DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2015-3415", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2015-3415", "description": "The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.", "published": "2015-04-24T17:59:00", "modified": "2022-08-16T13:33:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3415", "reporter": "cve@mitre.org", "references": ["https://www.sqlite.org/src/info/02e3c88fbf6abdcf3975fb0fb71972b0ab30da30", "http://seclists.org/fulldisclosure/2015/Apr/31", "http://www.debian.org/security/2015/dsa-3252", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:217", "http://www.ubuntu.com/usn/USN-2698-1", "https://support.apple.com/HT205267", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html", "https://support.apple.com/HT205213", "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "http://www.securitytracker.com/id/1033703", "https://security.gentoo.org/glsa/201507-05", "http://rhn.redhat.com/errata/RHSA-2015-1635.html", "http://www.securityfocus.com/bid/74228", "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"], "cvelist": ["CVE-2015-3415"], "immutableFields": [], "lastseen": "2022-08-16T17:31:28", "viewCount": 130, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2015-561", "ALAS-2015-562", "ALAS-2015-563", "ALAS-2015-591"]}, {"type": "apple", "idList": ["APPLE:198F1AB81F91F2CEB090B4B4D49C57AD", "APPLE:9A0B3B0DFCDD94CAF1819BEC271E3754", "APPLE:HT207598", "APPLE:HT207599"]}, {"type": "centos", "idList": ["CESA-2015:1635"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3252-1:580AD"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-3415"]}, {"type": "f5", "idList": ["F5:K37236006", "SOL37236006"]}, {"type": "freebsd", "idList": ["DEC3164F-3121-45EF-AF18-BB113AC5082F"]}, {"type": "gentoo", "idList": ["GLSA-201507-05"]}, {"type": "kaspersky", "idList": ["KLA10565"]}, {"type": "mageia", "idList": ["MGASA-2015-0234"]}, {"type": "nessus", "idList": ["8787.PRM", "8979.PRM", "8982.PRM", "ALA_ALAS-2015-561.NASL", "ALA_ALAS-2015-562.NASL", "ALA_ALAS-2015-563.NASL", "ALA_ALAS-2015-591.NASL", "CENTOS_RHSA-2015-1635.NASL", "DEBIAN_DSA-3252.NASL", "EULEROS_SA-2019-1425.NASL", "FREEBSD_PKG_DEC3164F312145EFAF18BB113AC5082F.NASL", "GENTOO_GLSA-201507-05.NASL", "ITUNES_12_6.NASL", "ITUNES_12_6_BANNER.NASL", "MACOSX_10_11.NASL", "MACOS_ITUNES_12_6.NASL", "MANDRIVA_MDVSA-2015-217.NASL", "OPENSUSE-2021-1058.NASL", "OPENSUSE-2021-2320.NASL", "ORACLELINUX_ELSA-2015-1635.NASL", "PFSENSE_SA-15_06.NASL", "PHP_5_4_42.NASL", "PHP_5_5_26.NASL", "PHP_5_6_10.NASL", "REDHAT-RHSA-2015-1635.NASL", "SLACKWARE_SSA_2015-198-02.NASL", "SL_20150817_SQLITE_ON_SL7_X.NASL", "SUSE_SU-2021-2320-1.NASL", "SUSE_SU-2021-3215-1.NASL", "UBUNTU_USN-2698-1.NASL", "WEB_APPLICATION_SCANNING_98802"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120091", "OPENVAS:1361412562310120105", "OPENVAS:1361412562310120107", "OPENVAS:1361412562310120108", "OPENVAS:1361412562310121386", "OPENVAS:1361412562310123027", "OPENVAS:1361412562310703252", "OPENVAS:1361412562310810724", "OPENVAS:1361412562310810725", "OPENVAS:1361412562310842395", "OPENVAS:1361412562310871431", "OPENVAS:1361412562310882248", "OPENVAS:1361412562311220191425", "OPENVAS:703252"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-000002"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2018", "ORACLE:CPUJUL2018-4258247"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1635"]}, {"type": "osv", "idList": ["OSV:DSA-3252-1"]}, {"type": "redhat", "idList": ["RHSA-2015:1635"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31989", "SECURITYVULNS:DOC:32522", "SECURITYVULNS:VULN:14389", "SECURITYVULNS:VULN:14702"]}, {"type": "slackware", "idList": ["SSA-2015-198-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:1058-1", "OPENSUSE-SU-2021:2320-1"]}, {"type": "ubuntu", "idList": ["USN-2698-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-3415", "UB:CVE-2015-6607"]}]}, "score": {"value": 6.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2015-561"]}, {"type": "apple", "idList": ["APPLE:9A0B3B0DFCDD94CAF1819BEC271E3754"]}, {"type": "centos", "idList": ["CESA-2015:1635"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3252-1:580AD"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-3415"]}, {"type": "f5", "idList": ["F5:K37236006"]}, {"type": "freebsd", "idList": ["DEC3164F-3121-45EF-AF18-BB113AC5082F"]}, {"type": "kaspersky", "idList": ["KLA10565"]}, {"type": "nessus", "idList": ["ALA_ALAS-2015-591.NASL", "EULEROS_SA-2019-1425.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121386"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-000002"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2018-4258247"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31989"]}, {"type": "slackware", "idList": ["SSA-2015-198-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:1058-1", "OPENSUSE-SU-2021:2320-1"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "apple watchos", "version": 1}, {"name": "apple mac os x", "version": 10}, {"name": "debian debian linux", "version": 8}, {"name": "canonical ubuntu linux", "version": 12}, {"name": "canonical ubuntu linux", "version": 14}, {"name": "canonical ubuntu linux", "version": 15}, {"name": "sqlite", "version": 3}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}]}, "vulnersScore": 6.0}, "_state": {"dependencies": 1660671123, "score": 1660671121, "affected_software_major_version": 1671564763}, "_internal": {"dependencies_hash": "dfc830d47e5c2f5825c35da1f083afb3", "score_hash": "7eef3bb1863f4a48065612ce61092347"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:sqlite:sqlite:3.8.8.3", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:apple:watchos:1.0.1", "cpe:/o:apple:mac_os_x:10.10.5"], "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:sqlite:sqlite:3.8.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:apple:watchos:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"], "cwe": ["CWE-404"], "affectedSoftware": [{"cpeName": "apple:watchos", "version": "1.0.1", "operator": "eq", "name": "apple watchos"}, {"cpeName": "apple:mac_os_x", "version": "10.10.5", "operator": "eq", "name": "apple mac os x"}, {"cpeName": "debian:debian_linux", "version": "8.0", "operator": "eq", "name": "debian debian linux"}, {"cpeName": "canonical:ubuntu_linux", "version": "12.04", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "canonical:ubuntu_linux", "version": "14.04", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "canonical:ubuntu_linux", "version": "15.04", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "sqlite:sqlite", "version": "3.8.8.3", "operator": "le", "name": "sqlite"}, {"cpeName": "php:php", "version": "5.5.26", "operator": "lt", "name": "php"}, {"cpeName": "php:php", "version": "5.6.10", "operator": "lt", "name": "php"}, {"cpeName": "php:php", "version": "5.4.42", "operator": "lt", "name": "php"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:watchos:1.0.1:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.5:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sqlite:sqlite:3.8.8.3:*:*:*:*:*:*:*", "versionEndIncluding": "3.8.8.3", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:*", "versionStartIncluding": "5.5.0", "versionEndExcluding": "5.5.26", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*", "versionStartIncluding": "5.6.0", "versionEndExcluding": "5.6.10", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.4.42:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.0", "versionEndExcluding": "5.4.42", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://www.sqlite.org/src/info/02e3c88fbf6abdcf3975fb0fb71972b0ab30da30", "name": "https://www.sqlite.org/src/info/02e3c88fbf6abdcf3975fb0fb71972b0ab30da30", "refsource": "CONFIRM", "tags": ["Vendor Advisory"]}, {"url": "http://seclists.org/fulldisclosure/2015/Apr/31", "name": "20150414 several issues in SQLite (+ catching up on several other bugs)", "refsource": "FULLDISC", "tags": ["Mailing List", "Third Party Advisory", "VDB Entry"]}, {"url": "http://www.debian.org/security/2015/dsa-3252", "name": "DSA-3252", "refsource": "DEBIAN", "tags": ["Third Party Advisory"]}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:217", "name": "MDVSA-2015:217", "refsource": "MANDRIVA", "tags": ["Broken Link"]}, {"url": "http://www.ubuntu.com/usn/USN-2698-1", "name": "USN-2698-1", "refsource": "UBUNTU", "tags": ["Third Party Advisory"]}, {"url": "https://support.apple.com/HT205267", "name": "https://support.apple.com/HT205267", "refsource": "CONFIRM", "tags": ["Third Party Advisory"]}, {"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "name": "APPLE-SA-2015-09-30-3", "refsource": "APPLE", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html", "name": "APPLE-SA-2015-09-21-1", "refsource": "APPLE", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "https://support.apple.com/HT205213", "name": "https://support.apple.com/HT205213", "refsource": "CONFIRM", "tags": ["Third Party Advisory"]}, {"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "refsource": "CONFIRM", "tags": ["Third Party Advisory"]}, {"url": "http://www.securitytracker.com/id/1033703", "name": "1033703", "refsource": "SECTRACK", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://security.gentoo.org/glsa/201507-05", "name": "GLSA-201507-05", "refsource": "GENTOO", "tags": ["Third Party Advisory"]}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1635.html", "name": "RHSA-2015:1635", "refsource": "REDHAT", "tags": ["Third Party Advisory"]}, {"url": "http://www.securityfocus.com/bid/74228", "name": "74228", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "tags": ["Patch", "Third Party Advisory"]}]}

{"ubuntucve": [{"lastseen": "2022-08-04T14:16:47", "description": "The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not\nproperly implement comparison operators, which allows context-dependent\nattackers to cause a denial of service (invalid free operation) or possibly\nhave unspecified other impact via a crafted CHECK clause, as demonstrated\nby CHECK(0&O>O) in a CREATE TABLE statement.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783968>\n", "cvss3": {}, "published": "2015-04-24T00:00:00", "type": "ubuntucve", "title": "CVE-2015-3415", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3415"], "modified": "2015-04-24T00:00:00", "id": "UB:CVE-2015-3415", "href": "https://ubuntu.com/security/CVE-2015-3415", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:15:01", "description": "SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows\nattackers to gain privileges via a crafted application, aka internal bug\n20099586.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | all of CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, upgrade to sqlite 3.8.9 in android\n", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "ubuntucve", "title": "CVE-2015-6607", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-6607"], "modified": "2015-10-06T00:00:00", "id": "UB:CVE-2015-6607", "href": "https://ubuntu.com/security/CVE-2015-6607", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-01-06T06:09:40", "description": "The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.", "cvss3": {}, "published": "2015-04-24T17:59:00", "type": "debiancve", "title": "CVE-2015-3415", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3415"], "modified": "2015-04-24T17:59:00", "id": "DEBIANCVE:CVE-2015-3415", "href": "https://security-tracker.debian.org/tracker/CVE-2015-3415", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "f5": [{"lastseen": "2021-06-08T18:45:13", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should only permit management access to F5 products over a secure network, and limit shell access to trusted users.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "cvss3": {}, "published": "2016-06-07T00:00:00", "type": "f5", "title": "SOL37236006 - SQLite vulnerabilities CVE-2015-3414 and CVE-2015-3415", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3415", "CVE-2015-3414"], "modified": "2016-06-07T00:00:00", "id": "SOL37236006", "href": "http://support.f5.com/kb/en-us/solutions/public/k/37/sol37236006.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:24", "description": "\nF5 Product Development has assigned IDs 530250 and 530251 (BIG-IP), ID 530268 (BIG-IQ), ID 530269 (Enterprise Manager), ID 528737 (ARX), and INSTALLER-1609 (Traffix SDC) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nARX| 6.2.0 - 6.4.0*| None| Low| SQLite Strings \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| 4.0.0 - 4.4.0* \n3.3.2 - 3.5.1*| None| Low| SQLite library \n \n* Although the software of the affected F5 products contain the vulnerable code, the affected F5 products do not use the vulnerable code in a way which exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products to trigger an exploit.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability, you should only permit management access to F5 products over a secure network, and limit shell access to trusted users.