"
      },
      {
        "model": "webotx application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "standard-j edition v7.1 to  v8.1"
      },
      {
        "model": "webotx application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "web edition v7.1 to  v8.1"
      },
      {
        "model": "webotx developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "\"(with developers studio) v8.2 to  v9.4\""
      },
      {
        "model": "webotx developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v7.1 to  v8.1"
      },
      {
        "model": "webotx enterprise service bus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v6.4 to  v9.3"
      },
      {
        "model": "webotx portal",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v8.2 to  v9.3"
      },
      {
        "model": "webotx sip application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "standard edition v7.1 to  v8.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "oracle",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#797896"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003800"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-538"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5385"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_user_data_repository:10.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_user_data_repository:12.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_user_data_repository:10.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hp:storeever_msl6480_tape_library_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "5.09",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:storeever_msl6480_tape_library:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.5.5.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.6.24",
                "versionStartIncluding": "5.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.5.38",
                "versionStartIncluding": "5.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0.8",
                "versionStartIncluding": "7.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.1.7",
                "versionStartIncluding": "8.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-5385"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Debian",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "138070"
      }
    ],
    "trust": 0.1
  },
  "cve": "CVE-2016-5385",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.1,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2016-5385",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "VHN-94204",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.2,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.1,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2016-5385",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-5385",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201607-538",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-94204",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2016-5385",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-94204"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-5385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003800"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-538"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5385"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application\u0027s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv(\u0027HTTP_PROXY\u0027) call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue. Web servers running in a CGI or CGI-like context may assign client request Proxy header values to internal HTTP_PROXY environment variables. This vulnerability can be leveraged to conduct man-in-the-middle (MITM) attacks on internal subrequests or to direct the server to initiate connections to arbitrary hosts. This vulnerability \"httpoxy\" Is called a problem. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. There is a security vulnerability in PHP 7.0.8 and earlier versions, the vulnerability stems from the fact that the program does not resolve namespace conflicts in RFC 3875 mode. The program does not properly handle data from untrusted client applications in the HTTP_PROXY environment variable. A remote attacker uses the specially crafted Proxy header message in the HTTP request to exploit this vulnerability to implement a man-in-the-middle attack, directing the server to send a connection to any host. \n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream\nversion 5.6.24, which includes additional bug fixes. Please refer to the\nupstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.6.24\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.24+dfsg-0+deb8u1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7.0.9-1 of the php7.0 source package. \n\nWe recommend that you upgrade your php5 packages. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/php-5.6.24-i586-1_slack14.2.txz:  Upgraded. \n  For more information, see:\n    http://php.net/ChangeLog-5.php#5.6.24\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6207\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.6.24-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.6.24-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.6.24-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.6.24-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/php-5.6.24-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/php-5.6.24-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.24-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.24-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\n712cc177c9ac10f3d58e871ff27260dc  php-5.6.24-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n47f6ad4a81517f5b2959abc73475742b  php-5.6.24-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\naea6a8869946186781e55c5ecec952b0  php-5.6.24-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\nab16db742762605b9b219b37cdd7e8db  php-5.6.24-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc88a731667e741443712267d9b30286a  php-5.6.24-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\ned5b31c94e2fb91f0e6c40051f51da1c  php-5.6.24-x86_64-1_slack14.2.txz\n\nSlackware -current package:\nc25a85fece34101d35b8785022cef94d  n/php-5.6.24-i586-1.txz\n\nSlackware x86_64 -current package:\n17f8886fc0901cea6d593170ea00fe7b  n/php-5.6.24-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg php-5.6.24-i586-1_slack14.2.txz\n\nThen, restart