ID CVE-2014-5265 Type cve Reporter NVD Modified 2015-11-25T15:38:42
Description
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
{"title": "CVE-2014-5265", "reporter": "NVD", "enchantments": {"score": {"vector": "NONE", "value": 4.3}, "vulnersScore": 4.3}, "published": "2014-08-18T07:15:27", "cvelist": ["CVE-2014-5265"], "hash": "141faef4ec8ef07dc40efa3f5d7be070dff3a1da17ed287b74383c2276b735ba", "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5265", "bulletinFamily": "NVD", "id": "CVE-2014-5265", "history": [], "scanner": [], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "modified": "2015-11-25T15:38:42", "viewCount": 4, "cpe": ["cpe:/a:wordpress:wordpress:3.7.1", "cpe:/a:drupal:drupal:7.0:dev", "cpe:/a:drupal:drupal:7.21", "cpe:/a:drupal:drupal:7.0:beta2", "cpe:/a:drupal:drupal:7.11", "cpe:/a:drupal:drupal:7.9", "cpe:/a:drupal:drupal:7.x-dev", "cpe:/a:drupal:drupal:6.1", "cpe:/a:drupal:drupal:7.19", "cpe:/a:drupal:drupal:6.5", "cpe:/a:drupal:drupal:7.5", "cpe:/a:drupal:drupal:6.9", "cpe:/a:drupal:drupal:6.10", "cpe:/a:wordpress:wordpress:3.1.1", "cpe:/a:wordpress:wordpress:3.8.1", "cpe:/a:drupal:drupal:7.16", "cpe:/a:wordpress:wordpress:3.0", "cpe:/a:wordpress:wordpress:3.6", "cpe:/a:drupal:drupal:7.0:rc2", "cpe:/a:wordpress:wordpress:3.0.3", "cpe:/a:drupal:drupal:6.2", "cpe:/a:drupal:drupal:6.18", "cpe:/a:drupal:drupal:7.20", "cpe:/a:drupal:drupal:6.0:rc4", "cpe:/a:drupal:drupal:7.18", "cpe:/a:drupal:drupal:6.8", "cpe:/a:drupal:drupal:6.14", "cpe:/a:drupal:drupal:6.22", "cpe:/a:drupal:drupal:7.0:alpha3", "cpe:/a:drupal:drupal:6.15", "cpe:/a:drupal:drupal:7.23", "cpe:/a:drupal:drupal:7.0:alpha5", "cpe:/a:drupal:drupal:7.0:rc1", "cpe:/a:drupal:drupal:7.10", "cpe:/a:drupal:drupal:6.3", "cpe:/a:drupal:drupal:7.27", "cpe:/a:wordpress:wordpress:3.1.3", "cpe:/a:wordpress:wordpress:3.2.1", "cpe:/a:drupal:drupal:6.0:beta4", "cpe:/a:drupal:drupal:6.24", "cpe:/a:drupal:drupal:6.4", "cpe:/a:wordpress:wordpress:3.5.0", "cpe:/a:wordpress:wordpress:3.3.3", "cpe:/a:drupal:drupal:6.0:rc3", "cpe:/a:drupal:drupal:7.13", "cpe:/a:drupal:drupal:7.7", "cpe:/a:wordpress:wordpress:3.1.2", "cpe:/a:wordpress:wordpress:3.4.1", "cpe:/a:wordpress:wordpress:3.0.6", "cpe:/a:drupal:drupal:6.23", "cpe:/a:drupal:drupal:6.16", "cpe:/a:drupal:drupal:6.29", "cpe:/a:drupal:drupal:7.12", "cpe:/a:drupal:drupal:7.0:alpha7", "cpe:/a:drupal:drupal:7.0:rc4", "cpe:/a:drupal:drupal:7.26", "cpe:/a:drupal:drupal:7.0:rc3", "cpe:/a:drupal:drupal:6.12", "cpe:/a:drupal:drupal:6.32", "cpe:/a:drupal:drupal:7.0:alpha2", "cpe:/a:wordpress:wordpress:3.7", "cpe:/a:drupal:drupal:7.2", "cpe:/a:wordpress:wordpress:3.9.0", "cpe:/a:drupal:drupal:7.1", "cpe:/a:drupal:drupal:7.30", "cpe:/a:drupal:drupal:7.3", "cpe:/a:drupal:drupal:6.27", "cpe:/a:drupal:drupal:6.0:rc1", "cpe:/a:wordpress:wordpress:3.3", "cpe:/a:wordpress:wordpress:3.2", "cpe:/a:drupal:drupal:7.0:alpha6", "cpe:/a:drupal:drupal:6.20", "cpe:/a:drupal:drupal:7.29", "cpe:/a:drupal:drupal:7.17", "cpe:/a:drupal:drupal:6.31", "cpe:/a:wordpress:wordpress:3.2:beta1", "cpe:/a:drupal:drupal:6.0:rc2", "cpe:/a:drupal:drupal:6.21", "cpe:/a:wordpress:wordpress:3.0.4", "cpe:/a:drupal:drupal:7.0:beta3", "cpe:/a:drupal:drupal:6.0:beta1", "cpe:/a:drupal:drupal:7.6", "cpe:/a:wordpress:wordpress:3.3.1", "cpe:/a:drupal:drupal:7.0:alpha4", "cpe:/a:drupal:drupal:7.24", "cpe:/a:drupal:drupal:7.4", "cpe:/a:drupal:drupal:6.25", "cpe:/a:drupal:drupal:7.25", "cpe:/a:drupal:drupal:7.8", "cpe:/a:drupal:drupal:6.0:beta3", "cpe:/a:wordpress:wordpress:3.1.4", "cpe:/a:drupal:drupal:7.14", "cpe:/a:wordpress:wordpress:3.3.2", "cpe:/a:drupal:drupal:6.7", "cpe:/a:drupal:drupal:7.15", "cpe:/a:drupal:drupal:7.28", "cpe:/a:drupal:drupal:6.6", "cpe:/a:wordpress:wordpress:3.0.1", "cpe:/a:wordpress:wordpress:3.4.2", "cpe:/a:wordpress:wordpress:3.0.2", "cpe:/o:debian:debian_linux:7.0", "cpe:/a:drupal:drupal:6.11", "cpe:/a:drupal:drupal:7.0:alpha1", "cpe:/a:wordpress:wordpress:3.5.1", "cpe:/a:drupal:drupal:6.0:beta2", "cpe:/a:wordpress:wordpress:3.4.0", "cpe:/a:drupal:drupal:7.0", "cpe:/a:drupal:drupal:7.0:beta1", "cpe:/a:drupal:drupal:7.22", "cpe:/a:drupal:drupal:6.28", "cpe:/a:drupal:drupal:6.17", "cpe:/a:drupal:drupal:6.0:dev", "cpe:/a:drupal:drupal:6.30", "cpe:/a:drupal:drupal:6.0", "cpe:/a:wordpress:wordpress:3.6.1", "cpe:/a:drupal:drupal:6.19", "cpe:/a:wordpress:wordpress:3.9.1", "cpe:/a:drupal:drupal:6.13", "cpe:/a:wordpress:wordpress:3.1", "cpe:/a:wordpress:wordpress:3.8", "cpe:/a:wordpress:wordpress:3.0.5", "cpe:/a:drupal:drupal:6.26"], "edition": 1, "description": "The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.", "references": ["https://www.drupal.org/SA-CORE-2014-004", "http://www.debian.org/security/2014/dsa-2999", "https://core.trac.wordpress.org/changeset/29404", "http://www.debian.org/security/2014/dsa-3001", "http://cgit.drupalcode.org/drupal/diff/includes/xmlrpc.inc?id=1849830", "https://wordpress.org/news/2014/08/wordpress-3-9-2/"], "lastseen": "2016-09-03T20:48:48", "assessment": {"system": "", "name": "", "href": ""}}
{"nessus": [{"lastseen": "2019-01-16T20:19:34", "references": ["https://www.drupal.org/SA-CORE-2014-004", "https://www.drupal.org/drupal-6.33-release-notes", "https://www.drupal.org/project/drupal/releases/7.31"], "pluginID": "77186", "description": "The remote web server is running a version of Drupal that is 6.x prior\nto 6.33 or 7.x prior to 7.31. It is, therefore, potentially affected\nby multiple denial of service vulnerabilities :\n\n - The XML-RPC library in Drupal allows entity declarations\n without considering recursion during entity expansion.\n A remote attacker, using a crafted XML document with a\n large number of nested entity references, can cause a\n denial of service by consuming available memory and CPU\n resources. (CVE-2014-5265)\n\n - The XML-RPC library in Drupal does not limit the number\n of elements in an XML document. A remote attacker, via\n a large document, could cause a denial of service by CPU\n consumption. (CVE-2014-5266)\n\n - An XML injection flaw exists in 'xmlrpc.php' due to the\n parser accepting XML internal entities from untrusted\n sources. A remote attacker, via specially crafted XML\n data, could exploit this to cause a denial of service.\n This vulnerability also exists within the Drupal OpenID\n module.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 8, "reporter": "Tenable", "published": "2014-08-13T00:00:00", "title": "Drupal 6.x < 6.33 / 7.x < 7.31 XML-RPC DoS", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CGI abuses", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5265", "CVE-2014-5266"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:drupal:drupal"], "id": "DRUPAL_7_31.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77186", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77186);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/11/15 20:50:16\");\n\n script_cve_id(\"CVE-2014-5265\", \"CVE-2014-5266\");\n script_bugtraq_id(69146);\n\n script_name(english:\"Drupal 6.x < 6.33 / 7.x < 7.31 XML-RPC DoS\");\n script_summary(english:\"Checks the version of Drupal.