OVAL Reference oval:org.opensuse.security:def:20093291

Oval Definition:

oval:org.opensuse.security:def:20093291

Revision Date:	2022-05-20	Version:	1
Title:	CVE-2009-3291
Description:	The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2009-3291 Mitre CVE-2009-3291 SUSE CVE-2009-3291 SUSE-SR:2009:017 SUSE-SR:2009:017
Platform(s):	openSUSE 10.3 openSUSE 11.0 openSUSE 11.1 SUSE Linux Enterprise SDK 10 SP2 SUSE Linux Enterprise SDK 10 SP3 SUSE Linux Enterprise SDK 11 GA SUSE Linux Enterprise Server 10 SP3 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 GA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11	Product(s):
Definition Synopsis
Release Information sles10-sp2-sdk is installed AND apache2-mod_php5 less than 5.2.5-9.22 OR php5-bcmath less than 5.2.5-9.22 OR php5-bz2 less than 5.2.5-9.22 OR php5-calendar less than 5.2.5-9.22 OR php5-ctype less than 5.2.5-9.22 OR php5-curl less than 5.2.5-9.22 OR php5-dba less than 5.2.5-9.22 OR php5-dbase less than 5.2.5-9.22 OR php5-devel less than 5.2.5-9.22 OR php5-dom less than 5.2.5-9.22 OR php5-exif less than 5.2.5-9.22 OR php5-fastcgi less than 5.2.5-9.22 OR php5-ftp less than 5.2.5-9.22 OR php5-gd less than 5.2.5-9.22 OR php5-gettext less than 5.2.5-9.22 OR php5-gmp less than 5.2.5-9.22 OR php5-iconv less than 5.2.5-9.22 OR php5-imap less than 5.2.5-9.22 OR php5-ldap less than 5.2.5-9.22 OR php5-mbstring less than 5.2.5-9.22 OR php5-mcrypt less than 5.2.5-9.22 OR php5-mhash less than 5.2.5-9.22 OR php5-mysql less than 5.2.5-9.22 OR php5-ncurses less than 5.2.5-9.22 OR php5-odbc less than 5.2.5-9.22 OR php5-openssl less than 5.2.5-9.22 OR php5-pcntl less than 5.2.5-9.22 OR php5-pdo less than 5.2.5-9.22 OR php5-pear less than 5.2.5-9.22 OR php5-pgsql less than 5.2.5-9.22 OR php5-posix less than 5.2.5-9.22 OR php5-pspell less than 5.2.5-9.22 OR php5-shmop less than 5.2.5-9.22 OR php5-snmp less than 5.2.5-9.22 OR php5-soap less than 5.2.5-9.22 OR php5-sockets less than 5.2.5-9.22 OR php5-sqlite less than 5.2.5-9.22 OR php5-suhosin less than 5.2.5-9.22 OR php5-sysvmsg less than 5.2.5-9.22 OR php5-sysvsem less than 5.2.5-9.22 OR php5-sysvshm less than 5.2.5-9.22 OR php5-tidy less than 5.2.5-9.22 OR php5-tokenizer less than 5.2.5-9.22 OR php5-wddx less than 5.2.5-9.22 OR php5-xmlreader less than 5.2.5-9.22 OR php5-xmlrpc less than 5.2.5-9.22 OR php5-xsl less than 5.2.5-9.22 OR php5-zlib less than 5.2.5-9.22 OR Package Information sles10-sp3 is installed apache2-mod_php5 less than 5.2.5-9.23.1 OR php5-bcmath less than 5.2.5-9.23.1 OR php5-bz2 less than 5.2.5-9.23.1 OR php5-calendar less than 5.2.5-9.23.1 OR php5-ctype less than 5.2.5-9.23.1 OR php5-curl less than 5.2.5-9.23.1 OR php5-dba less than 5.2.5-9.23.1 OR php5-dbase less than 5.2.5-9.23.1 OR php5-devel less than 5.2.5-9.23.1 OR php5-dom less than 5.2.5-9.23.1 OR php5-exif less than 5.2.5-9.23.1 OR php5-fastcgi less than 5.2.5-9.23.1 OR php5-ftp less than 5.2.5-9.23.1 OR php5-gd less than 5.2.5-9.23.1 OR php5-gettext less than 5.2.5-9.23.1 OR php5-gmp less than 5.2.5-9.23.1 OR php5-iconv less than 5.2.5-9.23.1 OR php5-imap less than 5.2.5-9.23.1 OR php5-json less than 5.2.5-9.23.1 