Apache httpd:\n# /etc/rc.d/rc.httpd stop\n# /etc/rc.d/rc.httpd start\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Moderate: php security and bug fix update\nAdvisory ID:       RHSA-2016:1613-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2016-1613.html\nIssue date:        2016-08-11\nCVE Names:         CVE-2016-5385 \n=====================================================================\n\n1. Summary:\n\nAn update for php is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. (CVE-2016-5385)\n\nRed Hat would like to thank Scott Geary (VendHQ) for reporting this issue. \n\nBug Fix(es):\n\n* Previously, an incorrect logic in the SAPI header callback routine caused\nthat the callback counter was not incremented. Consequently, when a script\nincluded a header callback, it could terminate unexpectedly with a\nsegmentation fault. With this update, the callback counter is properly\nmanaged, and scripts with a header callback implementation work as\nexpected. (BZ#1346758)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon must be restarted\nfor the update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1346758 - Segmentation fault while header_register_callback\n1353794 - CVE-2016-5385 PHP: sets environmental variable based on user supplied Proxy request header\n\n6. Package List:\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nSource:\nphp-5.4.16-36.3.el7_2.src.rpm\n\nx86_64:\nphp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-bcmath-5.4.16-36.3.el7_2.x86_64.rpm\nphp-cli-5.4.16-36.3.el7_2.x86_64.rpm\nphp-common-5.4.16-36.3.el7_2.x86_64.rpm\nphp-dba-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-devel-5.4.16-36.3.el7_2.x86_64.rpm\nphp-embedded-5.4.16-36.3.el7_2.x86_64.rpm\nphp-enchant-5.4.16-36.3.el7_2.x86_64.rpm\nphp-fpm-5.4.16-36.3.el7_2.x86_64.rpm\nphp-gd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-intl-5.4.16-36.3.el7_2.x86_64.rpm\nphp-ldap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mbstring-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-odbc-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pdo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pgsql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-process-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pspell-5.4.16-36.3.el7_2.x86_64.rpm\nphp-recode-5.4.16-36.3.el7_2.x86_64.rpm\nphp-snmp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-soap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xml-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nSource:\nphp-5.4.16-36.3.el7_2.src.rpm\n\nx86_64:\nphp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-bcmath-5.4.16-36.3.el7_2.x86_64.rpm\nphp-cli-5.4.16-36.3.el7_2.x86_64.rpm\nphp-common-5.4.16-36.3.el7_2.x86_64.rpm\nphp-dba-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-devel-5.4.16-36.3.el7_2.x86_64.rpm\nphp-embedded-5.4.16-36.3.el7_2.x86_64.rpm\nphp-enchant-5.4.16-36.3.el7_2.x86_64.rpm\nphp-fpm-5.4.16-36.3.el7_2.x86_64.rpm\nphp-gd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-intl-5.4.16-36.3.el7_2.x86_64.rpm\nphp-ldap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mbstring-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-odbc-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pdo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pgsql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-process-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pspell-5.4.16-36.3.el7_2.x86_64.rpm\nphp-recode-5.4.16-36.3.el7_2.x86_64.rpm\nphp-snmp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-soap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xml-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.3.el7_2.src.rpm\n\nppc64:\nphp-5.4.16-36.3.el7_2.ppc64.rpm\nphp-cli-5.4.16-36.3.el7_2.ppc64.rpm\nphp-common-5.4.16-36.3.el7_2.ppc64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.ppc64.rpm\nphp-gd-5.4.16-36.3.el7_2.ppc64.rpm\nphp-ldap-5.4.16-36.3.el7_2.ppc64.rpm\nphp-mysql-5.4.16-36.3.el7_2.ppc64.rpm\nphp-odbc-5.4.16-36.3.el7_2.ppc64.rpm\nphp-pdo-5.4.16-36.3.el7_2.ppc64.rpm\nphp-pgsql-5.4.16-36.3.el7_2.ppc64.rpm\nphp-process-5.4.16-36.3.el7_2.ppc64.rpm\nphp-recode-5.4.16-36.3.el7_2.ppc64.rpm\nphp-soap-5.4.16-36.3.el7_2.ppc64.rpm\nphp-xml-5.4.16-36.3.el7_2.ppc64.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.ppc64.rpm\n\nppc64le:\nphp-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-cli-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-common-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-gd-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-ldap-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-mysql-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-odbc-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-pdo-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-pgsql-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-process-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-recode-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-soap-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-xml-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.ppc64le.rpm\n\ns390x:\nphp-5.4.16-36.3.el7_2.s390x.rpm\nphp-cli-5.4.16-36.3.el7_2.s390x.rpm\nphp-common-5.4.16-36.3.el7_2.s390x.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.s390x.rpm\nphp-gd-5.4.16-36.3.el7_2.s390x.rpm\nphp-ldap-5.4.16-36.3.el7_2.s390x.rpm\nphp-mysql-5.4.16-36.3.el7_2.s390x.rpm\nphp-odbc-5.4.16-36.3.el7_2.s390x.rpm\nphp-pdo-5.4.16-36.3.el7_2.s390x.rpm\nphp-pgsql-5.4.16-36.3.el7_2.s390x.rpm\nphp-process-5.4.16-36.3.el7_2.s390x.rpm\nphp-recode-5.4.16-36.3.el7_2.s390x.rpm\nphp-soap-5.4.16-36.3.el7_2.s390x.rpm\nphp-xml-5.4.16-36.3.el7_2.s390x.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.s390x.rpm\n\nx86_64:\nphp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-cli-5.4.16-36.3.el7_2.x86_64.rpm\nphp-common-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-gd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-ldap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-odbc-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pdo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pgsql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-process-5.4.16-36.3.el7_2.x86_64.rpm\nphp-recode-5.4.16-36.3.el7_2.x86_64.rpm\nphp-soap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xml-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nphp-bcmath-5.4.16-36.3.el7_2.ppc64.rpm\nphp-dba-5.4.16-36.3.el7_2.ppc64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.ppc64.rpm\nphp-devel-5.4.16-36.3.el7_2.ppc64.rpm\nphp-embedded-5.4.16-36.3.el7_2.ppc64.rpm\nphp-enchant-5.4.16-36.3.el7_2.ppc64.rpm\nphp-fpm-5.4.16-36.3.el7_2.ppc64.rpm\nphp-intl-5.4.16-36.3.el7_2.ppc64.rpm\nphp-mbstring-5.4.16-36.3.el7_2.ppc64.