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "cvss3": {}, "published": "2016-06-07T21:49:00", "type": "f5", "title": "SQLite vulnerabilities CVE-2015-3414 and CVE-2015-3415", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3415", "CVE-2015-3414"], "modified": "2017-03-14T19:55:00", "id": "F5:K37236006", "href": "https://support.f5.com/csp/article/K37236006", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:32", "description": "\n\nNVD reports:\n\nSQLite before 3.8.9 does not properly implement the\n\t dequoting of collation-sequence names, which allows\n\t context-dependent attackers to cause a denial of service\n\t (uninitialized memory access and application crash) or\n\t possibly have unspecified other impact via a crafted\n\t COLLATE clause, as demonstrated by COLLATE\"\"\"\"\"\"\"\" at the\n\t end of a SELECT statement.\n\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before\n\t 3.8.9 does not properly implement comparison operators,\n\t which allows context-dependent attackers to cause a denial\n\t of service (invalid free operation) or possibly have\n\t unspecified other impact via a crafted CHECK clause, as\n\t demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.\n\t \n\n\nThe sqlite3VXPrintf function in printf.c in SQLite before\n\t 3.8.9 does not properly handle precision and width values\n\t during floating-point conversions, which allows\n\t context-dependent attackers to cause a denial of service\n\t (integer overflow and stack-based buffer overflow) or\n\t possibly have unspecified other impact via large integers\n\t in a crafted printf function call in a SELECT statement.\n\n\n", "cvss3": {}, "published": "2015-04-14T00:00:00", "type": "freebsd", "title": "sqlite -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-05-08T00:00:00", "id": "DEC3164F-3121-45EF-AF18-BB113AC5082F", "href": "https://vuxml.freebsd.org/freebsd/dec3164f-3121-45ef-af18-bb113ac5082f.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:08", "description": "Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2015-05-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3252-1 (sqlite3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703252", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703252", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3252.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3252-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703252\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_name(\"Debian Security Advisory DSA 3252-1 (sqlite3 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-05-06 00:00:00 +0200 (Wed, 06 May 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3252.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"sqlite3 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these problems have been fixed in\nversion 3.8.7.1-1+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 3.8.9-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.8.9-1.\n\nWe recommend that you upgrade your sqlite3 packages.\");\n script_tag(name:\"summary\", value:\"Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"lemon\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-0-dbg\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-dev\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-tcl\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"sqlite3-doc\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lemon\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-0-dbg\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-dev\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-tcl\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"sqlite3-doc\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:53:07", "description": "Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2015-05-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3252-1 (sqlite3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703252", "href": "http://plugins.openvas.org/nasl.php?oid=703252", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3252.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3252-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703252);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_name(\"Debian Security Advisory DSA 3252-1 (sqlite3 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-05-06 00:00:00 +0200 (Wed, 06 May 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3252.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"sqlite3 on Debian Linux\");\n script_tag(name: \"insight\", value: \"SQLite is a C library that implements an SQL database engine.\nPrograms that link with the SQLite library can have SQL database\naccess without running a separate RDBMS process.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 3.8.7.1-1+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 3.8.9-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.8.9-1.\n\nWe recommend that you upgrade your sqlite3 packages.\");\n script_tag(name: \"summary\", value: \"Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"lemon\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-0-dbg\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-dev\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-tcl\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sqlite3-doc\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lemon\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-0-dbg\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-dev\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-tcl\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sqlite3-doc\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:36", "description": "Oracle Linux Local Security Checks ELSA-2015-1635", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1635", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123027", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123027", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1635.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123027\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 09:46:49 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1635\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1635 - sqlite security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1635\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1635.html\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.17~6.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite-doc\", rpm:\"sqlite-doc~3.7.17~6.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite-tcl\", rpm:\"sqlite-tcl~3.7.17~6.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:03", "description": "Check the version of lemon", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "openvas", "title": "CentOS Update for lemon CESA-2015:1635 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882248", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882248", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for lemon CESA-2015:1635 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882248\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 06:49:45 +0200 (Tue, 18 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for lemon CESA-2015:1635 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of lemon\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"lemon on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1635\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-August/021337.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-doc\", rpm:\"sqlite-doc~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-tcl\", rpm:\"sqlite-tcl~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:58:54", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-591)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120091", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120091", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120091\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:11 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-591)\");\n script_tag(name:\"insight\", value:\"A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414 )It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415 )It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3416 )\");\n script_tag(name:\"solution\", value:\"Run yum update sqlite to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-591.html\");\n script_cve_id(\"CVE-2015-3415\", \"CVE-2015-3414\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-tcl\", rpm:\"sqlite-tcl~3.7.17~6.13.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.13.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.13.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.17~6.13.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-doc\", rpm:\"sqlite-doc~3.7.17~6.13.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:00", "description": "Gentoo Linux Local Security Checks GLSA 201507-05", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201507-05", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121386", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201507-05.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121386\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:53 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201507-05\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201507-05\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201507-05\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-db/sqlite\", unaffected: make_list(\"ge 3.8.9\"), vulnerable: make_list(\"lt 3.8.9\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "openvas", "title": "RedHat Update for sqlite RHSA-2015:1635-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871431", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871431", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for sqlite RHSA-2015:1635-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871431\");\n script_version(\"$Revision: 12497 $\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 06:48:59 +0200 (Tue, 18 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for sqlite RHSA-2015:1635-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"sqlite on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1635-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-August/msg00028.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.el7_1.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-debuginfo\", rpm:\"sqlite-debuginfo~3.7.17~6.el7_1.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.el7_1.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-31T00:00:00", "type": "openvas", "title": "Ubuntu Update for sqlite3 USN-2698-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414", "CVE-2013-7443"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842395", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842395", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for sqlite3 USN-2698-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842395\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-31 07:21:45 +0200 (Fri, 31 Jul 2015)\");\n script_cve_id(\"CVE-2013-7443\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for sqlite3 USN-2698-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that SQLite incorrectly handled skip-scan optimization.\nAn attacker could use this issue to cause applications using SQLite to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 14.04 LTS. (CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting of\ncollation-sequence names. An attacker could use this issue to cause\napplications using SQLite to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS\nand Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented comparison\noperators. An attacker could use this issue to cause applications using\nSQLite to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf precision\nand width values during floating-point conversions. An attacker could use\nthis issue to cause applications using SQLite to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2015-3416)\");\n script_tag(name:\"affected\", value:\"sqlite3 on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2698-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2698-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.2-1ubuntu2.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.7.9-2ubuntu1.