Language:
https://bugzilla.suse.com/show_bug.cgi?id=1117107
Severity: High
ID: 119455
File Name: suse_SU-2018-3986-1.nasl
Version: 1.7
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/6/2018
Updated: 7/17/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Factor: High
Score: 8.4
Risk Factor: High
Base Score: 8.5
Temporal Score: 7
Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2018-19518
Risk Factor: High
Base Score: 7.5
Temporal Score: 7
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
CPE: p-cpe:/a:novell:suse_linux:php53-pdo, p-cpe:/a:novell:suse_linux:php53-suhosin, p-cpe:/a:novell:suse_linux:php53-ctype, p-cpe:/a:novell:suse_linux:php53-iconv, p-cpe:/a:novell:suse_linux:php53-mysql, p-cpe:/a:novell:suse_linux:php53-snmp, p-cpe:/a:novell:suse_linux:php53-intl, p-cpe:/a:novell:suse_linux:php53-bcmath, p-cpe:/a:novell:suse_linux:php53-bz2, p-cpe:/a:novell:suse_linux:php53-shmop, p-cpe:/a:novell:suse_linux:php53-exif, p-cpe:/a:novell:suse_linux:php53-pcntl, p-cpe:/a:novell:suse_linux:php53, p-cpe:/a:novell:suse_linux:php53-mbstring, p-cpe:/a:novell:suse_linux:php53-gettext, p-cpe:/a:novell:suse_linux:php53-json, p-cpe:/a:novell:suse_linux:php53-pgsql, p-cpe:/a:novell:suse_linux:php53-mcrypt, p-cpe:/a:novell:suse_linux:php53-pspell, p-cpe:/a:novell:suse_linux:php53-xmlreader, p-cpe:/a:novell:suse_linux:php53-xmlrpc, p-cpe:/a:novell:suse_linux:php53-xmlwriter, p-cpe:/a:novell:suse_linux:php53-wddx, p-cpe:/a:novell:suse_linux:php53-curl, p-cpe:/a:novell:suse_linux:php53-fastcgi, p-cpe:/a:novell:suse_linux:php53-gd, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:php53-fileinfo, p-cpe:/a:novell:suse_linux:php53-zip, p-cpe:/a:novell:suse_linux:apache2-mod_php53, p-cpe:/a:novell:suse_linux:php53-sysvshm, p-cpe:/a:novell:suse_linux:php53-sysvsem, p-cpe:/a:novell:suse_linux:php53-pear, p-cpe:/a:novell:suse_linux:php53-zlib, p-cpe:/a:novell:suse_linux:php53-dba, p-cpe:/a:novell:suse_linux:php53-odbc, p-cpe:/a:novell:suse_linux:php53-calendar, p-cpe:/a:novell:suse_linux:php53-tokenizer, p-cpe:/a:novell:suse_linux:php53-ftp, p-cpe:/a:novell:suse_linux:php53-gmp, p-cpe:/a:novell:suse_linux:php53-openssl, p-cpe:/a:novell:suse_linux:php53-soap, p-cpe:/a:novell:suse_linux:php53-ldap, p-cpe:/a:novell:suse_linux:php53-xsl, p-cpe:/a:novell:suse_linux:php53-dom, p-cpe:/a:novell:suse_linux:php53-sysvmsg
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/5/2018
Vulnerability Publication Date: 11/25/2018
Metasploit (php imap_open Remote Code Execution)
CVE: CVE-2018-19518