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.ppc64.rpm\nphp-pspell-5.4.16-36.3.el7_2.ppc64.rpm\nphp-snmp-5.4.16-36.3.el7_2.ppc64.rpm\n\nppc64le:\nphp-bcmath-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-dba-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-devel-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-embedded-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-enchant-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-fpm-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-intl-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-mbstring-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-pspell-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-snmp-5.4.16-36.3.el7_2.ppc64le.rpm\n\ns390x:\nphp-bcmath-5.4.16-36.3.el7_2.s390x.rpm\nphp-dba-5.4.16-36.3.el7_2.s390x.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.s390x.rpm\nphp-devel-5.4.16-36.3.el7_2.s390x.rpm\nphp-embedded-5.4.16-36.3.el7_2.s390x.rpm\nphp-enchant-5.4.16-36.3.el7_2.s390x.rpm\nphp-fpm-5.4.16-36.3.el7_2.s390x.rpm\nphp-intl-5.4.16-36.3.el7_2.s390x.rpm\nphp-mbstring-5.4.16-36.3.el7_2.s390x.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.s390x.rpm\nphp-pspell-5.4.16-36.3.el7_2.s390x.rpm\nphp-snmp-5.4.16-36.3.el7_2.s390x.rpm\n\nx86_64:\nphp-bcmath-5.4.16-36.3.el7_2.x86_64.rpm\nphp-dba-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-devel-5.4.16-36.3.el7_2.x86_64.rpm\nphp-embedded-5.4.16-36.3.el7_2.x86_64.rpm\nphp-enchant-5.4.16-36.3.el7_2.x86_64.rpm\nphp-fpm-5.4.16-36.3.el7_2.x86_64.rpm\nphp-intl-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mbstring-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pspell-5.4.16-36.3.el7_2.x86_64.rpm\nphp-snmp-5.4.16-36.3.el7_2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nphp-5.4.16-36.3.el7_2.src.rpm\n\nx86_64:\nphp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-cli-5.4.16-36.3.el7_2.x86_64.rpm\nphp-common-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-gd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-ldap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-odbc-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pdo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pgsql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-process-5.4.16-36.3.el7_2.x86_64.rpm\nphp-recode-5.4.16-36.3.el7_2.x86_64.rpm\nphp-soap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xml-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nphp-bcmath-5.4.16-36.3.el7_2.x86_64.rpm\nphp-dba-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-devel-5.4.16-36.3.el7_2.x86_64.rpm\nphp-embedded-5.4.16-36.3.el7_2.x86_64.rpm\nphp-enchant-5.4.16-36.3.el7_2.x86_64.rpm\nphp-fpm-5.4.16-36.3.el7_2.x86_64.rpm\nphp-intl-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mbstring-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pspell-5.4.16-36.3.el7_2.x86_64.rpm\nphp-snmp-5.4.16-36.3.el7_2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXrPgaXlSAg2UNWIIRAjn0AJ9+uobkj268+7awLhgQLyNGujzgkgCgp8+D\nggdX4EUo7inKwJDZgGYrNok=\n=Zn6M\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n=========================================================================\nUbuntu Security Notice USN-3045-1\nAugust 02, 2016\n\nphp5, php7.0 vulnerabilities\n=========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in PHP. \n\nSoftware Description:\n- php7.0: HTML-embedded scripting language interpreter\n- php5: HTML-embedded scripting language interpreter\n\nDetails:\n\nIt was discovered that PHP incorrectly handled certain SplMinHeap::compar\ne\noperations. A remote attacker could use this issue to cause PHP to crash,\n\nresulting in a denial of service, or possibly execute arbitrary code. Thi\ns\nissue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-4116\n)\n\nIt was discovered that PHP incorrectly handled recursive method calls. A\nremote attacker could use this issue to cause PHP to crash, resulting in \na\ndenial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu\n14.04 LTS. (CVE-2015-8873)\n\nIt was discovered that PHP incorrectly validated certain Exception object\ns\nwhen unserializing data. A remote attacker could use this issue to cause\nPHP to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0\n4\nLTS. (CVE-2015-8876)\n\nIt was discovered that PHP header() function performed insufficient\nfiltering for Internet Explorer. A remote attacker could possibly use thi\ns\nissue to perform a XSS attack. This issue only affected Ubuntu 12.04 LTS\nand Ubuntu 14.04 LTS. (CVE-2015-8935)\n\nIt was discovered that PHP incorrectly handled certain locale operations. \n\nAn attacker could use this issue to cause PHP to crash, resulting in a\ndenial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu\n14.04 LTS. (CVE-2016-5093)\n\nIt was discovered that the PHP php_html_entities() function incorrectly\nhandled certain string lengths. A remote attacker could use this issue to\n\ncause PHP to crash, resulting in a denial of service, or possibly execute\n\narbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0\n4\nLTS. (CVE-2016-5094, CVE-2016-5095)\n\nIt was discovered that the PHP fread() function incorrectly handled certa\nin\nlengths. An attacker could use this issue to cause PHP to crash, resultin\ng\nin a denial of service, or possibly execute arbitrary code. This issue on\nly\naffected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5096)\n\nIt was discovered that the PHP FastCGI Process Manager (FPM) SAPI\nincorrectly handled memory in the access logging feature. An attacker cou\nld\nuse this issue to cause PHP to crash, resulting in a denial of service, o\nr\npossibly expose sensitive information. This issue only affected Ubuntu\n12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5114)\n\nIt was discovered that PHP would not protect applications from contents o\nf\nthe HTTP_PROXY environment variable when based on the contents of the Pro\nxy\nheader from HTTP requests. A remote attacker could possibly use this issu\ne\nin combination with scripts that honour the HTTP_PROXY variable to redire\nct\noutgoing HTTP requests. (CVE-2016-5385)\n\nHans Jerry Illikainen discovered that the PHP bzread() function