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:37:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2019-1425)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2018-8740", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191425", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191425", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1425\");\n script_version(\"2020-01-23T11:44:52+0000\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\", \"CVE-2018-8740\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:44:52 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:44:52 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2019-1425)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1425\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1425\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'sqlite' package(s) announced via the EulerOS-SA-2019-1425 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3415)\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3414)\n\nA NULL pointer dereference vulnerability was found in SQLite. Loading a database whose schema was corrupted using a CREATE TABLE AS statement would result in a SQLite crash.(CVE-2018-8740)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3416)\");\n\n script_tag(name:\"affected\", value:\"'sqlite' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~8.h2.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~8.h2.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:58:47", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-561)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-4644", "CVE-2014-3416", "CVE-2015-4642", "CVE-2015-3416", "CVE-2015-3414", "CVE-2015-4643"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120105", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120105", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120105\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:32 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-561)\");\n script_tag(name:\"insight\", value:\"Upstream reports that six security-related issues in PHP were fixed in this release, as well as several security issues in bundled sqlite library (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416 ). All PHP 5.4 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.\");\n script_tag(name:\"solution\", value:\"Run yum update php54 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-561.html\");\n script_cve_id(\"CVE-2015-4644\", \"CVE-2015-3415\", \"CVE-2015-3414\", \"CVE-2015-4643\", \"CVE-2015-4642\", \"CVE-2014-3416\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php54-mssql\", rpm:\"php54-mssql~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-devel\", rpm:\"php54-devel~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-xml\", rpm:\"php54-xml~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-imap\", rpm:\"php54-imap~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-odbc\", rpm:\"php54-odbc~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-debuginfo\", rpm:\"php54-debuginfo~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pdo\", rpm:\"php54-pdo~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-snmp\", rpm:\"php54-snmp~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysql\", rpm:\"php54-mysql~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54\", rpm:\"php54~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-tidy\", rpm:\"php54-tidy~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-dba\", rpm:\"php54-dba~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pspell\", rpm:\"php54-pspell~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-ldap\", rpm:\"php54-ldap~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-xmlrpc\", rpm:\"php54-xmlrpc~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pgsql\", rpm:\"php54-pgsql~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-common\", rpm:\"php54-common~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-intl\", rpm:\"php54-intl~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-enchant\", rpm:\"php54-enchant~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysqlnd\", rpm:\"php54-mysqlnd~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-soap\", rpm:\"php54-soap~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-fpm\", rpm:\"php54-fpm~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-recode\", rpm:\"php54-recode~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mbstring\", rpm:\"php54-mbstring~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-process\", rpm:\"php54-process~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mcrypt\", rpm:\"php54-mcrypt~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-bcmath\", rpm:\"php54-bcmath~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-gd\", rpm:\"php54-gd~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-embedded\", rpm:\"php54-embedded~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-cli\", rpm:\"php54-cli~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T22:58:40", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-562)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-2325", "CVE-2015-4644", "CVE-2014-3416", "CVE-2015-4642", "CVE-2015-3416", "CVE-2015-3414", "CVE-2015-4643", "CVE-2015-2326"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120108", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120108", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120108\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:40 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-562)\");\n script_tag(name:\"insight\", value:\"Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326 ). All PHP 5.5 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.\");\n script_tag(name:\"solution\", value:\"Run yum update php55 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-562.html\");\n script_cve_id(\"CVE-2015-3415\", \"CVE-2015-3414\", \"CVE-2014-3416\", \"CVE-2015-4644\", \"CVE-2015-4643\", \"CVE-2015-4642\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php55-cli\", rpm:\"php55-cli~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-odbc\", rpm:\"php55-odbc~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-dba\", rpm:\"php55-dba~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55\", rpm:\"php55~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-bcmath\", rpm:\"php55-bcmath~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-common\", rpm:\"php55-common~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mysqlnd\", rpm:\"php55-mysqlnd~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xml\", rpm:\"php55-xml~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-recode\", rpm:\"php55-recode~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-intl\", rpm:\"php55-intl~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-devel\", rpm:\"php55-devel~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-opcache\", rpm:\"php55-opcache~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gd\", rpm:\"php55-gd~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gmp\", rpm:\"php55-gmp~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-soap\", rpm:\"php55-soap~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-ldap\", rpm:\"php55-ldap~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-imap\", rpm:\"php55-imap~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-debuginfo\", rpm:\"php55-debuginfo~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mbstring\", rpm:\"php55-mbstring~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xmlrpc\", rpm:\"php55-xmlrpc~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mcrypt\", rpm:\"php55-mcrypt~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mssql\", rpm:\"php55-mssql~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-embedded\", rpm:\"php55-embedded~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pdo\", rpm:\"php55-pdo~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-process\", rpm:\"php55-process~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pspell\", rpm:\"php55-pspell~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-enchant\", rpm:\"php55-enchant~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-fpm\", rpm:\"php55-fpm~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pgsql\", rpm:\"php55-pgsql~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-tidy\", rpm:\"php55-tidy~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-snmp\", rpm:\"php55-snmp~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T22:59:59", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-563)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-2325", "CVE-2015-4644", "CVE-2014-3416", "CVE-2015-4642", "CVE-2015-3416", "CVE-2015-3414", "CVE-2015-4643", "CVE-2015-2326"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120107", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120107", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120107\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:36 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-563)\");\n script_tag(name:\"insight\", value:\"Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326 ). All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.\");\n script_tag(name:\"solution\", value:\"Run yum update php56 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-563.html\");\n script_cve_id(\"CVE-2015-3415\", \"CVE-2015-3414\", \"CVE-2014-3416\", \"CVE-2015-4644\", \"CVE-2015-4643\", \"CVE-2015-4642\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php56-intl\", rpm:\"php56-intl~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-enchant\", rpm:\"php56-enchant~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-snmp\", rpm:\"php56-snmp~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-fpm\", rpm:\"php56-fpm~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pgsql\", rpm:\"php56-pgsql~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mssql\", rpm:\"php56-mssql~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-dba\", rpm:\"php56-dba~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-odbc\", rpm:\"php56-odbc~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mysqlnd\", rpm:\"php56-mysqlnd~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mbstring\", rpm:\"php56-mbstring~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56\", rpm:\"php56~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-tidy\", rpm:\"php56-tidy~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pdo\", rpm:\"php56-pdo~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-gd\", rpm:\"php56-gd~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pspell\", rpm:\"php56-pspell~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-recode\", rpm:\"php56-recode~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-opcache\", rpm:\"php56-opcache~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-embedded\", rpm:\"php56-embedded~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-dbg\", rpm:\"php56-dbg~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-gmp\", rpm:\"php56-gmp~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-debuginfo\", rpm:\"php56-debuginfo~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-common\", rpm:\"php56-common~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-ldap\", rpm:\"php56-ldap~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-bcmath\", rpm:\"php56-bcmath~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-soap\", rpm:\"php56-soap~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-devel\", rpm:\"php56-devel~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mcrypt\", rpm:\"php56-mcrypt~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-imap\", rpm:\"php56-imap~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-xml\", rpm:\"php56-xml~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-cli\", rpm:\"php56-cli~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-process\", rpm:\"php56-process~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-xmlrpc\", rpm:\"php56-xmlrpc~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-03T20:38:23", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-03-30T00:00:00", "type": "openvas", "title": "Apple iTunes Multiple Vulnerabilities-HT207598 (MAC OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310810725", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810725", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iTunes Multiple Vulnerabilities-HT207598 (MACOSX)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810725\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2009-3270\", \"CVE-2009-3560\", \"CVE-2009-3720\", \"CVE-2012-1147\",\n \"CVE-2012-1148\", \"CVE-2012-6702\", \"CVE-2013-7443\", \"CVE-2015-1283\",\n \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\", \"CVE-2015-3717\",\n \"CVE-2015-6607\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\",\n \"CVE-2016-6153\");\n script_bugtraq_id(74228);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-03-30 17:45:29 +0530 (Thu, 30 Mar 2017)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities-HT207598 (MAC OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to the multiple\n issues in SQLite and expat\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code, cause unexpected application termination\n and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.6 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.6.