OR php5-ldap less than 5.2.5-9.23.1 OR php5-mbstring less than 5.2.5-9.23.1 OR php5-mcrypt less than 5.2.5-9.23.1 OR php5-mhash less than 5.2.5-9.23.1 OR php5-mysql less than 5.2.5-9.23.1 OR php5-ncurses less than 5.2.5-9.23.1 OR php5-odbc less than 5.2.5-9.23.1 OR php5-openssl less than 5.2.5-9.23.1 OR php5-pcntl less than 5.2.5-9.23.1 OR php5-pdo less than 5.2.5-9.23.1 OR php5-pear less than 5.2.5-9.23.1 OR php5-pgsql less than 5.2.5-9.23.1 OR php5-posix less than 5.2.5-9.23.1 OR php5-pspell less than 5.2.5-9.23.1 OR php5-shmop less than 5.2.5-9.23.1 OR php5-snmp less than 5.2.5-9.23.1 OR php5-soap less than 5.2.5-9.23.1 OR php5-sockets less than 5.2.5-9.23.1 OR php5-sqlite less than 5.2.5-9.23.1 OR php5-suhosin less than 5.2.5-9.23.1 OR php5-sysvmsg less than 5.2.5-9.23.1 OR php5-sysvsem less than 5.2.5-9.23.1 OR php5-sysvshm less than 5.2.5-9.23.1 OR php5-tokenizer less than 5.2.5-9.23.1 OR php5-wddx less than 5.2.5-9.23.1 OR php5-xmlreader less than 5.2.5-9.23.1 OR php5-xmlrpc less than 5.2.5-9.23.1 OR php5-xsl less than 5.2.5-9.23.1 OR php5-zlib less than 5.2.5-9.23.1 OR sles10-sp3-sdk is installed apache2-mod_php5 less than 5.2.5-9.23.1 OR php5-bcmath less than 5.2.5-9.23.1 OR php5-bz2 less than 5.2.5-9.23.1 OR php5-calendar less than 5.2.5-9.23.1 OR php5-ctype less than 5.2.5-9.23.1 OR php5-curl less than 5.2.5-9.23.1 OR php5-dba less than 5.2.5-9.23.1 OR php5-dbase less than 5.2.5-9.23.1 OR php5-devel less than 5.2.5-9.23.1 OR php5-dom less than 5.2.5-9.23.1 OR php5-exif less than 5.2.5-9.23.1 OR php5-fastcgi less than 5.2.5-9.23.1 OR php5-ftp less than 5.2.5-9.23.1 OR php5-gd less than 5.2.5-9.23.1 OR php5-gettext less than 5.2.5-9.23.1 OR php5-gmp less than 5.2.5-9.23.1 OR php5-iconv less than 5.2.5-9.23.1 OR php5-imap less than 5.2.5-9.23.1 OR php5-ldap less than 5.2.5-9.23.1 OR php5-mbstring less than 5.2.5-9.23.1 OR php5-mcrypt less than 5.2.5-9.23.1 OR php5-mhash less than 5.2.5-9.23.1 OR php5-mysql less than 5.2.5-9.23.1 OR php5-ncurses less than 5.2.5-9.23.1 OR php5-odbc less than 5.2.5-9.23.1 OR php5-openssl less than 5.2.5-9.23.1 OR php5-pcntl less than 5.2.5-9.23.1 OR php5-pdo less than 5.2.5-9.23.1 OR php5-pear less than 5.2.5-9.23.1 OR php5-pgsql less than 5.2.5-9.23.1 OR php5-posix less than 5.2.5-9.23.1 OR php5-pspell less than 5.2.5-9.23.1 OR php5-shmop less than 5.2.5-9.23.1 OR php5-snmp less than 5.2.5-9.23.1 OR php5-soap less than 5.2.5-9.23.1 OR php5-sockets less than 5.2.5-9.23.1 OR php5-sqlite less than 5.2.5-9.23.1 OR php5-suhosin less than 5.2.5-9.23.1 OR php5-sysvmsg less than 5.2.5-9.23.1 OR php5-sysvsem less than 5.2.5-9.23.1 OR php5-sysvshm less than 5.2.5-9.23.1 OR php5-tidy less than 5.2.5-9.23.1 OR php5-tokenizer less than 5.2.5-9.23.1 OR php5-wddx less than 5.2.5-9.23.1 OR php5-xmlreader less than 5.2.5-9.23.1 OR php5-xmlrpc less than 5.2.5-9.23.1 OR php5-xsl less than 5.2.5-9.23.1 OR php5-zlib less than 5.2.5-9.23.1