incorrect\nly\nperformed error handling. A remote attacker could use this issue to cause\n\nPHP to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2016-5399)\n\nIt was discovered that certain PHP multibyte string functions incorrectly\n\nhandled memory. A remote attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-5768)\n\nIt was discovered that the PHP Mcrypt extension incorrectly handled memor\ny. \nA remote attacker could use this issue to cause PHP to crash, resulting i\nn\na denial of service, or possibly execute arbitrary code. This issue only\naffected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5769)\n\nIt was discovered that the PHP garbage collector incorrectly handled\ncertain objects when unserializing malicious data. A remote attacker coul\nd\nuse this issue to cause PHP to crash, resulting in a denial of service, o\nr\npossibly execute arbitrary code. This issue was only addressed in Ubuntu\nUbuntu 14.04 LTS. (CVE-2016-5771, CVE-2016-5773)\n\nIt was discovered that PHP incorrectly handled memory when unserializing\nmalicious xml data. A remote attacker could use this issue to cause PHP t\no\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. \n(CVE-2016-5772)\n\nIt was discovered that the PHP php_url_parse_ex() function incorrectly\nhandled string termination. A remote attacker could use this issue to cau\nse\nPHP to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0\n4\nLTS. (CVE-2016-6288)\n\nIt was discovered that PHP incorrectly handled path lengths when extracti\nng\ncertain Zip archives. A remote attacker could use this issue to cause PHP\n\nto crash, resulting in a denial of service, or possibly execute arbitrary\n\ncode. (CVE-2016-6289)\n\nIt was discovered that PHP incorrectly handled session deserialization. A\n\nremote attacker could use this issue to cause PHP to crash, resulting in \na\ndenial of service, or possibly execute arbitrary code. (CVE-2016-6290)\n\nIt was discovered that PHP incorrectly handled exif headers when processi\nng\ncertain JPEG images. A remote attacker could use this issue to cause PHP \nto\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-6291, CVE-2016-6292)\n\nIt was discovered that PHP incorrectly handled certain locale operations. \n A\nremote attacker could use this issue to cause PHP to crash, resulting in \na\ndenial of service, or possibly execute arbitrary code. (CVE-2016-6294)\n\nIt was discovered that the PHP garbage collector incorrectly handled\ncertain objects when unserializing SNMP data. A remote attacker could use\n\nthis issue to cause PHP to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 14.04 LT\nS\nand Ubuntu 16.04 LTS. (CVE-2016-6295)\n\nIt was discovered that the PHP xmlrpc_encode_request() function incorrect\nly\nhandled certain lengths. An attacker could use this issue to cause PHP to\n\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-6296)\n\nIt was discovered that the PHP php_stream_zip_opener() function incorrect\nly\nhandled memory. An attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code. \n(CVE-2016-6297)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n  libapache2-mod-php7.0           7.0.8-0ubuntu0.16.04.2\n  php7.0-cgi                      7.0.8-0ubuntu0.16.04.2\n  php7.0-cli                      7.0.8-0ubuntu0.16.04.2\n  php7.0-fpm                      7.0.8-0ubuntu0.16.04.2\n\nUbuntu 14.04 LTS:\n  libapache2-mod-php5             5.5.9+dfsg-1ubuntu4.19\n  php5-cgi                        5.5.9+dfsg-1ubuntu4.19\n  php5-cli                        5.5.9+dfsg-1ubuntu4.19\n  php5-fpm                        5.5.9+dfsg-1ubuntu4.19\n\nUbuntu 12.04 LTS:\n  libapache2-mod-php5             5.3.10-1ubuntu3.24\n  php5-cgi                        5.3.10-1ubuntu3.24\n  php5-cli                        5.3.10-1ubuntu3.24\n  php5-fpm                        5.3.10-1ubuntu3.24\n\nIn general, a standard system update will make all the necessary changes. \n\n\nReferences:\n  http://www.ubuntu.com/usn/usn-3045-1\n  CVE-2015-4116, CVE-2015-8873, CVE-2015-8876, CVE-2015-8935,\n  CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096,\n  CVE-2016-5114, CVE-2016-5385, CVE-2016-5399, CVE-2016-5768,\n  CVE-2016-5769, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773,\n  CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291,\n  CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296,\n  CVE-2016-6297\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/php7.0/7.0.8-0ubuntu0.16.04.2\n  https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.19\n  https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.24\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05333297\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05333297\nVersion: 2\n\nHPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface,\nMultiple Remote Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-01-14\nLast Updated: 2017-01-13\n\nPotential Security Impact: Remote: Denial of Service (DoS), Unauthorized\nDisclosure of Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nA security vulnerability in PHP was addressed by the HPE StoreEver MSL6480\nTape Library firmware version 5.10. The vulnerability could be exploited\nremotely to allow Unauthorized Disclosure of Information or Denial of Service\nvia the Ethernet Management Interface.  Please note that the Management\nInterface cannot access data stored on tape media, so this vulnerability does\nnot allow for remote unauthorized disclosure of data stored on tape media or\nremote denial of service. \n\nReferences:\n\n  - CVE-2016-5385 - PHP, HTTPoxy\n  - CVE-2016-3074 - PHP\n  - CVE-2013-7456 - PHP\n  - CVE-2016-5093 - PHP\n  - CVE-2016-5094 - PHP\n  - CVE-2016-5096 - PHP\n  - CVE-2016-5766 - PHP\n  - CVE-2016-5767 - PHP\n  - CVE-2016-5768 - PHP\n  - CVE-2016-5769 - PHP\n  - CVE-2016-5770 - PHP\n  - CVE-2016-5771 - PHP\n  - CVE-2016-5772 - PHP\n  - CVE-2016-5773 - PHP\n  - CVE-2016-6207 - GD Graphics Library\n  - CVE-2016-6289 - PHP\n  - CVE-2016-6290 - PHP\n  - CVE-2016-6291 - PHP\n  - CVE-2016-6292 - PHP\n  - CVE-2016-6293 - PHP\n  - CVE-2016-6294 - PHP\n  - CVE-2016-6295 - PHP\n  - CVE-2016-6296 - PHP\n  - CVE-2016-6297 - PHP\n  - CVE-2016-5399 - PHP\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n  - HP StoreEver MSL6480 Tape Library prior to 5.10\n\nBACKGROUND\n\n  CVSS Base Metrics\n  =================\n  Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n    CVE-2013-7456\n      7.