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT207598\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_itunes_detect_macosx.nasl\");\n script_mandatory_keys(\"Apple/iTunes/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"12.6\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"12.6\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-03T20:31:03", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-03-30T00:00:00", "type": "openvas", "title": "Apple iTunes Multiple Vulnerabilities-HT207599 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2479", "CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2017-2480", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2017-5029", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2017-2463", "CVE-2016-4472", "CVE-2013-7443", "CVE-2017-2383"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310810724", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810724", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iTunes Multiple Vulnerabilities-HT207599 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810724\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2009-3270\", \"CVE-2009-3560\", \"CVE-2009-3720\", \"CVE-2012-1147\",\n \"CVE-2012-1148\", \"CVE-2012-6702\", \"CVE-2013-7443\", \"CVE-2015-1283\",\n \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\", \"CVE-2015-3717\",\n \"CVE-2015-6607\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\",\n \"CVE-2016-6153\", \"CVE-2017-2383\", \"CVE-2017-2463\", \"CVE-2017-2479\",\n \"CVE-2017-2480\", \"CVE-2017-5029\");\n script_bugtraq_id(74228);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-03-30 17:37:29 +0530 (Thu, 30 Mar 2017)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities-HT207599 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - A client certificate was sent in plaintext. This issue was addressed\n through improved certificate handling.\n\n - The multiple issues existed in SQLite.\n\n - The multiple issues existed in expat.\n\n - The multiple memory corruption issues were addressed through\n improved memory handling.\n\n - The processing maliciously crafted web content may lead to arbitrary\n code execution.\n\n - The processing maliciously crafted web content may exfiltrate data\n cross-origin.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code, cause unexpected application termination\n and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.6 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.6.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT207599\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Installed\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"12.6\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"12.6\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:45:20", "description": "SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n", "cvss3": {}, "published": "2015-08-17T00:00:00", "type": "redhat", "title": "(RHSA-2015:1635) Moderate: sqlite security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2018-04-11T23:32:49", "id": "RHSA-2015:1635", "href": "https://access.redhat.com/errata/RHSA-2015:1635", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2022-01-29T01:03:52", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3252-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMay 06, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : sqlite3\nCVE ID : CVE-2015-3414 CVE-2015-3415 CVE-2015-3416\n\nMichal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.8.7.1-1+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 3.8.9-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.8.9-1.\n\nWe recommend that you upgrade your sqlite3 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-05-06T20:22:58", "type": "debian", "title": "[SECURITY] [DSA 3252-1] sqlite3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-05-06T20:22:58", "id": "DEBIAN:DSA-3252-1:580AD", "href": "https://lists.debian.org/debian-security-announce/2015/msg00140.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-08-10T07:10:22", "description": "\nMichal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.8.7.1-1+deb8u1.\n\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 3.8.9-1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.8.9-1.\n\n\nWe recommend that you upgrade your sqlite3 packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2015-05-06T00:00:00", "type": "osv", "title": "sqlite3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2022-08-10T07:09:19", "id": "OSV:DSA-3252-1", "href": "https://osv.dev/vulnerability/DSA-3252-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2021-06-04T20:21:08", "description": "[3.7.17-6.1]\n- Fixes for CVE-2015-3415 CVE-2015-3414 CVE-2015-3416\n Resolves: rhbz#1244731\n[3.7.17-6]\n- Release bump for ppc64le\n[3.7.17-5]\n- Release bump\n[3.7.17-4.1]\n- Backport 64k page fix from latest upstream (#1118151)", "cvss3": {}, "published": "2015-08-17T00:00:00", "type": "oraclelinux", "title": "sqlite security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-08-17T00:00:00", "id": "ELSA-2015-1635", "href": "http://linux.oracle.com/errata/ELSA-2015-1635.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:06:59", "description": "### Background\n\nSQLite is a C library that implements an SQL database engine.\n\n### Description\n\nMultiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could possibly cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll SQLite users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/sqlite-3.8.9\"", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "gentoo", "title": "SQLite: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-07-07T00:00:00", "id": "GLSA-201507-05", "href": "https://security.gentoo.org/glsa/201507-05", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2021-06-08T19:11:37", "description": "Over 20 errors, including uninitialized memory access.", "edition": 2, "cvss3": {}, "published": "2015-05-05T00:00:00", "type": "securityvulns", "title": "SQLite multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2015-05-05T00:00:00", "id": "SECURITYVULNS:VULN:14389", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14389", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:58", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2015:217\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : sqlite3\r\n Date : April 30, 2015\r\n Affected: Business Server 1.0, Business Server 2.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in sqlite3:\r\n \r\n SQLite before 3.8.9 does not properly implement the dequoting of\r\n collation-sequence names, which allows context-dependent attackers to\r\n cause a denial of service &#40;uninitialized memory access and application\r\n crash&#41; or possibly have unspecified other impact via a crafted COLLATE\r\n clause, as demonstrated by COLLATE at the end of a SELECT statement\r\n &#40;CVE-2015-3414&#41;.\r\n \r\n The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9\r\n does not properly implement comparison operators, which allows\r\n context-dependent attackers to cause a denial of service &#40;invalid\r\n free operation&#41; or possibly have unspecified other impact via a\r\n crafted CHECK clause, as demonstrated by CHECK&#40;0&amp;amp;O&amp;gt;O&#41; in a CREATE\r\n TABLE statement &#40;CVE-2015-3415&#41;.\r\n \r\n The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\r\n not properly handle precision and width values during floating-point\r\n conversions, which allows context-dependent attackers to cause a\r\n denial of service &#40;integer overflow and stack-based buffer overflow&#41;\r\n or possibly have unspecified other impact via large integers in a\r\n crafted printf function call in a SELECT statement &#40;CVE-2015-3416&#41;.\r\n \r\n The updated packages provides a solution for these security issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416\r\n https://bugzilla.redhat.com/show_bug.cgi?id=1212353\r\n https://bugzilla.redhat.com/show_bug.cgi?id=1212356\r\n https://bugzilla.redhat.com/show_bug.cgi?id=1212357\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n adb7e2731d814af7948c8a65662e7c71 mbs1/x86_64/lemon-3.8.9-1.mbs1.x86_64.rpm\r\n 8c9620460c62d0f7d07bd5fee68ac038 mbs1/x86_64/lib64sqlite3_0-3.8.9-1.mbs1.x86_64.rpm\r\n f060fd3ca68302f59e47e9bc1b336d4b mbs1/x86_64/lib64sqlite3-devel-3.8.9-1.mbs1.x86_64.rpm\r\n 0fdd2e8a7456b51773b2a131534b9867 mbs1/x86_64/lib64sqlite3-static-devel-3.8.9-1.mbs1.x86_64.rpm\r\n 14682c0d09a3dc73f4405ee136c6115d mbs1/x86_64/sqlite3-tcl-3.8.9-1.mbs1.x86_64.rpm\r\n c2fc81b9162865ecdcef85aaa805507f mbs1/x86_64/sqlite3-tools-3.8.9-1.mbs1.x86_64.rpm \r\n 474e6b9bc6a7299f8ab34a90893bbd96 mbs1/SRPMS/sqlite3-3.8.9-1.mbs1.src.rpm\r\n\r\n Mandriva Business Server 2/X86_64:\r\n 44c4a002a3480388751603981327a21d mbs2/x86_64/lemon-3.8.9-1.mbs2.x86_64.rpm\r\n 9d2ded51447e5f133c37257635ef4f22 mbs2/x86_64/lib64sqlite3_0-3.8.9-1.mbs2.x86_64.rpm\r\n 42c8fce0126487fa0a72b4f5f1b5e852 mbs2/x86_64/lib64sqlite3-devel-3.8.9-1.mbs2.x86_64.rpm\r\n a93c0f348006f6675779bf7cd5c9f547 mbs2/x86_64/lib64sqlite3-static-devel-3.8.9-1.mbs2.x86_64.rpm\r\n 792f42a7a38d7947e7b5d0ea67510de2 mbs2/x86_64/sqlite3-tcl-3.8.9-1.mbs2.x86_64.rpm\r\n 947e30fcb8c4f19b1398d6e29adc29ac mbs2/x86_64/sqlite3-tools-3.8.9-1.mbs2.x86_64.rpm \r\n 150cb2acc870d5ca8a343f21edef4248 mbs2/SRPMS/sqlite3-3.8.9-1.mbs2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFVQdZEmqjQ0CJFipgRAvj9AJ9qeo094/bpIyYh46OHXWO6W26qUACg4mCP\r\nt5Ka/OioHfZ/AmIloxds0/s=\r\n=X45P\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-05-05T00:00:00", "type": "securityvulns", "title": "[ MDVSA-2015:217 ] sqlite3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2015-05-05T00:00:00", "id": "SECURITYVULNS:DOC:31989", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31989", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:01", "description": "\r\n\r\nAPPLE-SA-2015-09-30-3 OS X El Capitan 10.11\r\n\r\nOS X El Capitan 10.11 is now available and addresses the following:\r\n\r\nAddress Book\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker may be able to inject arbitrary code to\r\nprocesses loading the Address Book framework\r\nDescription: An issue existed in Address Book framework&#39;s handling\r\nof an environment variable. This issue was addressed through improved\r\nenvironment variable handling.\r\nCVE-ID\r\nCVE-2015-5897 : Dan Bastone of Gotham Digital Science\r\n\r\nAirScan\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker with a privileged network position may be able\r\nto extract payload from eSCL packets sent over a secure connection\r\nDescription: An issue existed in the processing of eSCL packets.\r\nThis issue was addressed through improved validation checks.\r\nCVE-ID\r\nCVE-2015-5853 : an anonymous researcher\r\n\r\napache_mod_php\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in PHP\r\nDescription: Multiple vulnerabilities existed in PHP versions prior\r\nto 5.5.27, including one which may have led to remote code execution.\r\nThis issue was addressed by updating PHP to version 5.5.27.\r\nCVE-ID\r\nCVE-2014-9425\r\nCVE-2014-9427\r\nCVE-2014-9652\r\nCVE-2014-9705\r\nCVE-2014-9709\r\nCVE-2015-0231\r\nCVE-2015-0232\r\nCVE-2015-0235\r\nCVE-2015-0273\r\nCVE-2015-1351\r\nCVE-2015-1352\r\nCVE-2015-2301\r\nCVE-2015-2305\r\nCVE-2015-2331\r\nCVE-2015-2348\r\nCVE-2015-2783\r\nCVE-2015-2787\r\nCVE-2015-3329\r\nCVE-2015-3330\r\n\r\nApple Online Store Kit\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application may gain access to a user&#39;s keychain\r\nitems\r\nDescription: An issue existed in validation of access control lists\r\nfor iCloud keychain items. This issue was addressed through improved\r\naccess control list checks.\r\nCVE-ID\r\nCVE-2015-5836 : XiaoFeng Wang of Indiana University, Luyi Xing of\r\nIndiana University, Tongxin Li of Peking University, Tongxin Li of\r\nPeking University, Xiaolong Bai of Tsinghua University\r\n\r\nAppleEvents\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A user connected through screen sharing can send Apple\r\nEvents to a local user&#39;s session\r\nDescription: An issue existed with Apple Event filtering that\r\nallowed some users to send events to other users. This was addressed\r\nby improved Apple Event handling.\r\nCVE-ID\r\nCVE-2015-5849 : Jack Lawrence &#40;@_jackhl&#41;\r\n\r\nAudio\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Playing a malicious audio file may lead to an unexpected\r\napplication termination\r\nDescription: A memory corruption issue existed in the handling of\r\naudio files. This issue issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5862 : YoungJin Yoon of Information Security Lab. &#40;Adv.:\r\nProf. Taekyoung Kwon&#41;, Yonsei University, Seoul, Korea\r\n\r\nbash\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in bash\r\nDescription: Multiple vulnerabilities existed in bash versions prior\r\nto 3.2 patch level 57. These issues were addressed by updating bash\r\nversion 3.2 to patch level 57.