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information apache2-mod_php5-5.2.14-0.7.24.1 is installed OR php5-5.2.14-0.7.24.1 is installed OR php5-bcmath-5.2.14-0.7.24.1 is installed OR php5-bz2-5.2.14-0.7.24.1 is installed OR php5-calendar-5.2.14-0.7.24.1 is installed OR php5-ctype-5.2.14-0.7.24.1 is installed OR php5-curl-5.2.14-0.7.24.1 is installed OR php5-dba-5.2.14-0.7.24.1 is installed OR php5-dbase-5.2.14-0.7.24.1 is installed OR php5-dom-5.2.14-0.7.24.1 is installed OR php5-exif-5.2.14-0.7.24.1 is installed OR php5-fastcgi-5.2.14-0.7.24.1 is installed OR php5-ftp-5.2.14-0.7.24.1 is installed OR php5-gd-5.2.14-0.7.24.1 is installed OR php5-gettext-5.2.14-0.7.24.1 is installed OR php5-gmp-5.2.14-0.7.24.1 is installed OR php5-hash-5.2.14-0.7.24.1 is installed OR php5-iconv-5.2.14-0.7.24.1 is installed OR php5-json-5.2.14-0.7.24.1 is installed OR php5-ldap-5.2.14-0.7.24.1 is installed OR php5-mbstring-5.2.14-0.7.24.1 is installed OR php5-mcrypt-5.2.14-0.7.24.1 is installed OR php5-mysql-5.2.14-0.7.24.1 is installed OR php5-odbc-5.2.14-0.7.24.1 is installed OR php5-openssl-5.2.14-0.7.24.1 is installed OR php5-pcntl-5.2.14-0.7.24.1 is installed OR php5-pdo-5.2.14-0.7.24.1 is installed OR php5-pear-5.2.14-0.7.24.1 is installed OR php5-pgsql-5.2.14-0.7.24.1 is installed OR php5-pspell-5.2.14-0.7.24.1 is installed OR php5-shmop-5.2.14-0.7.24.1 is installed OR php5-snmp-5.2.14-0.7.24.1 is installed OR php5-soap-5.2.14-0.7.24.1 is installed OR php5-suhosin-5.2.14-0.7.24.1 is installed OR php5-sysvmsg-5.2.14-0.7.24.1 is installed OR php5-sysvsem-5.2.14-0.7.24.1 is installed OR php5-sysvshm-5.2.14-0.7.24.1 is installed OR php5-tokenizer-5.2.14-0.7.24.1 is installed OR php5-wddx-5.2.14-0.7.24.1 is installed OR php5-xmlreader-5.2.14-0.7.24.1 is installed OR php5-xmlrpc-5.2.14-0.7.24.1 is installed OR php5-xmlwriter-5.2.14-0.7.24.1 is installed OR php5-xsl-5.2.14-0.7.24.1 is installed OR php5-zip-5.2.14-0.7.24.1 is installed OR php5-zlib-5.2.14-0.7.24.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 is installed AND apache2-mod_php5-5.2.6-50.23 is installed OR php5-5.2.6-50.23 is installed OR php5-bcmath-5.2.6-50.23 is installed OR php5-bz2-5.2.6-50.23 is installed OR php5-calendar-5.2.6-50.23 is installed OR php5-ctype-5.2.6-50.23 is installed OR php5-curl-5.2.6-50.23 is installed OR php5-dba-5.2.6-50.23 is installed OR php5-dbase-5.2.6-50.23 is installed OR php5-dom-5.2.6-50.23 is installed OR php5-exif-5.2.6-50.23 is installed OR php5-fastcgi-5.2.6-50.23 is installed OR php5-ftp-5.2.6-50.23 is installed OR php5-gd-5.2.6-50.23 is installed OR php5-gettext-5.2.6-50.23 is installed OR php5-gmp-5.2.6-50.23 is installed OR php5-hash-5.2.6-50.23 is installed OR php5-iconv-5.2.6-50.23 is installed OR php5-json-5.2.6-50.23 is installed OR php5-ldap-5.2.6-50.23 is installed OR php5-mbstring-5.2.6-50.23 is installed OR php5-mcrypt-5.2.6-50.23 is installed OR php5-mysql-5.2.6-50.23 is installed OR php5-odbc-5.2.6-50.23 is installed OR php5-openssl-5.2.6-50.23 is installed OR php5-pcntl-5.2.6-50.23 is installed OR php5-pdo-5.2.6-50.23 is installed OR php5-pear-5.2.6-50.23 is installed OR php5-pgsql-5.2.6-50.23 is installed OR php5-pspell-5.2.6-50.23 is installed OR php5-shmop-5.2.6-50.23 is installed OR php5-snmp-5.2.6-50.23 is installed OR php5-soap-5.2.6-50.23 is installed OR php5-suhosin-5.2.6-50.23 is installed OR