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H\n      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-3074\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5093\n      8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5094\n      8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5096\n      8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5385\n      8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\n      5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5399\n      8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\n      5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5766\n      8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5767\n      8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5768\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5769\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5770\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5771\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5772\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5773\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6207\n      6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\n      4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n    CVE-2016-6289\n      7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6290\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6291\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6292\n      6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\n      4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n    CVE-2016-6293\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6294\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6295\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6296\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6297\n      8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n    Information on CVSS is documented in\n    HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has provided the following software update to resolve the vulnerabilities\nfor the impacted versions of the HPE StoreEver MSL6480 Tape Library:\n\n * \u003chttp://www.hpe.com/support/msl6480\u003e\n\nHISTORY\n\nVersion:1 (rev.1) - 15 November 2016 Initial release\n\nVersion:2 (rev.2) - 13 January 2017 Updating CVE list\n\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n  Web form: https://www.hpe.com/info/report-security-vulnerability\n  Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-5385"
      },
      {
        "db": "CERT/CC",
        "id": "VU#797896"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003800"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94204"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-5385"
      },
      {
        "db": "PACKETSTORM",
        "id": "138070"
      },
      {
        "db": "PACKETSTORM",
        "id": "138014"
      },
      {
        "db": "PACKETSTORM",
        "id": "138299"
      },
      {
        "db": "PACKETSTORM",
        "id": "138136"
      },
      {
        "db": "PACKETSTORM",
        "id": "140515"
      }
    ],
    "trust": 2.97
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-94204",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-94204"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#797896",
        "trust": 3.4
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5385",
        "trust": 3.1
      },
      {
        "db": "BID",
        "id": "91821",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1036335",
        "trust": 1.8
      },
      {
        "db": "JVN",
        "id": "JVNVU91485132",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003800",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-538",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "138299",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "138014",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "138070",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "138295",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "143933",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138298",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "139744",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138297",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138296",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-94204",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-5385",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138136",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "140515",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#797896"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94204"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-5385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003800"
      },
      {
        "db": "PACKETSTORM",
        "id": "138070"
      },
      {
        "db": "PACKETSTORM",
        "id": "138014"
      },
      {
        "db": "PACKETSTORM",
        "id": "138299"
      },
      {
        "db": "PACKETSTORM",
        "id": "138136"
      },
      {
        "db": "PACKETSTORM",
        "id": "140515"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-538"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5385"
      }
    ]
  },
  "id": "VAR-201607-0657",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-94204"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-07-23T20:03:59.307000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "FEDORA-2016-4e7db3d437",
        "trust": 0.8,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/kzoiuyzdbwnddhc6xtolzyrmrxzwtjcp/"
      },
      {
        "title": "FEDORA-2016-8eb11666aa",
        "trust": 0.8,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7rmyxavnyl2mobjtfate73tovoezyc5r/"
      },
      {
        "title": "FEDORA-2016-9c8cf5912c",
        "trust": 0.8,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/gxfeimzpsvgzqqayiq7u7dfvx3ibsdlf/"
      },
      {
        "title": "HPSBMU03653",
        "trust": 0.8,
        "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05320149"
      },
      {
        "title": "HPSBST03671",
        "trust": 0.8,
        "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05333297"
      },
      {
        "title": "NV16-020",
        "trust": 0.8,
        "url": "http://jpn.nec.com/security-info/secinfo/nv16-020.html"
      },
      {
        "title": "Oracle Linux Bulletin - July 2016",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
      },
      {