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is running a PHP application that is affected by\ndenial of service vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote web server is running a version of Drupal that is 6.x prior\nto 6.33 or 7.x prior to 7.31. It is, therefore, potentially affected\nby multiple denial of service vulnerabilities :\n\n - The XML-RPC library in Drupal allows entity declarations\n without considering recursion during entity expansion.\n A remote attacker, using a crafted XML document with a\n large number of nested entity references, can cause a\n denial of service by consuming available memory and CPU\n resources. (CVE-2014-5265)\n\n - The XML-RPC library in Drupal does not limit the number\n of elements in an XML document. A remote attacker, via\n a large document, could cause a denial of service by CPU\n consumption. (CVE-2014-5266)\n\n - An XML injection flaw exists in 'xmlrpc.php' due to the\n parser accepting XML internal entities from untrusted\n sources. A remote attacker, via specially crafted XML\n data, could exploit this to cause a denial of service.\n This vulnerability also exists within the Drupal OpenID\n module.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/SA-CORE-2014-004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/7.31\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/drupal-6.33-release-notes\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to version 6.33 / 7.31 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/13\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:drupal:drupal\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"drupal_detect.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/Drupal\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\napp = \"Drupal\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:80, php:TRUE);\n\ninstall = get_single_install(\n app_name : app,\n port : port,\n exit_if_unknown_ver : TRUE\n);\n\ndir = install['path'];\nversion = install['version'];\nurl = build_url(qs:dir, port:port);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nfix = NULL;\n\nif (version =~ \"^6\\.([0-9]|[1-2][0-9]|3[0-2])($|[^0-9]+)\") fix = '6.33';\nelse if (version =~ \"^7\\.([0-9]|[1-2][0-9]|30)($|[^0-9]+)\") fix = '7.31';\n\nif (fix)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' + url +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, url, version);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:19:36", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1127538", "https://www.drupal.org/project/drupal/releases/7.30", "http://www.nessus.org/u?c42acdb8"], "pluginID": "77314", "description": "Update to upstream 7.31 release for SA-CORE-2014-004 This is a bugfix\nrelease. For complete details, refer to:\nhttps://www.drupal.org/drupal-7.30-release-notes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2014-08-22T00:00:00", "title": "Fedora 20 : drupal7-7.31-1.fc20 (2014-9278)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5267", "CVE-2014-5265", "CVE-2014-5266"], "modified": "2018-12-24T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:20", "p-cpe:/a:fedoraproject:fedora:drupal7"], "id": "FEDORA_2014-9278.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77314", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9278.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77314);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/12/24 10:14:27\");\n\n script_cve_id(\"CVE-2014-5265\", \"CVE-2014-5266\", \"CVE-2014-5267\");\n script_bugtraq_id(69146);\n script_xref(name:\"FEDORA\", value:\"2014-9278\");\n\n script_name(english:\"Fedora 20 : drupal7-7.31-1.fc20 (2014-9278)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream 7.31 release for SA-CORE-2014-004 This is a bugfix\nrelease. For complete details, refer to:\nhttps://www.drupal.org/drupal-7.30-release-notes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1127538\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136894.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c42acdb8\"\n );\n # https://www.drupal.org/drupal-7.30-release-notes\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/project/drupal/releases/7.30\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"drupal7-7.31-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:19:36", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1127538", "https://www.drupal.org/project/drupal/releases/7.30", "http://www.nessus.org/u?fb10ce01"], "pluginID": "77313", "description": "Update to upstream 7.31 release for SA-CORE-2014-004 This is a bugfix\nrelease. For complete details refer to:\nhttps://www.drupal.org/drupal-7.30-release-notes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2014-08-22T00:00:00", "title": "Fedora 19 : drupal7-7.31-1.fc19 (2014-9277)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5267", "CVE-2014-5265", "CVE-2014-5266"], "modified": "2018-12-24T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:drupal7"], "id": "FEDORA_2014-9277.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77313", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9277.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77313);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/12/24 10:14:27\");\n\n script_cve_id(\"CVE-2014-5265\", \"CVE-2014-5266\", \"CVE-2014-5267\");\n script_bugtraq_id(69146);\n script_xref(name:\"FEDORA\", value:\"2014-9277\");\n\n script_name(english:\"Fedora 19 : drupal7-7.31-1.fc19 (2014-9277)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream 7.31 release for SA-CORE-2014-004 This is a bugfix\nrelease. For complete details refer to:\nhttps://www.drupal.org/drupal-7.30-release-notes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1127538\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136875.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fb10ce01\"\n );\n # https://www.drupal.org/drupal-7.30-release-notes\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/project/drupal/releases/7.30\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"drupal7-7.31-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:19:32", "references": ["https://packages.debian.org/source/wheezy/drupal7", "https://www.debian.org/security/2014/dsa-2999", "http://www.nessus.org/u?1de16175"], "pluginID": "77100", "description": "A denial of service vulnerability was discovered in Drupal, a\nfully-featured content management framework. A remote attacker could\nexploit this flaw to cause CPU and memory exhaustion and the site's\ndatabase to reach the maximum number of open connections, leading to\nthe site becoming unavailable or unresponsive. More information can be\nfound at https://www.drupal.org/SA-CORE-2014-004.", "edition": 7, "reporter": "Tenable", "published": "2014-08-10T00:00:00", "title": "Debian DSA-2999-1 : drupal7 - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5267", "CVE-2014-5265", "CVE-2014-5266"], "modified": "2018-12-18T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:drupal7", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2999.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77100", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2999. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77100);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/18 10:18:58\");\n\n script_cve_id(\"CVE-2014-5265\", \"CVE-2014-5266\", \"CVE-2014-5267\");\n script_bugtraq_id(69146);\n script_xref(name:\"DSA\", value:\"2999\");\n\n script_name(english:\"Debian DSA-2999-1 : drupal7 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service vulnerability was discovered in Drupal, a\nfully-featured content management framework. A remote attacker could\nexploit this flaw to cause CPU and memory exhaustion and the site's\ndatabase to reach the maximum number of open connections, leading to\nthe site becoming unavailable or unresponsive. More information can be\nfound at https://www.drupal.org/SA-CORE-2014-004.\"\n );\n # https://www.drupal.org/SA-CORE-2014-004\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1de16175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-2999\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the drupal7 packages.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 7.14-2+deb7u6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"drupal7\", reference:\"7.14-2+deb7u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:19:46", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1127538", "http://www.nessus.org/u?03b2f056", "https://www.drupal.org/drupal-6.33-release-notes."], "pluginID": "77948", "description": "- Update to Drupal 6.33.\n\n - Drupal 6.33 release notes can be found here,\n https://www.drupal.org/drupal-6.33-release-notes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2014-09-29T00:00:00", "title": "Fedora 20 : drupal6-6.33-1.fc20 (2014-9281)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5267", "CVE-2014-5265", "CVE-2014-5266"], "modified": "2015-10-19T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:20", "p-cpe:/a:fedoraproject:fedora:drupal6"], "id": "FEDORA_2014-9281.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77948", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9281.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77948);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:49:03 $\");\n\n script_cve_id(\"CVE-2014-5265\", \"CVE-2014-5266\", \"CVE-2014-5267\");\n script_bugtraq_id(69146);\n script_xref(name:\"FEDORA\", value:\"2014-9281\");\n\n script_name(english:\"Fedora 20 : drupal6-6.33-1.fc20 (2014-9281)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to Drupal 6.33.\n\n - Drupal 6.33 release notes can be found here,\n https://www.drupal.org/drupal-6.33-release-notes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1127538\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138698.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?03b2f056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/drupal-6.33-release-notes.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"drupal6-6.33-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal6\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:19:32", "references": ["https://www.debian.org/security/2014/dsa-3001", "https://packages.debian.org/source/wheezy/wordpress", "https://wordpress.org/news/2014/08/wordpress-3-9-2/"], "pluginID": "77102", "description": "Multiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information\ndisclosure. More information can be found in the upstream advisory at\nhttps://wordpress.org/news/2014/08/wordpress-3-9-2/.", "edition": 7, "reporter": "Tenable", "published": "2014-08-10T00:00:00", "title": "Debian DSA-3001-1 : wordpress - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-2053", "CVE-2014-5204", "CVE-2014-5205", "CVE-2014-5265", "CVE-2014-5266", "CVE-2014-5240"], "modified": "2018-11-28T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wordpress", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3001.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77102", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3001. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77102);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/28 22:47:42\");\n\n script_cve_id(\"CVE-2014-2053\", \"CVE-2014-5204\", \"CVE-2014-5205\", \"CVE-2014-5240\", \"CVE-2014-5265\", \"CVE-2014-5266\");\n script_bugtraq_id(69096);\n script_xref(name:\"DSA\", value:\"3001\");\n\n script_name(english:\"Debian DSA-3001-1 : wordpress - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information\ndisclosure. More information can be found in the upstream advisory at\nhttps://wordpress.org/news/2014/08/wordpress-3-9-2/.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2014/08/wordpress-3-9-2/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/wordpress\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-3001\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wordpress packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 3.6.1+dfsg-1~deb7u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"wordpress\", reference:\"3.6.1+dfsg-1~deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wordpress-l10n\", reference:\"3.6.1+dfsg-1~deb7u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:19:36", "references": ["http://www.nessus.org/u?5160d953", "https://bugzilla.redhat.com/show_bug.cgi?id=1127547", "https://wordpress.org/news/2014/08/wordpress-3-9-2/", "https://bugzilla.redhat.com/show_bug.cgi?id=1129750"], "pluginID": "77347", "description": "Upstream announcement:\nhttp://wordpress.org/news/2014/08/wordpress-3-9-2/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2014-08-23T00:00:00", "title": "Fedora 19 : wordpress-3.9.2-3.fc19 (2014-9270)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5203", "CVE-2014-5204", "CVE-2014-5205", "CVE-2014-5265", "CVE-2014-5266", "CVE-2014-5240"], "modified": "2018-12-05T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:wordpress"], "id": "FEDORA_2014-9270.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77347", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9270.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77347);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/12/05 20:31:22\");\n\n script_cve_id(\"CVE-2014-5203\", \"CVE-2014-5204\", \"CVE-2014-5205\", \"CVE-2014-5240\", \"CVE-2014-5265\", \"CVE-2014-5266\");\n script_bugtraq_id(69096, 69146);\n script_xref(name:\"FEDORA\", value:\"2014-9270\");\n\n script_name(english:\"Fedora 19 : wordpress-3.9.2-3.fc19 (2014-9270)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream announcement:\nhttp://wordpress.org/news/2014/08/wordpress-3-9-2/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://wordpress.org/news/2014/08/wordpress-3-9-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2014/08/wordpress-3-9-2/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1127547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1129750\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136942.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5160d953\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"wordpress-3.9.2-3.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wordpress\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:21:08", "references": ["https://packages.debian.org/source/squeeze-lts/wordpress", "https://lists.debian.org/debian-lts-announce/2014/09/msg00013.html", "https://wordpress.org/news/2014/08/wordpress-3-9-2/"], "pluginID": "82202", "description": "Multiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information\ndisclosure.