php5-sysvmsg-5.2.6-50.23 is installed OR php5-sysvsem-5.2.6-50.23 is installed OR php5-sysvshm-5.2.6-50.23 is installed OR php5-tokenizer-5.2.6-50.23 is installed OR php5-wddx-5.2.6-50.23 is installed OR php5-xmlreader-5.2.6-50.23 is installed OR php5-xmlrpc-5.2.6-50.23 is installed OR php5-xmlwriter-5.2.6-50.23 is installed OR php5-xsl-5.2.6-50.23 is installed OR php5-zip-5.2.6-50.23 is installed OR php5-zlib-5.2.6-50.23 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed AND apache2-mod_php5-5.2.14-0.7.24 is installed OR php5-5.2.14-0.7.24 is installed OR php5-bcmath-5.2.14-0.7.24 is installed OR php5-bz2-5.2.14-0.7.24 is installed OR php5-calendar-5.2.14-0.7.24 is installed OR php5-ctype-5.2.14-0.7.24 is installed OR php5-curl-5.2.14-0.7.24 is installed OR php5-dba-5.2.14-0.7.24 is installed OR php5-dbase-5.2.14-0.7.24 is installed OR php5-dom-5.2.14-0.7.24 is installed OR php5-exif-5.2.14-0.7.24 is installed OR php5-fastcgi-5.2.14-0.7.24 is installed OR php5-ftp-5.2.14-0.7.24 is installed OR php5-gd-5.2.14-0.7.24 is installed OR php5-gettext-5.2.14-0.7.24 is installed OR php5-gmp-5.2.14-0.7.24 is installed OR php5-hash-5.2.14-0.7.24 is installed OR php5-iconv-5.2.14-0.7.24 is installed OR php5-json-5.2.14-0.7.24 is installed OR php5-ldap-5.2.14-0.7.24 is installed OR php5-mbstring-5.2.14-0.7.24 is installed OR php5-mcrypt-5.2.14-0.7.24 is installed OR php5-mysql-5.2.14-0.7.24 is installed OR php5-odbc-5.2.14-0.7.24 is installed OR php5-openssl-5.2.14-0.7.24 is installed OR php5-pcntl-5.2.14-0.7.24 is installed OR php5-pdo-5.2.14-0.7.24 is installed OR php5-pear-5.2.14-0.7.24 is installed OR php5-pgsql-5.2.14-0.7.24 is installed OR php5-pspell-5.2.14-0.7.24 is installed OR php5-shmop-5.2.14-0.7.24 is installed OR php5-snmp-5.2.14-0.7.24 is installed OR php5-soap-5.2.14-0.7.24 is installed OR php5-suhosin-5.2.14-0.7.24 is installed OR php5-sysvmsg-5.2.14-0.7.24 is installed OR php5-sysvsem-5.2.14-0.7.24 is installed OR php5-sysvshm-5.2.14-0.7.24 is installed OR php5-tokenizer-5.2.14-0.7.24 is installed OR php5-wddx-5.2.14-0.7.24 is installed OR php5-xmlreader-5.2.14-0.7.24 is installed OR php5-xmlrpc-5.2.14-0.7.24 is installed OR php5-xmlwriter-5.2.14-0.7.24 is installed OR php5-xsl-5.2.14-0.7.24 is installed OR php5-zip-5.2.14-0.7.24 is installed OR php5-zlib-5.2.14-0.7.24 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND apache2-mod_php5-5.2.14-0.7.24.1 is installed OR php5-5.2.14-0.7.24.1 is installed OR php5-bcmath-5.2.14-0.7.24.1 is installed OR php5-bz2-5.2.14-0.7.24.1 is installed OR php5-calendar-5.2.14-0.7.24.1 is installed OR php5-ctype-5.2.14-0.7.24.1 is installed OR php5-curl-5.2.14-0.7.24.1 is installed OR php5-dba-5.2.14-0.7.24.1 is installed OR php5-dbase-5.2.14-0.7.24.1 is installed OR php5-dom-5.2.14-0.7.24.1 is installed OR php5-exif-5.2.14-0.7.24.1 is installed OR php5-fastcgi-5.2.14-0.7.24.1 is installed OR php5-ftp-5.2.14-0.7.24.1 is installed OR php5-gd-5.2.14-0.7.24.1 is installed OR php5-gettext-5.2.14-0.7.24.1 is installed OR php5-gmp-5.2.14-0.7.24.1 is installed OR php5-hash-5.2.14-0.7.24.1 is installed OR php5-iconv-5.2.14-0.7.24.1 is installed OR