        "title": "Bug 1353794",
        "trust": 0.8,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794"
      },
      {
        "title": "RHSA-2016:1609",
        "trust": 0.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1609.html"
      },
      {
        "title": "RHSA-2016:1610",
        "trust": 0.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1610.html"
      },
      {
        "title": "RHSA-2016:1611",
        "trust": 0.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1611.html"
      },
      {
        "title": "RHSA-2016:1612",
        "trust": 0.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1612.html"
      },
      {
        "title": "RHSA-2016:1613",
        "trust": 0.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1613.html"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://php.net/"
      },
      {
        "title": "TLSA-2016-19",
        "trust": 0.8,
        "url": "http://www.turbolinux.co.jp/security/2016/tlsa-2016-19j.html"
      },
      {
        "title": "PHP CGI Web server httpoxy Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=62998"
      },
      {
        "title": "The Register",
        "trust": 0.2,
        "url": "https://www.theregister.co.uk/2016/07/18/httpoxy_hole/"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2016-728",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-728"
      },
      {
        "title": "Ubuntu Security Notice: php5, php7.0 vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3045-1"
      },
      {
        "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a22ad41e97bbfc5abb0bb927bf43089c"
      },
      {
        "title": "Forcepoint Security Advisories: HTTPoxy CGI HTTP_PROXY Variable Multiple Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=47734ce563632c9864b0b698ae37ddf9"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
      },
      {
        "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=0bd8c924b56aac98dda0f5b45f425f38"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
      },
      {
        "title": "bach",
        "trust": 0.1,
        "url": "https://github.com/sonatype-nexus-community/bach "
      },
      {
        "title": "bach",
        "trust": 0.1,
        "url": "https://github.com/ossindex/bach "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2016-5385 "
      },
      {
        "title": "jbot",
        "trust": 0.1,
        "url": "https://github.com/jschauma/jbot "
      },
      {
        "title": "CVE-2016-5385",
        "trust": 0.1,
        "url": "https://github.com/aipocai/cve-2016-5385 "
      },
      {
        "title": "nginx-proxy",
        "trust": 0.1,
        "url": "https://github.com/chaplean/nginx-proxy "
      },
      {
        "title": "nginx-proxy2",
        "trust": 0.1,
        "url": "https://github.com/corzel/nginx-proxy2 "
      },
      {
        "title": "Test",
        "trust": 0.1,
        "url": "https://github.com/abhinav4git/test "
      },
      {
        "title": "nginx-proxy",
        "trust": 0.1,
        "url": "https://github.com/jwilder/nginx-proxy "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/gloveofgames/hehe "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/jquepi/nginx-proxy-2 "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/lemonhope-mz/replica_nginx-proxy "
      },
      {
        "title": "reto-ejercicio1",
        "trust": 0.1,
        "url": "https://github.com/quiriancordova/reto-ejercicio1 "
      },
      {
        "title": "nginx",
        "trust": 0.1,
        "url": "https://github.com/ratika-web/nginx "
      },
      {
        "title": "docker-nginx-proxy",
        "trust": 0.1,
        "url": "https://github.com/codekoalas/docker-nginx-proxy "
      },
      {
        "title": "jwilder-nginx-proxy",
        "trust": 0.1,
        "url": "https://github.com/linguamerica/jwilder-nginx-proxy "
      },
      {
        "title": "nginx-proxy",
        "trust": 0.1,
        "url": "https://github.com/abhi1693/nginx-proxy "
      },
      {
        "title": "DockerProject",
        "trust": 0.1,
        "url": "https://github.com/antoinechab/dockerproject "
      },
      {
        "title": "plonevhost",
        "trust": 0.1,
        "url": "https://github.com/alteroo/plonevhost "
      },
      {
        "title": "nginx-proxy-docker-image-builder",
        "trust": 0.1,
        "url": "https://github.com/expoli/nginx-proxy-docker-image-builder "
      },
      {
        "title": "reto-ejercicio3",
        "trust": 0.1,
        "url": "https://github.com/quiriancordova/reto-ejercicio3 "
      },
      {
        "title": "nginx",
        "trust": 0.1,
        "url": "https://github.com/isaiahweeks/nginx "
      },
      {
        "title": "docker-dev-tools-proxy",
        "trust": 0.1,
        "url": "https://github.com/antimatter-studios/docker-dev-tools-proxy "
      },
      {
        "title": "nginx-proxy",
        "trust": 0.1,
        "url": "https://github.com/nginx-proxy/nginx-proxy "
      },
      {
        "title": "nginx-proxy",
        "trust": 0.1,
        "url": "https://github.com/bfirestone/nginx-proxy "
      },
      {
        "title": "nginx-oidc-proxy",
        "trust": 0.1,
        "url": "https://github.com/garnser/nginx-oidc-proxy "
      },
      {
        "title": "nginx-proxy",
        "trust": 0.1,
        "url": "https://github.com/vitasl/nginx-proxy "
      },
      {
        "title": "nginx-proxy-docker-image-builder",
        "trust": 0.1,
        "url": "https://github.com/expoli/nginx-proxy-docker-image "
      },
      {
        "title": "docker-proxy",
        "trust": 0.1,
        "url": "https://github.com/antimatter-studios/docker-proxy "
      },
      {
        "title": "nginx-proxy",
        "trust": 0.1,
        "url": "https://github.com/junkl-solbox/nginx-proxy "
      },
      {
        "title": "nginxProxy",
        "trust": 0.1,
        "url": "https://github.com/moewsystem/nginxproxy "
      },
      {
        "title": "kube-active-proxy",
        "trust": 0.1,
        "url": "https://github.com/adi90x/kube-active-proxy "
      },
      {
        "title": "nginx-proxy",
        "trust": 0.1,
        "url": "https://github.com/antimatter-studios/nginx-proxy "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/6d617274696e73/nginx-waf-proxy "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/mikediamanto/nginx-proxy "
      },
      {
        "title": "rancher-active-proxy",