\n\nMore information can be found in the upstream advisory at\nhttps://wordpress.org/news/2014/08/wordpress-3-9-2/\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2015-03-26T00:00:00", "title": "Debian DLA-56-1 : wordpress security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-2053", "CVE-2014-5204", "CVE-2014-5205", "CVE-2014-5265", "CVE-2014-5266", "CVE-2014-5240"], "modified": "2018-07-06T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:wordpress", "p-cpe:/a:debian:debian_linux:wordpress-l10n"], "id": "DEBIAN_DLA-56.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82202", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-56-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82202);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/06 11:26:06\");\n\n script_cve_id(\"CVE-2014-2053\", \"CVE-2014-5204\", \"CVE-2014-5205\", \"CVE-2014-5240\", \"CVE-2014-5265\", \"CVE-2014-5266\");\n script_bugtraq_id(66225, 69096, 69146);\n\n script_name(english:\"Debian DLA-56-1 : wordpress security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information\ndisclosure.\n\nMore information can be found in the upstream advisory at\nhttps://wordpress.org/news/2014/08/wordpress-3-9-2/\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/09/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/wordpress\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2014/08/wordpress-3-9-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected wordpress, and wordpress-l10n packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"wordpress\", reference:\"3.6.1+dfsg-1~deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wordpress-l10n\", reference:\"3.6.1+dfsg-1~deb6u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:19:36", "references": ["http://www.nessus.org/u?73625ed0", "https://bugzilla.redhat.com/show_bug.cgi?id=1127547", "https://wordpress.org/news/2014/08/wordpress-3-9-2/", "https://bugzilla.redhat.com/show_bug.cgi?id=1129750"], "pluginID": "77312", "description": "Upstream announcement:\nhttp://wordpress.org/news/2014/08/wordpress-3-9-2/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2014-08-22T00:00:00", "title": "Fedora 20 : wordpress-3.9.2-3.fc20 (2014-9264)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5203", "CVE-2014-5204", "CVE-2014-5205", "CVE-2014-5265", "CVE-2014-5266", "CVE-2014-5240"], "modified": "2018-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wordpress", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-9264.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77312", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9264.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77312);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/12/05 20:31:22\");\n\n script_cve_id(\"CVE-2014-5203\", \"CVE-2014-5204\", \"CVE-2014-5205\", \"CVE-2014-5240\", \"CVE-2014-5265\", \"CVE-2014-5266\");\n script_bugtraq_id(69096, 69146);\n script_xref(name:\"FEDORA\", value:\"2014-9264\");\n\n script_name(english:\"Fedora 20 : wordpress-3.9.2-3.fc20 (2014-9264)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream announcement:\nhttp://wordpress.org/news/2014/08/wordpress-3-9-2/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://wordpress.org/news/2014/08/wordpress-3-9-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2014/08/wordpress-3-9-2/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1127547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1129750\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136891.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?73625ed0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"wordpress-3.9.2-3.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wordpress\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:19:33", "references": ["https://core.trac.wordpress.org/changeset/29384", "https://core.trac.wordpress.org/changeset/29408", "https://core.trac.wordpress.org/changeset/29390", "https://core.trac.wordpress.org/changeset/29389", "https://seclists.org/oss-sec/2014/q3/301", "https://core.trac.wordpress.org/changeset/29398", "https://codex.wordpress.org/Version_3.9.2", "https://core.trac.wordpress.org/changeset/29405/branches/3.9", "https://wordpress.org/news/2014/08/wordpress-3-9-2/"], "pluginID": "77157", "description": "According to its version number, the WordPress application hosted on\nthe remote web server is affected by multiple vulnerabilities :\n\n - An XML injection flaw exists within 'getid3.lib.php'\n due to the parser accepting XML external entities\n from untrusted sources. Using specially crafted XML\n data, a remote attacker could access sensitive\n information or cause a denial of service. This affects\n versions 3.6 - 3.9.1, except 3.7.4 and 3.8.4.\n\n - An XML injection flaw exists within 'xmlrpc.php' due to\n the parser accepting XML internal entities without\n properly validating them. Using specially crafted XML\n data, a remote attacker could cause a denial of service.\n This affects versions 1.5 - 3.9.1, except 3.7.4 and\n 3.8.4.\n\n - An unsafe serialization flaw exists in the script\n '/src/wp-includes/class-wp-customize-widgets.php' when\n processing widgets. This could allow a remote attacker\n to execute arbitrary code. Versions 3.9 and 3.9.1\n non-default configurations are affected.\n\n - A flaw exists when building CSRF tokens due to it not\n separating pieces by delimiter and not comparing nonces\n in a time-constant manner. This could allow a remote\n attacker to conduct a brute force attack and potentially\n disclose the CSRF token. This affects versions 2.0.3 -\n 3.9.1, except 3.7.4 and 3.8.4.\n\n - A cross-site scripting flaw exists in the function\n 'get_avatar' within the '/src/wp-includes/pluggable.php'\n script where input from the avatars is not validated\n before returning it to the user. Using a specially\n crafted request, an authenticated attacker could execute\n arbitrary script code within the browser / server trust\n relationship. This affects version 3.9.1.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 8, "reporter": "Tenable", "published": "2014-08-12T00:00:00", "title": "WordPress < 3.7.4 / 3.8.4 / 3.9.2 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "CGI abuses", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-2053", "CVE-2014-5203", "CVE-2014-5204", "CVE-2014-5205", "CVE-2014-5265", "CVE-2014-5266", "CVE-2014-5240"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:wordpress:wordpress"], "id": "WORDPRESS_3_9_2.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77157", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77157);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/15 20:50:19\");\n\n script_cve_id(\n \"CVE-2014-2053\",\n \"CVE-2014-5203\",\n \"CVE-2014-5204\",\n \"CVE-2014-5205\",\n \"CVE-2014-5240\",\n \"CVE-2014-5265\",\n \"CVE-2014-5266\"\n );\n script_bugtraq_id(69096);\n\n script_name(english:\"WordPress < 3.7.4 / 3.8.4 / 3.9.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of WordPress.