Language:
Severity: High
ID: 81829
File Name: ala_ALAS-2015-493.nasl
Version: 1.8
Type: local
Agent: unix
Published: 3/17/2015
Updated: 4/18/2018
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus
Risk Factor: High
Score: 8.9
Risk Factor: High
Base Score: 7.6
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
CPE: p-cpe:/a:amazon:linux:php54-mysql, p-cpe:/a:amazon:linux:php54-mcrypt, p-cpe:/a:amazon:linux:php54-common, p-cpe:/a:amazon:linux:php54-devel, p-cpe:/a:amazon:linux:php54-imap, p-cpe:/a:amazon:linux:php54-xmlrpc, p-cpe:/a:amazon:linux:php54-embedded, p-cpe:/a:amazon:linux:php54-tidy, cpe:/o:amazon:linux, p-cpe:/a:amazon:linux:php54-fpm, p-cpe:/a:amazon:linux:php54-soap, p-cpe:/a:amazon:linux:php54-intl, p-cpe:/a:amazon:linux:php54-pspell, p-cpe:/a:amazon:linux:php54-ldap, p-cpe:/a:amazon:linux:php54-mysqlnd, p-cpe:/a:amazon:linux:php54-cli, p-cpe:/a:amazon:linux:php54-dba, p-cpe:/a:amazon:linux:php54-pgsql, p-cpe:/a:amazon:linux:php54-mssql, p-cpe:/a:amazon:linux:php54-recode, p-cpe:/a:amazon:linux:php54-enchant, p-cpe:/a:amazon:linux:php54-snmp, p-cpe:/a:amazon:linux:php54-pdo, p-cpe:/a:amazon:linux:php54-process, p-cpe:/a:amazon:linux:php54-mbstring, p-cpe:/a:amazon:linux:php54-debuginfo, p-cpe:/a:amazon:linux:php54-xml, p-cpe:/a:amazon:linux:php54-gd, p-cpe:/a:amazon:linux:php54-bcmath, p-cpe:/a:amazon:linux:php54-odbc, p-cpe:/a:amazon:linux:php54
Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/13/2015
Core Impact
Metasploit (Exim GHOST (glibc gethostbyname) Buffer Overflow)
CVE: CVE-2015-0235, CVE-2015-0273
ALAS: 2015-493