        "trust": 0.1,
        "url": "https://github.com/adi90x/rancher-active-proxy "
      },
      {
        "title": "algm-php-vulnerability-checker",
        "trust": 0.1,
        "url": "https://github.com/timclifford/algm-php-vulnerability-checker "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/t0m4too/t0m4to "
      },
      {
        "title": "github_aquasecurity_trivy",
        "trust": 0.1,
        "url": "https://github.com/back8/github_aquasecurity_trivy "
      },
      {
        "title": "TrivyWeb",
        "trust": 0.1,
        "url": "https://github.com/korayagaya/trivyweb "
      },
      {
        "title": "Vulnerability-Scanner-for-Containers",
        "trust": 0.1,
        "url": "https://github.com/t31m0/vulnerability-scanner-for-containers "
      },
      {
        "title": "security",
        "trust": 0.1,
        "url": "https://github.com/umahari/security "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/mohzeela/external-secret "
      },
      {
        "title": "trivy",
        "trust": 0.1,
        "url": "https://github.com/simiyo/trivy "
      },
      {
        "title": "trivy",
        "trust": 0.1,
        "url": "https://github.com/aquasecurity/trivy "
      },
      {
        "title": "trivy",
        "trust": 0.1,
        "url": "https://github.com/knqyf263/trivy "
      },
      {
        "title": "trivy",
        "trust": 0.1,
        "url": "https://github.com/siddharthraopotukuchi/trivy "
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/cgi-script-vulnerability-httpoxy-allows-man-in-the-middle-attacks/119345/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2016-5385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003800"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-538"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-601",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-284",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-94204"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003800"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5385"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.7,
        "url": "http://www.kb.cert.org/vuls/id/797896"
      },
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/91821"
      },
      {
        "trust": 2.4,
        "url": "http://www.debian.org/security/2016/dsa-3631"
      },
      {
        "trust": 2.0,
        "url": "https://httpoxy.org/"
      },
      {
        "trust": 1.9,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1613.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.securitytracker.com/id/1036335"
      },
      {
        "trust": 1.8,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/kzoiuyzdbwnddhc6xtolzyrmrxzwtjcp/"
      },
      {
        "trust": 1.8,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7rmyxavnyl2mobjtfate73tovoezyc5r/"
      },
      {
        "trust": 1.8,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/gxfeimzpsvgzqqayiq7u7dfvx3ibsdlf/"
      },
      {
        "trust": 1.8,
        "url": "https://security.gentoo.org/glsa/201611-22"
      },
      {
        "trust": 1.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1609.html"
      },
      {
        "trust": 1.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1610.html"
      },
      {
        "trust": 1.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1611.html"
      },
      {
        "trust": 1.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1612.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
      },
      {
        "trust": 1.8,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794"
      },
      {
        "trust": 1.8,
        "url": "https://github.com/guzzle/guzzle/releases/tag/6.2.1"
      },
      {
        "trust": 1.8,
        "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05320149"
      },
      {
        "trust": 1.8,
        "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05333297"
      },
      {
        "trust": 1.8,
        "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722"
      },
      {
        "trust": 1.8,
        "url": "https://www.drupal.org/sa-core-2016-003"
      },
      {
        "trust": 1.8,
        "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
      },
      {
        "trust": 1.7,
        "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03770en_us"
      },
      {
        "trust": 1.6,
        "url": "https://www.apache.org/security/asf-httpoxy-response.txt"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5385"
      },
      {
        "trust": 0.8,
        "url": "https://tools.ietf.org/html/rfc3875"
      },
      {
        "trust": 0.8,
        "url": "https://httpoxy.org"
      },
      {
        "trust": 0.8,
        "url": "https://cwe.mitre.org/data/definitions/807.html"
      },
      {
        "trust": 0.8,
        "url": "https://cwe.mitre.org/data/definitions/454.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu91485132"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5385"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/cve/cve-2016-5385"
      },
      {
        "trust": 0.6,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7rmyxavnyl2mobjtfate73tovoezyc5r/"
      },
      {
        "trust": 0.6,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/gxfeimzpsvgzqqayiq7u7dfvx3ibsdlf/"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/errata/rhsa-2016:1613"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/errata/rhsa-2016:1612"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/errata/rhsa-2016:1611"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/errata/rhsa-2016:1610"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/errata/rhsa-2016:1609"
      },
      {
        "trust": 0.6,
        "url": "httpoxy.org/"
      },
      {
        "trust": 0.6,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/kzoiuyzdbwnddhc6xtolzyrmrxzwtjcp/"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5385"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5399"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6294"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6289"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6297"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6291"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6292"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6295"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6296"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6290"