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains a PHP application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the WordPress application hosted on\nthe remote web server is affected by multiple vulnerabilities :\n\n - An XML injection flaw exists within 'getid3.lib.php'\n due to the parser accepting XML external entities\n from untrusted sources. Using specially crafted XML\n data, a remote attacker could access sensitive\n information or cause a denial of service. This affects\n versions 3.6 - 3.9.1, except 3.7.4 and 3.8.4.\n\n - An XML injection flaw exists within 'xmlrpc.php' due to\n the parser accepting XML internal entities without\n properly validating them. Using specially crafted XML\n data, a remote attacker could cause a denial of service.\n This affects versions 1.5 - 3.9.1, except 3.7.4 and\n 3.8.4.\n\n - An unsafe serialization flaw exists in the script\n '/src/wp-includes/class-wp-customize-widgets.php' when\n processing widgets. This could allow a remote attacker\n to execute arbitrary code. Versions 3.9 and 3.9.1\n non-default configurations are affected.\n\n - A flaw exists when building CSRF tokens due to it not\n separating pieces by delimiter and not comparing nonces\n in a time-constant manner. This could allow a remote\n attacker to conduct a brute force attack and potentially\n disclose the CSRF token. This affects versions 2.0.3 -\n 3.9.1, except 3.7.4 and 3.8.4.\n\n - A cross-site scripting flaw exists in the function\n 'get_avatar' within the '/src/wp-includes/pluggable.php'\n script where input from the avatars is not validated\n before returning it to the user. Using a specially\n crafted request, an authenticated attacker could execute\n arbitrary script code within the browser / server trust\n relationship. This affects version 3.9.1.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://wordpress.org/news/2014/08/wordpress-3-9-2/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://codex.wordpress.org/Version_3.9.2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/oss-sec/2014/q3/301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://core.trac.wordpress.org/changeset/29405/branches/3.9\");\n script_set_attribute(attribute:\"see_also\", value:\"https://core.trac.wordpress.org/changeset/29389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://core.trac.wordpress.org/changeset/29390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://core.trac.wordpress.org/changeset/29384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://core.trac.wordpress.org/changeset/29408\");\n script_set_attribute(attribute:\"see_also\", value:\"https://core.trac.wordpress.org/changeset/29398\");\n\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to WordPress 3.7.4 / 3.8.4 / 3.9.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/12\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wordpress:wordpress\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wordpress_detect.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/WordPress\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\napp = \"WordPress\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:80, php:TRUE);\n\ninstall = get_single_install(\n app_name : app,\n port : port,\n exit_if_unknown_ver : TRUE\n);\n\ndir = install['path'];\nversion = install['version'];\ninstall_url = build_url(port:port, qs:dir);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nver = split(version, sep:\".\", keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n# Versions 1.5 < 3.7.4 / 3.8.4 / 3.9.2 are vulnerable\nif (\n (ver[0] == 1 && ver[1] >= 5) ||\n (ver[0] == 2) ||\n (ver[0] == 3 && ver[1] <= 6) ||\n (ver[0] == 3 && ver[1] == 7 && ver[2] < 4) ||\n (ver[0] == 3 && ver[1] == 8 && ver[2] < 4) ||\n (ver[0] == 3 && ver[1] == 9 && ver[2] < 2)\n)\n{\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' +install_url+\n '\\n Installed version : ' +version+\n '\\n Fixed version : 3.7.4 / 3.8.4 / 3.9.2\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, version);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-09-01T23:53:40", "references": ["http://www.debian.org/security/2014/dsa-2999.html"], "pluginID": "1361412562310702999", "description": "A denial of service vulnerability was discovered in Drupal, a\nfully-featured content management framework. A remote attacker could\nexploit this flaw to cause CPU and memory exhaustion and the site's\ndatabase to reach the maximum number of open connections, leading to the\nsite becoming unavailable or unresponsive. More information can be found\nat https://www.drupal.org/SA-CORE-2014-004 \n.", "edition": 3, "reporter": "Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net", "published": "2014-08-09T00:00:00", "title": "Debian Security Advisory DSA 2999-1 (drupal7 - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5267", "CVE-2014-5265", "CVE-2014-5266"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310702999", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702999", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2999.nasl 9354 2018-04-06 07:15:32Z cfischer $\n# Auto-generated from advisory DSA 2999-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"drupal7 on Debian Linux\";\ntag_insight = \"Drupal is a dynamic web site platform which allows an individual or\ncommunity of users to publish, manage and organize a variety of\ncontent, Drupal integrates many popular features of content\nmanagement systems, weblogs, collaborative tools and discussion-based\ncommunity software into one easy-to-use package.\";\ntag_solution = \"For the stable distribution (wheezy), this problem has been fixed in\nversion 7.14-2+deb7u6.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 7.31-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.31-1.\n\nWe recommend that you upgrade your drupal7 packages.\";\ntag_summary = \"A denial of service vulnerability was discovered in Drupal, a\nfully-featured content management framework. A remote attacker could\nexploit this flaw to cause CPU and memory exhaustion and the site's\ndatabase to reach the maximum number of open connections, leading to the\nsite becoming unavailable or unresponsive. More information can be found\nat https://www.drupal.org/SA-CORE-2014-004 \n.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702999\");\n script_version(\"$Revision: 9354 $\");\n script_cve_id(\"CVE-2014-5265\", \"CVE-2014-5266\", \"CVE-2014-5267\");\n script_name(\"Debian Security Advisory DSA 2999-1 (drupal7 - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-04-06 09:15:32 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value:\"2014-08-09 00:00:00 +0200 (Sat, 09 Aug 2014)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2999.