\r\nCVE-ID\r\nCVE-2014-6277\r\nCVE-2014-7186\r\nCVE-2014-7187\r\n\r\nCertificate Trust Policy\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT202858.\r\n\r\nCFNetwork Cookies\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker in a privileged network position can track a\r\nuser&#39;s activity\r\nDescription: A cross-domain cookie issue existed in the handling of\r\ntop level domains. The issue was address through improved\r\nrestrictions of cookie creation.\r\nCVE-ID\r\nCVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork FTPProtocol\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Malicious FTP servers may be able to cause the client to\r\nperform reconnaissance on other hosts\r\nDescription: An issue existed in the handling of FTP packets when\r\nusing the PASV command. This issue was resolved through improved\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5912 : Amit Klein\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A maliciously crafted URL may be able to bypass HSTS and\r\nleak sensitive data\r\nDescription: A URL parsing vulnerability existed in HSTS handling.\r\nThis issue was addressed through improved URL parsing.\r\nCVE-ID\r\nCVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious website may be able to track users in Safari\r\nprivate browsing mode\r\nDescription: An issue existed in the handling of HSTS state in\r\nSafari private browsing mode. This issue was addressed through\r\nimproved state handling.\r\nCVE-ID\r\nCVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd\r\n\r\nCFNetwork Proxies\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Connecting to a malicious web proxy may set malicious\r\ncookies for a website\r\nDescription: An issue existed in the handling of proxy connect\r\nresponses. This issue was addressed by removing the set-cookie header\r\nwhile parsing the connect response.\r\nCVE-ID\r\nCVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork SSL\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker with a privileged network position may intercept\r\nSSL/TLS connections\r\nDescription: A certificate validation issue existed in NSURL when a\r\ncertificate changed. This issue was addressed through improved\r\ncertificate validation.\r\nCVE-ID\r\nCVE-2015-5824 : Timothy J. Wood of The Omni Group\r\n\r\nCFNetwork SSL\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of RC4.\r\nAn attacker could force the use of RC4, even if the server preferred\r\nbetter ciphers, by blocking TLS 1.0 and higher connections until\r\nCFNetwork tried SSL 3.0, which only allows RC4. This issue was\r\naddressed by removing the fallback to SSL 3.0.\r\n\r\nCoreCrypto\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker may be able to determine a private key\r\nDescription: By observing many signing or decryption attempts, an\r\nattacker may have been able to determine the RSA private key. This\r\nissue was addressed using improved encryption algorithms.\r\n\r\nCoreText\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5874 : John Villamil &#40;@day6reak&#41;, Yahoo Pentest Team\r\n\r\nDev Tools\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in dyld. This was\r\naddressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5876 : beist of grayhash\r\n\r\nDev Tools\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An application may be able to bypass code signing\r\nDescription: An issue existed with validation of the code signature\r\nof executables. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5839 : @PanguTeam\r\n\r\nDisk Images\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in DiskImages. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5847 : Filippo Bigarella, Luca Todesco\r\n\r\ndyld\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An application may be able to bypass code signing\r\nDescription: An issue existed with validation of the code signature\r\nof executables. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5839 : TaiG Jailbreak Team\r\n\r\nEFI\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application can prevent some systems from\r\nbooting\r\nDescription: An issue existed with the addresses covered by the\r\nprotected range register. This issue was fixed by changing the\r\nprotected range.\r\nCVE-ID\r\nCVE-2015-5900 : Xeno Kovah &amp; Corey Kallenberg from LegbaCore\r\n\r\nEFI\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious Apple Ethernet Thunderbolt adapter may be able\r\nto affect firmware flashing\r\nDescription: Apple Ethernet Thunderbolt adapters could modify the\r\nhost firmware if connected during an EFI update. This issue was\r\naddressed by not loading option ROMs during updates.\r\nCVE-ID\r\nCVE-2015-5914 : Trammell Hudson of Two Sigma Investments and snare\r\n\r\nFinder\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: The &quot;Secure Empty Trash&quot; feature may not securely delete\r\nfiles placed in the Trash\r\nDescription: An issue existed in guaranteeing secure deletion of\r\nTrash files on some systems, such as those with flash storage. This\r\nissue was addressed by removing the &quot;Secure Empty Trash&quot; option.\r\nCVE-ID\r\nCVE-2015-5901 : Apple\r\n\r\nGame Center\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious Game Center application may be able to access a\r\nplayer&#39;s email address\r\nDescription: An issue existed in Game Center in the handling of a\r\nplayer&#39;s email. This issue was addressed through improved access\r\nrestrictions.\r\nCVE-ID\r\nCVE-2015-5855 : Nasser Alnasser\r\n\r\nHeimdal\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker may be able to replay Kerberos credentials to\r\nthe SMB server\r\nDescription: An authentication issue existed in Kerberos\r\ncredentials. This issue was addressed through additional validation\r\nof credentials using a list of recently seen credentials.\r\nCVE-ID\r\nCVE-2015-5913 : Tarun Chopra of Microsoft Corporation, U.S. and Yu\r\nFan of Microsoft Corporation, China\r\n\r\nICU\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in ICU\r\nDescription: Multiple vulnerabilities existed in ICU versions prior\r\nto 53.1.0. These issues were addressed by updating ICU to version\r\n55.1.\r\nCVE-ID\r\nCVE-2014-8146\r\nCVE-2014-8147\r\nCVE-2015-5922\r\n\r\nInstall Framework Legacy\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to gain root privileges\r\nDescription: A restriction issue existed in the Install private\r\nframework containing a privileged executable. This issue was\r\naddressed by removing the executable.\r\nCVE-ID\r\nCVE-2015-5888 : Apple\r\n\r\nIntel Graphics Driver\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: Multiple memory corruption issues existed in the Intel\r\nGraphics Driver. These issues were addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5830 : Yuki MIZUNO &#40;@mzyy94&#41;\r\nCVE-2015-5877 : Camillus Gerard Cai\r\n\r\nIOAudioFamily\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in IOAudioFamily that led to the\r\ndisclosure of kernel memory content. This issue was addressed by\r\npermuting kernel pointers.\r\nCVE-ID\r\nCVE-2015-5864 : Luca Todesco\r\n\r\nIOGraphics\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: Multiple memory corruption issues existed in the\r\nkernel. These issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5871 : Ilja van Sprundel of IOActive\r\nCVE-2015-5872 : Ilja van Sprundel of IOActive\r\nCVE-2015-5873 : Ilja van Sprundel of IOActive\r\nCVE-2015-5890 : Ilja van Sprundel of IOActive\r\n\r\nIOGraphics\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in IOGraphics which could have led to\r\nthe disclosure of kernel memory layout. This issue was addressed\r\nthrough improved memory management.\r\nCVE-ID\r\nCVE-2015-5865 : Luca Todesco\r\n\r\nIOHIDFamily\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: Multiple memory corruption issues existed in\r\nIOHIDFamily. These issues were addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5866 : Apple\r\nCVE-2015-5867 : moony li of Trend Micro\r\n\r\nIOStorageFamily\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker may be able to read kernel memory\r\nDescription: A memory initialization issue existed in the kernel.\r\nThis issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5863 : Ilja van Sprundel of IOActive\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: Multiple memory corruption issues existed in the\r\nKernel. These issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team\r\nCVE-2015-5896 : Maxime Villard of m00nbsd\r\nCVE-2015-5903 : CESG\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local process can modify other processes without\r\nentitlement checks\r\nDescription: An issue existed where root processes using the\r\nprocessor_set_tasks API were allowed to retrieve the task ports of\r\nother processes. This issue was addressed through additional\r\nentitlement checks.\r\nCVE-ID\r\nCVE-2015-5882 : Pedro Vilaca, working from original research by\r\nMing-chieh Pan and Sung-ting Tsai; Jonathan Levin\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker may control the value of stack cookies\r\nDescription: Multiple weaknesses existed in the generation of user\r\nspace stack cookies. These issues were addressed through improved\r\ngeneration of stack cookies.\r\nCVE-ID\r\nCVE-2013-3951 : Stefan Esser\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker may be able to launch denial of service attacks\r\non targeted TCP connections without knowing the correct sequence\r\nnumber\r\nDescription: An issue existed in xnu&#39;s validation of TCP packet\r\nheaders. This issue was addressed through improved TCP packet header\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5879 : Jonathan Looney\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker in a local LAN segment may disable IPv6 routing\r\nDescription: An insufficient validation issue existed in the\r\nhandling of IPv6 router advertisements that allowed an attacker to\r\nset the hop limit to an arbitrary value. This issue was addressed by\r\nenforcing a minimum hop limit.\r\nCVE-ID\r\nCVE-2015-5869 : Dennis Spindel Ljungmark\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed that led to the disclosure of kernel\r\nmemory layout. This was addressed through improved initialization of\r\nkernel memory structures.\r\nCVE-ID\r\nCVE-2015-5842 : beist of grayhash\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in debugging interfaces that led to\r\nthe disclosure of memory content. This issue was addressed by\r\nsanitizing output from debugging interfaces.\r\nCVE-ID\r\nCVE-2015-5870 : Apple\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: A state management issue existed in debugging\r\nfunctionality. This issue was addressed through improved validation.\r\nCVE-ID\r\nCVE-2015-5902 : Sergi Alvarez &#40;pancake&#41; of NowSecure Research Team\r\n\r\nlibc\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse\r\nCorporation\r\n\r\nlibpthread\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team\r\n\r\nlibxpc\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Many SSH connections could cause a denial of service\r\nDescription: launchd had no limit on the number of processes that\r\ncould be started by a network connection. This issue was addressed by\r\nlimiting the number of SSH processes to 40.\r\nCVE-ID\r\nCVE-2015-5881 : Apple\r\n\r\nLogin Window\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: The screen lock may not engage after the specified time\r\nperiod\r\nDescription: An issue existed with captured display locking. The\r\nissue was addressed through improved lock handling.\r\nCVE-ID\r\nCVE-2015-5833 : Carlos Moreira, Rainer Dorau of rainer dorau\r\ninformationsdesign, Chris Nehren, Kai Takac, Hans Douma, Toni\r\nVaahtera, and an anonymous researcher\r\n\r\nlukemftpd\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A remote attacker may be able to deny service to the FTP\r\nserver\r\nDescription: A glob-processing issue existed in tnftpd. This issue\r\nwas addressed through improved glob validation.\r\nCVE-ID\r\nCVE-2015-5917 : Maksymilian Arciemowicz of cxsecurity.com\r\n\r\nMail\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Printing an email may leak sensitive user information\r\nDescription: An issue existed in Mail which bypassed user\r\npreferences when printing an email. This issue was addressed through\r\nimproved user preference enforcement.\r\nCVE-ID\r\nCVE-2015-5881 : Owen DeLong of Akamai Technologies, Noritaka Kamiya,\r\nDennis Klein from Eschenburg, Germany, Jeff Hammett of Systim\r\nTechnology Partners\r\n\r\nMail\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker in a privileged network position may be able to\r\nintercept attachments of S/MIME-encrypted e-mail sent via Mail Drop\r\nDescription: An issue existed in handling encryption parameters for\r\nlarge email attachments sent via Mail Drop. The issue is addressed by\r\nno longer offering Mail Drop when sending an encrypted e-mail.