      },
      {
        "trust": 0.2,
        "url": "https://php.net/changelog-5.php#5.6.24"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6207"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5093"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5772"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5771"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5768"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5094"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5769"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5773"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5096"
      },
      {
        "trust": 0.1,
        "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03770en_us"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/601.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/sonatype-nexus-community/bach"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "http://slackware.com"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6207"
      },
      {
        "trust": 0.1,
        "url": "http://osuosl.org)"
      },
      {
        "trust": 0.1,
        "url": "http://slackware.com/gpg-key"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.1,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.24"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6288"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/php7.0/7.0.8-0ubuntu0.16.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8935"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5114"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4116"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8876"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.19"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5095"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8873"
      },
      {
        "trust": 0.1,
        "url": "http://www.ubuntu.com/usn/usn-3045-1"
      },
      {
        "trust": 0.1,
        "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05333297"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-7456"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5770"
      },
      {
        "trust": 0.1,
        "url": "http://www.hpe.com/support/security_bulletin_archive"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-3074"
      },
      {
        "trust": 0.1,
        "url": "http://www.hpe.com/support/subscriber_choice"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5767"
      },
      {
        "trust": 0.1,
        "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6293"
      },
      {
        "trust": 0.1,
        "url": "https://www.hpe.com/info/report-security-vulnerability"
      },
      {
        "trust": 0.1,
        "url": "http://www.hpe.com/support/msl6480\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5766"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#797896"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94204"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-5385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003800"
      },
      {
        "db": "PACKETSTORM",
        "id": "138070"
      },
      {
        "db": "PACKETSTORM",
        "id": "138014"
      },
      {
        "db": "PACKETSTORM",
        "id": "138299"
      },
      {
        "db": "PACKETSTORM",
        "id": "138136"
      },
      {
        "db": "PACKETSTORM",
        "id": "140515"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-538"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5385"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#797896"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94204"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-5385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003800"
      },
      {
        "db": "PACKETSTORM",
        "id": "138070"
      },
      {
        "db": "PACKETSTORM",
        "id": "138014"
      },
      {
        "db": "PACKETSTORM",
        "id": "138299"
      },
      {
        "db": "PACKETSTORM",
        "id": "138136"
      },
      {
        "db": "PACKETSTORM",
        "id": "140515"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-538"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5385"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-18T00:00:00",
        "db": "CERT/CC",
        "id": "VU#797896"
      },
      {
        "date": "2016-07-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-94204"
      },
      {
        "date": "2016-07-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-5385"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003800"
      },
      {
        "date": "2016-07-27T14:25:39",
        "db": "PACKETSTORM",
        "id": "138070"
      },
      {
        "date": "2016-07-22T22:42:48",
        "db": "PACKETSTORM",
        "id": "138014"
      },
      {
        "date": "2016-08-12T18:03:29",
        "db": "PACKETSTORM",
        "id": "138299"
      },
      {
        "date": "2016-08-02T22:59:53",
        "db": "PACKETSTORM",
        "id": "138136"
      },
      {
        "date": "2017-01-15T23:24:00",
        "db": "PACKETSTORM",
        "id": "140515"
      },
      {
        "date": "2016-07-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-538"
      },
      {
        "date": "2016-07-19T02:00:17.773000",
        "db": "NVD",
        "id": "CVE-2016-5385"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-19T00:00:00",
        "db": "CERT/CC",
        "id": "VU#797896"
      },
      {
        "date": "2023-02-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-94204"
      },
      {
        "date": "2023-02-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-5385"
      },
      {
        "date": "2016-12-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003800"
      },
      {
        "date": "2023-04-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-538"
      },
      {
        "date": "2023-02-12T23:23:28.023000",
        "db": "NVD",
        "id": "CVE-2016-5385"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "138299"
      },
      {
        "db": "PACKETSTORM",
        "id": "138136"
      },
      {
        "db": "PACKETSTORM",
        "id": "140515"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-538"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#797896"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-538"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.