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.14-2+deb7u6\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.14-2+deb7u6\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.14-2+deb7u6\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.14-2+deb7u6\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-02-28T15:25:29", "references": ["http://www.debian.org/security/2014/dsa-2999.html"], "pluginID": "702999", "description": "A denial of service vulnerability was discovered in Drupal, a\nfully-featured content management framework. A remote attacker could\nexploit this flaw to cause CPU and memory exhaustion and the site's\ndatabase to reach the maximum number of open connections, leading to the\nsite becoming unavailable or unresponsive. More information can be found\nat https://www.drupal.org/SA-CORE-2014-004 \n.", "edition": 4, "reporter": "Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net", "published": "2014-08-09T00:00:00", "title": "Debian Security Advisory DSA 2999-1 (drupal7 - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5267", "CVE-2014-5265", "CVE-2014-5266"], "modified": "2018-02-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=702999", "id": "OPENVAS:702999", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2999.nasl 8972 2018-02-28 07:02:10Z cfischer $\n# Auto-generated from advisory DSA 2999-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"drupal7 on Debian Linux\";\ntag_insight = \"Drupal is a dynamic web site platform which allows an individual or\ncommunity of users to publish, manage and organize a variety of\ncontent, Drupal integrates many popular features of content\nmanagement systems, weblogs, collaborative tools and discussion-based\ncommunity software into one easy-to-use package.\";\ntag_solution = \"For the stable distribution (wheezy), this problem has been fixed in\nversion 7.14-2+deb7u6.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 7.31-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.31-1.\n\nWe recommend that you upgrade your drupal7 packages.\";\ntag_summary = \"A denial of service vulnerability was discovered in Drupal, a\nfully-featured content management framework. A remote attacker could\nexploit this flaw to cause CPU and memory exhaustion and the site's\ndatabase to reach the maximum number of open connections, leading to the\nsite becoming unavailable or unresponsive. More information can be found\nat https://www.drupal.org/SA-CORE-2014-004 \n.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702999);\n script_version(\"$Revision: 8972 $\");\n script_cve_id(\"CVE-2014-5265\", \"CVE-2014-5266\", \"CVE-2014-5267\");\n script_name(\"Debian Security Advisory DSA 2999-1 (drupal7 - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-02-28 08:02:10 +0100 (Wed, 28 Feb 2018) $\");\n script_tag(name: \"creation_date\", value:\"2014-08-09 00:00:00 +0200 (Sat, 09 Aug 2014)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2999.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.14-2+deb7u6\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.14-2+deb7u6\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.14-2+deb7u6\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.14-2+deb7u6\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:51", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136875.html", "2014-9277"], "pluginID": "1361412562310868109", "description": "Check for the Version of drupal7", "edition": 5, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-08-22T00:00:00", "title": "Fedora Update for drupal7 FEDORA-2014-9277", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5267", "CVE-2014-5265", "CVE-2014-5266"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310868109", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868109", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2014-9277\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868109\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-22 05:56:40 +0200 (Fri, 22 Aug 2014)\");\n script_cve_id(\"CVE-2014-5265\", \"CVE-2014-5266\", \"CVE-2014-5267\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for drupal7 FEDORA-2014-9277\");\n\n tag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\n\";\n\n tag_affected = \"drupal7 on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-9277\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136875.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.31~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:55:08", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136894.html", "2014-9278"], "pluginID": "1361412562310868110", "description": "Check for the Version of drupal7", "edition": 5, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-08-22T00:00:00", "title": "Fedora Update for drupal7 FEDORA-2014-9278", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5267", "CVE-2014-5265", "CVE-2014-5266"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310868110", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868110", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2014-9278\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868110\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-22 05:56:42 +0200 (Fri, 22 Aug 2014)\");\n script_cve_id(\"CVE-2014-5265\", \"CVE-2014-5266\", \"CVE-2014-5267\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for drupal7 FEDORA-2014-9278\");\n\n tag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\n\";\n\n tag_affected = \"drupal7 on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-9278\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136894.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.31~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:26", "references": ["2014-9281", "https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138698.html"], "pluginID": "1361412562310868210", "description": "Check for the Version of drupal6", "edition": 5, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-10-01T00:00:00", "title": "Fedora Update for drupal6 FEDORA-2014-9281", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5267", "CVE-2014-5265", "CVE-2014-5266"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310868210", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868210", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal6 FEDORA-2014-9281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868210\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:59:05 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5265\", \"CVE-2014-5266\", \"CVE-2014-5267\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for drupal6 FEDORA-2014-9281\");\n script_tag(name: \"insight\", value: \"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\n\");\n script_tag(name: \"affected\", value: \"drupal6 on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name: \"FEDORA\", value: \"2014-9281\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138698.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of drupal6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal6\", rpm:\"drupal6~6.33~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-02-28T15:24:45", "references": ["http://www.debian.org/security/2014/dsa-3001.html"], "pluginID": "703001", "description": "Multiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information disclosure.