\r\nCVE-ID\r\nCVE-2015-5884 : John McCombs of Integrated Mapping Ltd\r\n\r\nMultipeer Connectivity\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker may be able to observe unprotected\r\nmultipeer data\r\nDescription: An issue existed in convenience initializer handling in\r\nwhich encryption could be actively downgraded to a non-encrypted\r\nsession. This issue was addressed by changing the convenience\r\ninitializer to require encryption.\r\nCVE-ID\r\nCVE-2015-5851 : Alban Diquet &#40;@nabla_c0d3&#41; of Data Theorem\r\n\r\nNetworkExtension\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An uninitialized memory issue in the kernel led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved memory initialization.\r\nCVE-ID\r\nCVE-2015-5831 : Maxime Villard of m00nbsd\r\n\r\nNotes\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to leak sensitive user information\r\nDescription: An issue existed in parsing links in the Notes\r\napplication. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5878 : Craig Young of Tripwire VERT, an anonymous researcher\r\n\r\nNotes\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to leak sensitive user information\r\nDescription: A cross-site scripting issue existed in parsing text by\r\nthe Notes application. This issue was addressed through improved\r\ninput validation.\r\nCVE-ID\r\nCVE-2015-5875 : xisigr of Tencent&#39;s Xuanwu LAB &#40;www.tencent.com&#41;\r\n\r\nOpenSSH\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in OpenSSH\r\nDescription: Multiple vulnerabilities existed in OpenSSH versions\r\nprior to 6.9. These issues were addressed by updating OpenSSH to\r\nversion 6.9.\r\nCVE-ID\r\nCVE-2014-2532\r\n\r\nOpenSSL\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: Multiple vulnerabilities existed in OpenSSL versions\r\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\r\n0.9.8zg.\r\nCVE-ID\r\nCVE-2015-0286\r\nCVE-2015-0287\r\n\r\nprocmail\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in procmail\r\nDescription: Multiple vulnerabilities existed in procmail versions\r\nprior to 3.22. These issues were addressed by removing procmail.\r\nCVE-ID\r\nCVE-2014-3618\r\n\r\nremote_cmds\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with root\r\nprivileges\r\nDescription: An issue existed in the usage of environment variables\r\nby the rsh binary. This issue was addressed by dropping setuid\r\nprivileges from the rsh binary.\r\nCVE-ID\r\nCVE-2015-5889 : Philip Pettersson\r\n\r\nremovefile\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Processing malicious data may lead to unexpected application\r\ntermination\r\nDescription: An overflow fault existed in the checkint division\r\nroutines. This issue was addressed with improved division routines.\r\nCVE-ID\r\nCVE-2015-5840 : an anonymous researcher\r\n\r\nRuby\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in Ruby\r\nDescription: Multiple vulnerabilities existed in Ruby versions prior\r\nto 2.0.0p645. These were addressed by updating Ruby to version\r\n2.0.0p645.\r\nCVE-ID\r\nCVE-2014-8080\r\nCVE-2014-8090\r\nCVE-2015-1855\r\n\r\nSecurity\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: The lock state of the keychain may be incorrectly displayed\r\nto the user\r\nDescription: A state management issue existed in the way keychain\r\nlock status was tracked. This issue was addressed through improved\r\nstate management.\r\nCVE-ID\r\nCVE-2015-5915 : Peter Walz of University of Minnesota, David Ephron,\r\nEric E. Lawrence, Apple\r\n\r\nSecurity\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A trust evaluation configured to require revocation checking\r\nmay succeed even if revocation checking fails\r\nDescription: The kSecRevocationRequirePositiveResponse flag was\r\nspecified but not implemented. This issue was addressed by\r\nimplementing the flag.\r\nCVE-ID\r\nCVE-2015-5894 : Hannes Oud of kWallet GmbH\r\n\r\nSecurity\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A remote server may prompt for a certificate before\r\nidentifying itself\r\nDescription: Secure Transport accepted the CertificateRequest\r\nmessage before the ServerKeyExchange message. This issue was\r\naddressed by requiring the ServerKeyExchange first.\r\nCVE-ID\r\nCVE-2015-5887 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine\r\nDelignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of\r\nINRIA Paris-Rocquencourt, and Cedric Fournet and Markulf Kohlweiss of\r\nMicrosoft Research, Pierre-Yves Strub of IMDEA Software Institute\r\n\r\nSMB\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5891 : Ilja van Sprundel of IOActive\r\n\r\nSMB\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in SMBClient that led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-5893 : Ilja van Sprundel of IOActive\r\n\r\nSQLite\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in SQLite v3.8.5\r\nDescription: Multiple vulnerabilities existed in SQLite v3.8.5.\r\nThese issues were addressed by updating SQLite to version 3.8.10.2.\r\nCVE-ID\r\nCVE-2015-3414\r\nCVE-2015-3415\r\nCVE-2015-3416\r\n\r\nTelephony\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker can place phone calls without the user&#39;s\r\nknowledge when using Continuity\r\nDescription: An issue existed in the authorization checks for\r\nplacing phone calls. This issue was addressed through improved\r\nauthorization checks.\r\nCVE-ID\r\nCVE-2015-3785 : Dan Bastone of Gotham Digital Science\r\n\r\nTerminal\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Maliciously crafted text could mislead the user in Terminal\r\nDescription: Terminal did not handle bidirectional override\r\ncharacters in the same way when displaying text and when selecting\r\ntext. This issue was addressed by suppressing bidirectional override\r\ncharacters in Terminal.\r\nCVE-ID\r\nCVE-2015-5883 : an anonymous researcher\r\n\r\ntidy\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Multiple memory corruption issues existed in tidy.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5522 : Fernando Munoz of NULLGroup.com\r\nCVE-2015-5523 : Fernando Munoz of NULLGroup.com\r\n\r\nTime Machine\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker may gain access to keychain items\r\nDescription: An issue existed in backups by the Time Machine\r\nframework. This issue was addressed through improved coverage of Time\r\nMachine backups.\r\nCVE-ID\r\nCVE-2015-5854 : Jonas Magazinius of Assured AB\r\n\r\nNote: OS X El Capitan 10.11 includes the security content of\r\nSafari 9: https://support.apple.com/kb/HT205265.\r\n\r\nOS X El Capitan 10.11 may be obtained from the Mac App Store:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-10-05T00:00:00", "type": "securityvulns", "title": "APPLE-SA-2015-09-30-3 OS X El Capitan 10.11", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2348", "CVE-2014-9705", "CVE-2015-5883", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-5903", "CVE-2015-0235", "CVE-2015-2783", "CVE-2015-5877", "CVE-2015-3785", "CVE-2015-5847", "CVE-2014-9427", "CVE-2015-3329", "CVE-2015-3415", "CVE-2015-3330", "CVE-2015-5922", "CVE-2015-5865", "CVE-2015-5869", "CVE-2015-5879", "CVE-2015-5876", "CVE-2015-5858", "CVE-2015-5862", "CVE-2015-0286", "CVE-2015-5888", "CVE-2015-5874", "CVE-2015-5860", "CVE-2015-1855", "CVE-2014-3618", "CVE-2015-1352", "CVE-2015-2301", "CVE-2015-5868", "CVE-2015-5872", "CVE-2015-5839", "CVE-2015-5840", "CVE-2014-6277", "CVE-2014-9425", "CVE-2014-9709", "CVE-2015-2305", "CVE-2015-5873", "CVE-2015-0273", "CVE-2015-5875", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-5912", "CVE-2015-2331", "CVE-2015-5870", "CVE-2015-5913", "CVE-2015-5841", "CVE-2015-5894", "CVE-2015-5881", "CVE-2014-2532", "CVE-2015-5831", "CVE-2014-8147", "CVE-2015-5878", "CVE-2015-5855", "CVE-2014-8611", "CVE-2015-5871", "CVE-2015-5866", "CVE-2015-5901", "CVE-2014-8090", "CVE-2015-5824", "CVE-2015-5884", "CVE-2015-3416", "CVE-2015-5889", "CVE-2015-5867", "CVE-2015-5836", "CVE-2015-5915", "CVE-2015-5900", "CVE-2015-5890", "CVE-2014-7187", "CVE-2014-8146", "CVE-2015-5854", "CVE-2015-3414", "CVE-2014-9652", "CVE-2015-5523", "CVE-2015-5885", "CVE-2013-3951", "CVE-2015-5893", "CVE-2015-5917", "CVE-2014-8080", "CVE-2015-1351", "CVE-2015-5887", "CVE-2015-5902", "CVE-2015-0287", "CVE-2015-5853", "CVE-2015-5897", "CVE-2015-5830", "CVE-2015-5849", "CVE-2015-5896", "CVE-2015-5833", "CVE-2015-5863", "CVE-2015-0231", "CVE-2015-5864", "CVE-2014-7186", "CVE-2015-5891", "CVE-2015-5914", "CVE-2015-5522", "CVE-2015-5851", "CVE-2015-5899"], "modified": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32522", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32522", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:03:07", "description": "Code execution, information disclosure, restrictions bypass, multiple memory corruptions, multiple libraries vulnerabilities.", "edition": 2, "cvss3": {}, "published": "2015-10-25T00:00:00", "type": "securityvulns", "title": "Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2348", "CVE-2014-9705", "CVE-2015-5883", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-5903", "CVE-2015-6976", "CVE-2015-7007", "CVE-2015-0235", "CVE-2015-2783", "CVE-2015-5877", "CVE-2015-5927", "CVE-2015-3785", "CVE-2015-5847", "CVE-2014-9427", "CVE-2015-3329", "CVE-2015-6975", "CVE-2015-3415", "CVE-2015-7035", "CVE-2015-3330", "CVE-2015-6987", "CVE-2015-5922", "CVE-2015-5865", "CVE-2015-5869", "CVE-2015-5879", "CVE-2015-7003", "CVE-2015-5876", "CVE-2015-5858", "CVE-2015-5924", "CVE-2015-5862", "CVE-2015-0286", "CVE-2015-5888", "CVE-2015-6983", "CVE-2015-5939", "CVE-2015-5874", "CVE-2015-6834", "CVE-2015-6991", "CVE-2015-5860", "CVE-2015-1855", "CVE-2015-7020", "CVE-2014-3618", "CVE-2015-6994", "CVE-2015-1352", "CVE-2015-7016", "CVE-2015-6992", "CVE-2015-2301", "CVE-2015-7021", "CVE-2015-6977", "CVE-2015-5868", "CVE-2014-3565", "CVE-2015-5872", "CVE-2015-5839", "CVE-2015-5840", "CVE-2014-6277", "CVE-2014-9425", "CVE-2014-9709", "CVE-2015-2305", "CVE-2012-6151", "CVE-2015-5934", "CVE-2015-5873", "CVE-2015-5940", "CVE-2015-5932", "CVE-2015-0273", "CVE-2015-5875", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-6995", "CVE-2015-6978", "CVE-2015-7018", "CVE-2015-5912", "CVE-2015-6985", "CVE-2015-2331", "CVE-2015-5870", "CVE-2015-5935", "CVE-2015-5722", "CVE-2015-7010", "CVE-2015-5945", "CVE-2015-6984", "CVE-2015-7008", "CVE-2015-5841", "CVE-2015-5894", "CVE-2015-5881", "CVE-2014-2532", "CVE-2015-5831", "CVE-2014-8147", "CVE-2015-5937", "CVE-2015-5878", "CVE-2015-5855", "CVE-2015-7023", "CVE-2014-8611", "CVE-2015-6993", "CVE-2015-5871", "CVE-2015-5866", "CVE-2015-5901", "CVE-2014-8090", "CVE-2015-6836", "CVE-2015-5884", "CVE-2015-3416", "CVE-2015-5936", "CVE-2015-5889", "CVE-2015-5867", "CVE-2015-5836", "CVE-2015-6989", "CVE-2015-5915", "CVE-2015-5900", "CVE-2015-5942", "CVE-2015-7015", "CVE-2015-5890", "CVE-2014-7187", "CVE-2014-8146", "CVE-2015-5854", "CVE-2015-6990", "CVE-2015-3414", "CVE-2015-7009", "CVE-2014-9652", "CVE-2015-7031", "CVE-2015-6988", "CVE-2015-5523", "CVE-2015-5986", "CVE-2015-5943", "CVE-2015-5885", "CVE-2015-6996", "CVE-2015-6837", "CVE-2013-3951", "CVE-2015-6563", "CVE-2015-5944", "CVE-2015-5893", "CVE-2015-5917", "CVE-2014-8080", "CVE-2015-1351", "CVE-2015-5524", "CVE-2015-5887", "CVE-2015-5902", "CVE-2015-5925", "CVE-2015-5938", "CVE-2015-0287", "CVE-2015-6974", "CVE-2015-5853", "CVE-2015-6835", "CVE-2015-5897", "CVE-2015-5830", "CVE-2015-5849", "CVE-2015-5896", "CVE-2015-5833", "CVE-2015-5863", "CVE-2015-0231", "CVE-2015-5864", "CVE-2014-7186", "CVE-2015-5891", "CVE-2015-7019", "CVE-2015-7006", "CVE-2015-7017", "CVE-2015-5914", "CVE-2015-5926", "CVE-2015-5522", "CVE-2015-5851", "CVE-2015-5899", "CVE-2015-6838", "CVE-2015-5933"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14702", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14702", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2022-11-01T21:21:21", "description": "**Issue Overview:**\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3416)\n\n \n**Affected Packages:** \n\n\nsqlite\n\n \n**Issue Correction:** \nRun _yum update sqlite_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 sqlite-tcl-3.7.17-6.13.amzn1.i686 \n \u00a0\u00a0\u00a0 sqlite-3.7.17-6.13.amzn1.i686 \n \u00a0\u00a0\u00a0 sqlite-devel-3.7.17-6.13.amzn1.i686 \n \u00a0\u00a0\u00a0 lemon-3.7.17-6.13.amzn1.i686 \n \u00a0\u00a0\u00a0 sqlite-debuginfo-3.7.17-6.13.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 sqlite-doc-3.7.17-6.13.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 sqlite-3.7.17-6.13.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 sqlite-3.7.17-6.13.amzn1.x86_64 \n \u00a0\u00a0\u00a0 sqlite-devel-3.7.17-6.13.amzn1.x86_64 \n \u00a0\u00a0\u00a0 lemon-3.7.17-6.13.amzn1.x86_64 \n \u00a0\u00a0\u00a0 sqlite-tcl-3.7.17-6.13.amzn1.x86_64 \n \u00a0\u00a0\u00a0 sqlite-debuginfo-3.7.17-6.13.