php5-json-5.2.14-0.7.24.1 is installed OR php5-ldap-5.2.14-0.7.24.1 is installed OR php5-mbstring-5.2.14-0.7.24.1 is installed OR php5-mcrypt-5.2.14-0.7.24.1 is installed OR php5-mysql-5.2.14-0.7.24.1 is installed OR php5-odbc-5.2.14-0.7.24.1 is installed OR php5-openssl-5.2.14-0.7.24.1 is installed OR php5-pcntl-5.2.14-0.7.24.1 is installed OR php5-pdo-5.2.14-0.7.24.1 is installed OR php5-pear-5.2.14-0.7.24.1 is installed OR php5-pgsql-5.2.14-0.7.24.1 is installed OR php5-pspell-5.2.14-0.7.24.1 is installed OR php5-shmop-5.2.14-0.7.24.1 is installed OR php5-snmp-5.2.14-0.7.24.1 is installed OR php5-soap-5.2.14-0.7.24.1 is installed OR php5-suhosin-5.2.14-0.7.24.1 is installed OR php5-sysvmsg-5.2.14-0.7.24.1 is installed OR php5-sysvsem-5.2.14-0.7.24.1 is installed OR php5-sysvshm-5.2.14-0.7.24.1 is installed OR php5-tokenizer-5.2.14-0.7.24.1 is installed OR php5-wddx-5.2.14-0.7.24.1 is installed OR php5-xmlreader-5.2.14-0.7.24.1 is installed OR php5-xmlrpc-5.2.14-0.7.24.1 is installed OR php5-xmlwriter-5.2.14-0.7.24.1 is installed OR php5-xsl-5.2.14-0.7.24.1 is installed OR php5-zip-5.2.14-0.7.24.1 is installed OR php5-zlib-5.2.14-0.7.24.1 is installed OR Package Information SUSE Linux Enterprise Server 11 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 is installed AND apache2-mod_php5-5.2.6-50.23.1 is installed OR php5-5.2.6-50.23.1 is installed OR php5-bcmath-5.2.6-50.23.1 is installed OR php5-bz2-5.2.6-50.23.1 is installed OR php5-calendar-5.2.6-50.23.1 is installed OR php5-ctype-5.2.6-50.23.1 is installed OR php5-curl-5.2.6-50.23.1 is installed OR php5-dba-5.2.6-50.23.1 is installed OR php5-dbase-5.2.6-50.23.1 is installed OR php5-dom-5.2.6-50.23.1 is installed OR php5-exif-5.2.6-50.23.1 is installed OR php5-fastcgi-5.2.6-50.23.1 is installed OR php5-ftp-5.2.6-50.23.1 is installed OR php5-gd-5.2.6-50.23.1 is installed OR php5-gettext-5.2.6-50.23.1 is installed OR php5-gmp-5.2.6-50.23.1 is installed OR php5-hash-5.2.6-50.23.1 is installed OR php5-iconv-5.2.6-50.23.1 is installed OR php5-json-5.2.6-50.23.1 is installed OR php5-ldap-5.2.6-50.23.1 is installed OR php5-mbstring-5.2.6-50.23.1 is installed OR php5-mcrypt-5.2.6-50.23.1 is installed OR php5-mysql-5.2.6-50.23.1 is installed OR php5-odbc-5.2.6-50.23.1 is installed OR php5-openssl-5.2.6-50.23.1 is installed OR php5-pcntl-5.2.6-50.23.1 is installed OR php5-pdo-5.2.6-50.23.1 is installed OR php5-pear-5.2.6-50.23.1 is installed OR php5-pgsql-5.2.6-50.23.1 is installed OR php5-pspell-5.2.6-50.23.1 is installed OR php5-shmop-5.2.6-50.23.1 is installed OR php5-snmp-5.2.6-50.23.1 is installed OR php5-soap-5.2.6-50.23.1 is installed OR php5-suhosin-5.2.6-50.23.1 is installed OR php5-sysvmsg-5.2.6-50.23.1 is installed OR php5-sysvsem-5.2.6-50.23.1 is installed OR php5-sysvshm-5.2.6-50.23.1 is installed OR php5-tokenizer-5.2.6-50.23.1 is installed OR php5-wddx-5.2.6-50.23.1 is installed OR php5-xmlreader-5.2.6-50.23.1 is installed OR php5-xmlrpc-5.2.6-50.23.1 is installed OR php5-xmlwriter-5.2.6-50.23.1 is installed OR php5-xsl-5.2.6-50.23.1 is installed OR php5-zip-5.2.6-50.23.1 is installed OR php5-zlib-5.2.6-50.23.1 is installed

BACK