\nMore information can be found in the upstream advisory at\nhttps://wordpress.org/news/2014/08/wordpress-3-9-2/ \n.", "edition": 4, "reporter": "Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net", "published": "2014-08-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Debian Security Advisory DSA 3001-1 (wordpress - security update)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-2053", "CVE-2014-5204", "CVE-2014-5205", "CVE-2014-5265", "CVE-2014-5266", "CVE-2014-5240"], "modified": "2018-02-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703001", "id": "OPENVAS:703001", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3001.nasl 8972 2018-02-28 07:02:10Z cfischer $\n# Auto-generated from advisory DSA 3001-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"wordpress on Debian Linux\";\ntag_insight = \"WordPress is a full featured web blogging tool:\n\n* Instant publishing (no rebuilding)\n* Comment pingback support with spam protection\n* Non-crufty URLs\n* Themable\n* Plugin support\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 3.6.1+dfsg-1~deb7u4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.9.2+dfsg-1.\n\nWe recommend that you upgrade your wordpress packages.\";\ntag_summary = \"Multiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information disclosure.\nMore information can be found in the upstream advisory at\nhttps://wordpress.org/news/2014/08/wordpress-3-9-2/ \n.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(703001);\n script_version(\"$Revision: 8972 $\");\n script_cve_id(\"CVE-2014-2053\", \"CVE-2014-5204\", \"CVE-2014-5205\", \"CVE-2014-5240\", \"CVE-2014-5265\", \"CVE-2014-5266\");\n script_name(\"Debian Security Advisory DSA 3001-1 (wordpress - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-02-28 08:02:10 +0100 (Wed, 28 Feb 2018) $\");\n script_tag(name: \"creation_date\", value:\"2014-08-09 00:00:00 +0200 (Sat, 09 Aug 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3001.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:55", "references": ["http://www.debian.org/security/2014/dsa-3001.html"], "pluginID": "1361412562310703001", "description": "Multiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information disclosure.\nMore information can be found in the upstream advisory at\nhttps://wordpress.org/news/2014/08/wordpress-3-9-2/ \n.", "edition": 3, "reporter": "Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net", "published": "2014-08-09T00:00:00", "title": "Debian Security Advisory DSA 3001-1 (wordpress - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-2053", "CVE-2014-5204", "CVE-2014-5205", "CVE-2014-5265", "CVE-2014-5266", "CVE-2014-5240"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310703001", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703001", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3001.nasl 9354 2018-04-06 07:15:32Z cfischer $\n# Auto-generated from advisory DSA 3001-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"wordpress on Debian Linux\";\ntag_insight = \"WordPress is a full featured web blogging tool:\n\n* Instant publishing (no rebuilding)\n* Comment pingback support with spam protection\n* Non-crufty URLs\n* Themable\n* Plugin support\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 3.6.1+dfsg-1~deb7u4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.9.2+dfsg-1.\n\nWe recommend that you upgrade your wordpress packages.\";\ntag_summary = \"Multiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information disclosure.\nMore information can be found in the upstream advisory at\nhttps://wordpress.org/news/2014/08/wordpress-3-9-2/ \n.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703001\");\n script_version(\"$Revision: 9354 $\");\n script_cve_id(\"CVE-2014-2053\", \"CVE-2014-5204\", \"CVE-2014-5205\", \"CVE-2014-5240\", \"CVE-2014-5265\", \"CVE-2014-5266\");\n script_name(\"Debian Security Advisory DSA 3001-1 (wordpress - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-04-06 09:15:32 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value:\"2014-08-09 00:00:00 +0200 (Sat, 09 Aug 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3001.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.6.1+dfsg-1~deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:35", "references": ["2014-9264", "https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136891.html"], "pluginID": "1361412562310868108", "description": "Check for the Version of wordpress", "edition": 5, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-08-22T00:00:00", "title": "Fedora Update for wordpress FEDORA-2014-9264", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5203", "CVE-2014-5204", "CVE-2014-5205", "CVE-2014-5265", "CVE-2014-5266", "CVE-2014-0166", "CVE-2014-5240", "CVE-2014-0165"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310868108", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868108", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2014-9264\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868108\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-22 05:56:27 +0200 (Fri, 22 Aug 2014)\");\n script_cve_id(\"CVE-2014-0165\", \"CVE-2014-0166\", \"CVE-2014-5265\", \"CVE-2014-5266\",\n \"CVE-2014-5203\", \"CVE-2014-5204\", \"CVE-2014-5205\", \"CVE-2014-5240\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for wordpress FEDORA-2014-9264\");\n\n tag_insight = \"Wordpress is an online publishing / weblog package that makes it very easy,\nalmost trivial, to get information out to people on the web.\n\nImportant information in /usr/share/doc/wordpress/README.fedora\n\";\n\n tag_affected = \"wordpress on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-9264\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136891.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of wordpress\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~3.9.2~3.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:09", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136942.html", "2014-9270"], "pluginID": "1361412562310868115", "description": "Check for the Version of wordpress", "edition": 5, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-08-23T00:00:00", "title": "Fedora Update for wordpress FEDORA-2014-9270", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2173", "CVE-2014-5203", "CVE-2014-5204", "CVE-2013-4339", "CVE-2013-2201", "CVE-2013-2199", "CVE-2014-5205", "CVE-2013-4340", "CVE-2013-2203", "CVE-2014-5265", "CVE-2014-5266", "CVE-2014-0166", "CVE-2014-5240", "CVE-2013-2202", "CVE-2013-4338", "CVE-2013-2200", "CVE-2014-0165", "CVE-2013-2204"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310868115", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868115", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2014-9270\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868115\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-23 05:55:04 +0200 (Sat, 23 Aug 2014)\");\n script_cve_id(\"CVE-2014-0165\", \"CVE-2014-0166\", \"CVE-2013-4338\", \"CVE-2013-4339\",\n \"CVE-2013-4340\", \"CVE-2013-2173\", \"CVE-2013-2199\", \"CVE-2013-2200\",\n \"CVE-2013-2201\", \"CVE-2013-2202\", \"CVE-2013-2203\", \"CVE-2013-2204\",\n \"CVE-2014-5265\", \"CVE-2014-5266\", \"CVE-2014-5203\", \"CVE-2014-5204\",\n \"CVE-2014-5205\", \"CVE-2014-5240\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for wordpress FEDORA-2014-9270\");\n\n tag_insight = \"Wordpress is an online publishing / weblog package that makes it very easy,\nalmost trivial, to get information out to people on the web.