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2015-3414](<https://access.redhat.com/security/cve/CVE-2015-3414>), [CVE-2015-3415](<https://access.redhat.com/security/cve/CVE-2015-3415>), [CVE-2015-3416](<https://access.redhat.com/security/cve/CVE-2015-3416>)\n\nMitre: [CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>), [CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>), [CVE-2015-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416>)\n", "cvss3": {}, "published": "2015-09-02T12:00:00", "type": "amazon", "title": "Medium: sqlite", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-09-02T12:00:00", "id": "ALAS-2015-591", "href": "https://alas.aws.amazon.com/ALAS-2015-591.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-01T21:22:55", "description": "**Issue Overview:**\n\nUpstream reports that six security-related issues in PHP were fixed in this release, as well as several security issues in bundled sqlite library (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416). All PHP 5.4 users are encouraged to upgrade to this version. Please see the &lt;a href=\"http://php.net/ChangeLog-5.php#5.4.42\"&gt;upstream release notes&lt;/a&gt; for full details.\n\n \n**Affected Packages:** \n\n\nphp54\n\n \n**Issue Correction:** \nRun _yum update php54_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 php54-mssql-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-devel-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-xml-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-imap-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-odbc-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-debuginfo-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-pdo-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-snmp-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mysql-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-tidy-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-dba-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-pspell-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-ldap-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-xmlrpc-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-pgsql-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-common-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-intl-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-enchant-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mysqlnd-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-soap-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-fpm-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-recode-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mbstring-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-process-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mcrypt-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-bcmath-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-gd-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-embedded-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-cli-5.4.42-1.71.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 php54-5.4.42-1.71.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 php54-tidy-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-gd-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-ldap-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-bcmath-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-process-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mbstring-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-devel-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-xml-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mysql-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-embedded-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-odbc-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-recode-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-imap-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-cli-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-snmp-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mcrypt-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-debuginfo-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-intl-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-fpm-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-xmlrpc-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-pgsql-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mssql-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mysqlnd-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-enchant-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-dba-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-common-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-pspell-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-pdo-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-soap-5.4.42-1.71.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2014-3416](<https://access.redhat.com/security/cve/CVE-2014-3416>), [CVE-2015-3414](<https://access.redhat.com/security/cve/CVE-2015-3414>), [CVE-2015-3415](<https://access.redhat.com/security/cve/CVE-2015-3415>), [CVE-2015-4642](<https://access.redhat.com/security/cve/CVE-2015-4642>), [CVE-2015-4643](<https://access.redhat.com/security/cve/CVE-2015-4643>), [CVE-2015-4644](<https://access.redhat.com/security/cve/CVE-2015-4644>)\n\nMitre: [CVE-2014-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3416>), [CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>), [CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>), [CVE-2015-4642](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642>), [CVE-2015-4643](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643>), [CVE-2015-4644](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-07T12:39:00", "type": "amazon", "title": "Medium: php54", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2015-07-07T22:41:00", "id": "ALAS-2015-561", "href": "https://alas.aws.amazon.com/ALAS-2015-561.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-01T21:22:51", "description": "**Issue Overview:**\n\nUpstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.6 users are encouraged to upgrade to this version. Please see the &lt;a href=\"http://php.net/ChangeLog-5.php#5.6.10\"&gt;upstream release notes&lt;/a&gt; for full details.\n\n \n**Affected Packages:** \n\n\nphp56\n\n \n**Issue Correction:** \nRun _yum update php56_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 php56-intl-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-enchant-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-snmp-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-fpm-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-pgsql-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-mssql-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-dba-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-odbc-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-mysqlnd-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-mbstring-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-tidy-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-pdo-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-gd-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-pspell-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-recode-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-opcache-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-embedded-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-dbg-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-gmp-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-debuginfo-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-common-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-ldap-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-bcmath-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-soap-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-devel-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-mcrypt-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-imap-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-xml-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-cli-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-process-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-xmlrpc-5.6.10-1.115.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 php56-5.6.10-1.115.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 php56-common-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-dba-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-mbstring-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-enchant-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-debuginfo-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-devel-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-process-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-odbc-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-xml-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-bcmath-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-imap-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-embedded-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-dbg-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-pgsql-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-ldap-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-xmlrpc-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-mysqlnd-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-recode-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-gmp-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-intl-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-mcrypt-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-mssql-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-snmp-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-pspell-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-cli-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-fpm-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-gd-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-pdo-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-tidy-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-opcache-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-soap-5.6.10-1.115.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2014-3416](<https://access.redhat.com/security/cve/CVE-2014-3416>), [CVE-2015-2325](<https://access.redhat.com/security/cve/CVE-2015-2325>), [CVE-2015-2326](<https://access.redhat.com/security/cve/CVE-2015-2326>), [CVE-2015-3414](<https://access.redhat.com/security/cve/CVE-2015-3414>), [CVE-2015-3415](<https://access.redhat.com/security/cve/CVE-2015-3415>), [CVE-2015-4642](<https://access.redhat.com/security/cve/CVE-2015-4642>), [CVE-2015-4643](<https://access.redhat.com/security/cve/CVE-2015-4643>), [CVE-2015-4644](<https://access.redhat.com/security/cve/CVE-2015-4644>)\n\nMitre: [CVE-2014-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3416>), [CVE-2015-2325](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325>), [CVE-2015-2326](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326>), [CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>), [CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>), [CVE-2015-4642](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642>), [CVE-2015-4643](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643>), [CVE-2015-4644](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-07T12:40:00", "type": "amazon", "title": "Medium: php56", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2015-07-07T22:39:00", "id": "ALAS-2015-563", "href": "https://alas.aws.amazon.com/ALAS-2015-563.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-01T21:22:53", "description": "**Issue Overview:**\n\nUpstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.5 users are encouraged to upgrade to this version. Please see the &lt;a href=\"http://php.net/ChangeLog-5.php#5.5.26\"&gt;upstream release notes&lt;/a&gt; for full details.