Language:
Severity: Critical
ID: 124275
File Name: ubuntu_USN-3953-1.nasl
Version: 1.8
Type: local
Agent: unix
Family: Ubuntu Local Security Checks
Published: 4/24/2019
Updated: 8/27/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Factor: Medium
Score: 6.0
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS Score Source: CVE-2019-11035
Risk Factor: Critical
Base Score: 9.1
Temporal Score: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CPE: p-cpe:/a:canonical:ubuntu_linux:php7.2-cgi, p-cpe:/a:canonical:ubuntu_linux:php7.2-xml, p-cpe:/a:canonical:ubuntu_linux:php7.2-gd, p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.0, p-cpe:/a:canonical:ubuntu_linux:php7.0-fpm, p-cpe:/a:canonical:ubuntu_linux:php7.0-enchant, p-cpe:/a:canonical:ubuntu_linux:php7.0-sybase, p-cpe:/a:canonical:ubuntu_linux:php7.0-pspell, p-cpe:/a:canonical:ubuntu_linux:php7.0-imap, p-cpe:/a:canonical:ubuntu_linux:php7.2-phpdbg, p-cpe:/a:canonical:ubuntu_linux:php7.0-sqlite3, cpe:/o:canonical:ubuntu_linux:16.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:php7.2-readline, p-cpe:/a:canonical:ubuntu_linux:php7.0-intl, p-cpe:/a:canonical:ubuntu_linux:php7.0-soap, p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.2, p-cpe:/a:canonical:ubuntu_linux:php7.0-dba, p-cpe:/a:canonical:ubuntu_linux:php7.0-interbase, p-cpe:/a:canonical:ubuntu_linux:php7.2-bz2, p-cpe:/a:canonical:ubuntu_linux:php7.0-recode, p-cpe:/a:canonical:ubuntu_linux:php7.0-curl, p-cpe:/a:canonical:ubuntu_linux:php7.0-cli, p-cpe:/a:canonical:ubuntu_linux:php7.0-xsl, p-cpe:/a:canonical:ubuntu_linux:php7.0-json, p-cpe:/a:canonical:ubuntu_linux:php7.2-pgsql, p-cpe:/a:canonical:ubuntu_linux:php7.0-odbc, p-cpe:/a:canonical:ubuntu_linux:php7.2-xsl, p-cpe:/a:canonical:ubuntu_linux:php7.0-dev, p-cpe:/a:canonical:ubuntu_linux:php7.0-pgsql, p-cpe:/a:canonical:ubuntu_linux:php7.2-snmp, p-cpe:/a:canonical:ubuntu_linux:php7.2-gmp, p-cpe:/a:canonical:ubuntu_linux:php7.2-dba, p-cpe:/a:canonical:ubuntu_linux:php7.0-xml, p-cpe:/a:canonical:ubuntu_linux:php7.0-cgi, p-cpe:/a:canonical:ubuntu_linux:php7.0-gmp, p-cpe:/a:canonical:ubuntu_linux:php7.2-xmlrpc, p-cpe:/a:canonical:ubuntu_linux:php7.2-dev, p-cpe:/a:canonical:ubuntu_linux:php7.2-json, p-cpe:/a:canonical:ubuntu_linux:php7.0-zip, p-cpe:/a:canonical:ubuntu_linux:php7.2-cli, p-cpe:/a:canonical:ubuntu_linux:php7.2-soap, p-cpe:/a:canonical:ubuntu_linux:php7.2-imap, p-cpe:/a:canonical:ubuntu_linux:php7.2-intl, p-cpe:/a:canonical:ubuntu_linux:php7.0-mbstring, p-cpe:/a:canonical:ubuntu_linux:php7.2-sqlite3, p-cpe:/a:canonical:ubuntu_linux:php7.2-recode, p-cpe:/a:canonical:ubuntu_linux:php7.0-gd, p-cpe:/a:canonical:ubuntu_linux:php7.2-tidy, p-cpe:/a:canonical:ubuntu_linux:php7.0-snmp, p-cpe:/a:canonical:ubuntu_linux:php7.0, p-cpe:/a:canonical:ubuntu_linux:php7.2-ldap, p-cpe:/a:canonical:ubuntu_linux:php7.2-fpm, p-cpe:/a:canonical:ubuntu_linux:php7.0-bcmath, p-cpe:/a:canonical:ubuntu_linux:php7.0-ldap, p-cpe:/a:canonical:ubuntu_linux:php7.0-mcrypt, p-cpe:/a:canonical:ubuntu_linux:php7.0-tidy, p-cpe:/a:canonical:ubuntu_linux:php7.2-mysql, p-cpe:/a:canonical:ubuntu_linux:php7.2-pspell, p-cpe:/a:canonical:ubuntu_linux:php7.2, p-cpe:/a:canonical:ubuntu_linux:php7.2-zip, p-cpe:/a:canonical:ubuntu_linux:php7.2-opcache, p-cpe:/a:canonical:ubuntu_linux:php7.2-odbc, p-cpe:/a:canonical:ubuntu_linux:php7.0-phpdbg, p-cpe:/a:canonical:ubuntu_linux:php7.2-sybase, p-cpe:/a:canonical:ubuntu_linux:php7.0-xmlrpc, cpe:/o:canonical:ubuntu_linux:18.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:php7.0-bz2, p-cpe:/a:canonical:ubuntu_linux:php7.2-enchant, p-cpe:/a:canonical:ubuntu_linux:php7.0-readline, p-cpe:/a:canonical:ubuntu_linux:php7.2-bcmath, p-cpe:/a:canonical:ubuntu_linux:php7.2-mbstring, p-cpe:/a:canonical:ubuntu_linux:php7.0-common, p-cpe:/a:canonical:ubuntu_linux:libphp7.0-embed, p-cpe:/a:canonical:ubuntu_linux:php7.0-opcache, p-cpe:/a:canonical:ubuntu_linux:php7.2-common, p-cpe:/a:canonical:ubuntu_linux:php7.0-mysql, p-cpe:/a:canonical:ubuntu_linux:libphp7.2-embed, p-cpe:/a:canonical:ubuntu_linux:php7.2-interbase, p-cpe:/a:canonical:ubuntu_linux:php7.2-curl
Required KB Items: Host/cpu, Host/Debian/dpkg-l, Host/Ubuntu, Host/Ubuntu/release
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/23/2019
Vulnerability Publication Date: 4/18/2019
CVE: CVE-2019-11034, CVE-2019-11035
USN: 3953-1