\n\nImportant information in /usr/share/doc/wordpress-3.9.2/README.fedora\n\";\n\n tag_affected = \"wordpress on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-9270\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136942.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of wordpress\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~3.9.2~3.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "drupal": [{"lastseen": "2018-06-14T20:24:15", "_object_types": ["robots.models.drupal.DrupalBulletin", "robots.models.base.Bulletin"], "references": ["https://www.drupal.org/user/27985", "http://drupal.org/writing-secure-code", "http://drupal.org/contact", "http://drupal.org/security/secure-configuration", "https://www.drupal.org/user/52142", "http://openwall.com/lists/oss-security/2014/08/16/4", "https://www.drupal.org/user/22211", "https://www.drupal.org/user/124982", "https://www.drupal.org/user/53892", "http://profiles.wordpress.org/mdawaffe", "http://drupal.org/drupal-6.33-release-notes", "http://profiles.wordpress.org/nacin", "http://drupal.org/project/drupal", "http://drupal.org/drupal-7.31-release-notes", "https://www.drupal.org/user/1867894", "http://drupal.org/security-team/risk-levels", "http://wordpress.org", "https://www.drupal.org/u/greggles", "https://wordpress.org/news/2014/08/wordpress-3-9-2/", "http://drupal.org/security-team", "https://www.drupal.org/user/2891345"], "description": "Drupal 6 and Drupal 7 include an XML-RPC endpoint which is publicly available (xmlrpc.php). The PHP XML parser used by this XML-RPC endpoint is vulnerable to an XML entity expansion attack and other related XML payload attacks which can cause CPU and memory exhaustion and the site's database to reach the maximum number of open connections. Any of these may lead to the site becoming unavailable or unresponsive (denial of service).\n\nAll Drupal sites are vulnerable to this attack whether XML-RPC is used or not.\n\nIn addition, a similar vulnerability exists in the core OpenID module (for sites that have this module enabled).\n\nThis is a joint release as the XML-RPC vulnerability also affects WordPress (see the [announcement](<https://wordpress.org/news/2014/08/wordpress-3-9-2/>)).\n\n## CVE identifier(s) issued\n\n * _CVE-2014-5265_ [has been issued](<http://openwall.com/lists/oss-security/2014/08/16/4>) for the code changes in xmlrpc.inc which prevent entity declarations and therefore address the \"vulnerable to an XML entity expansion attack ... can cause CPU and memory exhaustion\" concern.\n * _CVE-2014-5266_ [has been issued](<http://openwall.com/lists/oss-security/2014/08/16/4>) for the \"Skip parsing if there is an unreasonably large number of tags\" in both xmlrpc.inc and xrds.inc.\n * _CVE-2014-5267_ [has been issued](<http://openwall.com/lists/oss-security/2014/08/16/4>) for the code change to reject any XRDS document with a /<!DOCTYPE/i match.\n\n## Versions affected\n\n * Drupal core 7.x versions prior to 7.31.\n * Drupal core 6.x versions prior to 6.33.\n\n## Solution\n\nInstall the latest version:\n\n * If you use Drupal 7.x, upgrade to [Drupal core 7.31](<http://drupal.org/drupal-7.31-release-notes>).\n * If you use Drupal 6.x, upgrade to [Drupal core 6.33](<http://drupal.org/drupal-6.33-release-notes>).\n\nIf you are unable to install the latest version of Drupal immediately, you can alternatively remove the xmlrpc.php file from the root of Drupal core (or add a rule to .htaccess to prevent access to xmlrpc.php) and disable the OpenID module. These steps are sufficient to mitigate the vulnerability in Drupal core if your site does not require the use of XML-RPC or OpenID functionality. However, this mitigation will not be effective if you are using a contributed module that exposes Drupal's XML-RPC API at a different URL (for example, the Services module); updating Drupal core is therefore strongly recommended.\n\nAlso see the [Drupal core](<http://drupal.org/project/drupal>) project page.\n\n## Reported by\n\n * [Willis Vandevanter](<https://www.drupal.org/user/1867894>)\n * [Nir Goldshlager](<https://www.drupal.org/user/2891345>)\n\n## Fixed by\n\n * [Andrew Nacin](<http://profiles.wordpress.org/nacin>) of the WordPress Security Team\n * [Michael Adams](<http://profiles.wordpress.org/mdawaffe>) of the WordPress Security Team\n * [Fr\u00e9d\u00e9ric Marand](<https://www.drupal.org/user/27985>)\n * [David Rothstein](<https://www.drupal.org/user/124982>) of the Drupal Security Team\n * [Damien Tournoud](<https://www.drupal.org/user/22211>) of the Drupal Security Team\n * [Greg Knaddison](<https://www.drupal.org/u/greggles>) of the Drupal Security Team\n * [St\u00e9phane Corlosquet](<https://www.drupal.org/user/52142>) of the Drupal Security Team\n * [Dave Reid](<https://www.drupal.org/user/53892>) of the Drupal Security Team\n\n## Coordinated by\n\n * The [Drupal Security Team](<http://drupal.org/security-team>) and the [WordPress](<http://wordpress.org>) Security Team\n", "reporter": "Drupal Security Team", "published": "2014-08-06T00:00:00", "type": "drupal", "title": "SA-CORE-2014-004 - Drupal core - Denial of service\n", "enchantments": {"score": {"modified": "2018-06-14T20:24:15", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Drupal", "version": "7.31", "operator": "lt"}, {"name": "Drupal", "version": "6.33", "operator": "lt"}], "cvelist": ["CVE-2014-5265", "CVE-2014-5266", "CVE-2014-5267"], "_object_type": "robots.models.drupal.DrupalBulletin", "modified": "2014-08-06T00:00:00", "id": "DRUPAL-SA-CORE-2014-004", "href": "https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2014-08-06/sa-core-2014-004-drupal-core-denial", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:14:11", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "6", "packageVersion": "3.6.1+dfsg-1~deb6u5", "arch": "all", "packageFilename": "wordpress_3.6.1+dfsg-1~deb6u5_all.deb", "packageName": "wordpress", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "3.6.1+dfsg-1~deb6u5", "arch": "all", "packageFilename": "wordpress-l10n_3.6.1+dfsg-1~deb6u5_all.deb", "packageName": "wordpress-l10n", "operator": "lt"}], "description": "Package : wordpress\nVersion : 3.6.1+dfsg-1~deb6u5\nCVE ID : CVE-2014-2053 CVE-2014-5204 CVE-2014-5205 CVE-2014-5240 \n CVE-2014-5265 CVE-2014-5266\n\nMultiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information disclosure.\n\nMore information can be found in the upstream advisory at\nhttps://wordpress.org/news/2014/08/wordpress-3-9-2/\n", "edition": 1, "reporter": "Debian", "published": "2014-09-17T12:05:46", "title": "[SECURITY] [DLA 56-1] wordpress security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:11", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-2053", "CVE-2014-5204", "CVE-2014-5205", "CVE-2014-5265", "CVE-2014-5266", "CVE-2014-5240"], "modified": "2014-09-17T12:05:46", "id": "DEBIAN:DLA-56-1:0CE5A", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201409/msg00013.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