\n\n \n**Affected Packages:** \n\n\nphp55\n\n \n**Issue Correction:** \nRun _yum update php55_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 php55-cli-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-odbc-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-dba-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-bcmath-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-common-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mysqlnd-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-xml-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-recode-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-intl-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-devel-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-opcache-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-gd-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-gmp-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-soap-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-ldap-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-imap-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-debuginfo-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mbstring-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-xmlrpc-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mcrypt-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mssql-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-embedded-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-pdo-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-process-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-pspell-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-enchant-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-fpm-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-pgsql-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-tidy-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-snmp-5.5.26-1.103.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 php55-5.5.26-1.103.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 php55-pspell-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-imap-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-embedded-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mcrypt-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-cli-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-tidy-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-gd-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-odbc-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-process-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mbstring-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-gmp-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mssql-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-snmp-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-ldap-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-devel-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mysqlnd-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-common-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-xml-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-recode-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-debuginfo-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-fpm-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-bcmath-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-xmlrpc-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-opcache-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-enchant-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-pgsql-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-pdo-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-intl-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-dba-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-soap-5.5.26-1.103.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2014-3416](<https://access.redhat.com/security/cve/CVE-2014-3416>), [CVE-2015-2325](<https://access.redhat.com/security/cve/CVE-2015-2325>), [CVE-2015-2326](<https://access.redhat.com/security/cve/CVE-2015-2326>), [CVE-2015-3414](<https://access.redhat.com/security/cve/CVE-2015-3414>), [CVE-2015-3415](<https://access.redhat.com/security/cve/CVE-2015-3415>), [CVE-2015-4642](<https://access.redhat.com/security/cve/CVE-2015-4642>), [CVE-2015-4643](<https://access.redhat.com/security/cve/CVE-2015-4643>), [CVE-2015-4644](<https://access.redhat.com/security/cve/CVE-2015-4644>)\n\nMitre: [CVE-2014-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3416>), [CVE-2015-2325](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325>), [CVE-2015-2326](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326>), [CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>), [CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>), [CVE-2015-4642](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642>), [CVE-2015-4643](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643>), [CVE-2015-4644](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-07T12:40:00", "type": "amazon", "title": "Medium: php55", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2015-07-07T22:40:00", "id": "ALAS-2015-562", "href": "https://alas.aws.amazon.com/ALAS-2015-562.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2023-01-01T04:43:29", "description": "**CentOS Errata and Security Advisory** CESA-2015:1635\n\n\nSQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2015-August/070812.html\n\n**Affected packages:**\nlemon\nsqlite\nsqlite-devel\nsqlite-doc\nsqlite-tcl\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2015:1635", "cvss3": {}, "published": "2015-08-17T16:54:44", "type": "centos", "title": "lemon, sqlite security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-08-17T16:54:44", "id": "CESA-2015:1635", "href": "https://lists.centos.org/pipermail/centos-announce/2015-August/070812.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2021-08-18T11:25:15", "description": "### *Detect date*:\n04/24/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple integer and buffer overflows were found in SQLite. By exploiting these vulnerabilities malicious users can cause denial of service or conduct other unknown impact. These vulnerabilities can be exploited remotely via a specially designed input.\n\n### *Affected products*:\nSQLite versions earlier than 3.8.9\n\n### *Solution*:\nUpdate to the latest version \n[Get SQLite](<http://www.sqlite.org/download.html>)\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[SQLite](<https://threats.kaspersky.com/en/product/SQLite/>)\n\n### *CVE-IDS*:\n[CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>)7.5Critical \n[CVE-2015-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416>)7.5Critical \n[CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>)7.5Critical", "cvss3": {}, "published": "2015-04-24T00:00:00", "type": "kaspersky", "title": "KLA10565 Denial of service vulnerabilities in SQLite", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2020-06-03T00:00:00", "id": "KLA10565", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10565/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-01-27T14:19:19", "description": "From Red Hat Security Advisory 2015:1635 :\n\nAn updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : sqlite (ELSA-2015-1635)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:lemon", "p-cpe:/a:oracle:linux:sqlite", "p-cpe:/a:oracle:linux:sqlite-devel", "p-cpe:/a:oracle:linux:sqlite-doc", "p-cpe:/a:oracle:linux:sqlite-tcl", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/85491", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1635 and \n# Oracle Linux Security Advisory ELSA-2015-1635 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85491);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1635\");\n\n script_name(english:\"Oracle Linux 7 : sqlite (ELSA-2015-1635)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1635 :\n\nAn updated sqlite package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-August/005344.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-tcl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:19:29", "description": "An updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "RHEL 7 : sqlite (RHSA-2015:1635)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:lemon", "p-cpe:/a:redhat:enterprise_linux:sqlite", "p-cpe:/a:redhat:enterprise_linux:sqlite-debuginfo", "p-cpe:/a:redhat:enterprise_linux:sqlite-devel", "p-cpe:/a:redhat:enterprise_linux:sqlite-doc", "p-cpe:/a:redhat:enterprise_linux:sqlite-tcl", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.1", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/85496", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1635. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85496);\n script_version(\"2.15\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1635\");\n\n script_name(english:\"RHEL 7 : sqlite (RHSA-2015:1635)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated sqlite package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3416\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3414\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1635\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-debuginfo-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:19:30", "description": "A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : sqlite on SL7.x x86_64 (20150817)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:lemon", "p-cpe:/a:fermilab:scientific_linux:sqlite", "p-cpe:/a:fermilab:scientific_linux:sqlite-debuginfo", "p-cpe:/a:fermilab:scientific_linux:sqlite-devel", "p-cpe:/a:fermilab:scientific_linux:sqlite-doc", "p-cpe:/a:fermilab:scientific_linux:sqlite-tcl", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150817_SQLITE_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85502", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85502);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n\n script_name(english:\"Scientific Linux Security Update : sqlite on SL7.x x86_64 (20150817)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1508&L=scientific-linux-errata&F=&S=&P=15216\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?212022ab\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-debuginfo-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:19:07", "description": "An updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "CentOS 7 : sqlite (CESA-2015:1635)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:lemon", "p-cpe:/a:centos:centos:sqlite", "p-cpe:/a:centos:centos:sqlite-devel", "p-cpe:/a:centos:centos:sqlite-doc", "p-cpe:/a:centos:centos:sqlite-tcl", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/85463", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1635 and \n# CentOS Errata and Security Advisory 2015:1635 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85463);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1635\");\n\n script_name(english:\"CentOS 7 : sqlite (CESA-2015:1635)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated sqlite package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-August/021337.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df1770c2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3414\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-tcl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:17:23", "description": "The remote host is affected by the vulnerability described in GLSA-201507-05 (SQLite: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could possibly cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2015-07-08T00:00:00", "type": "nessus", "title": "GLSA-201507-05 : SQLite: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:sqlite", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201507-05.NASL", "href": "https://www.tenable.com/plugins/nessus/84604", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201507-05.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84604);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_bugtraq_id(74228);\n script_xref(name:\"GLSA\", value:\"201507-05\");\n\n script_name(english:\"GLSA-201507-05 : SQLite: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201507-05\n(SQLite: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in SQLite. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could possibly cause a Denial of Service\n condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201507-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All SQLite users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/sqlite-3.8.9'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/sqlite\", unaffected:make_list(\"ge 3.8.9\"), vulnerable:make_list(\"lt 3.8.9\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SQLite\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:14:43", "description": "NVD reports :\n\nSQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE'''''''' at the end of a SELECT statement.\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.", "cvss3": {}, "published": "2015-04-20T00:00:00", "type": "nessus", "title": "FreeBSD : sqlite -- multiple vulnerabilities (dec3164f-3121-45ef-af18-bb113ac5082f)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:sqlite3", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_DEC3164F312145EFAF18BB113AC5082F.NASL", "href": "https://www.tenable.com/plugins/nessus/82893", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82893);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n\n script_name(english:\"FreeBSD : sqlite -- multiple vulnerabilities (dec3164f-3121-45ef-af18-bb113ac5082f)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NVD reports :\n\nSQLite before 3.8.9 does not properly implement the dequoting of\ncollation-sequence names, which allows context-dependent attackers to\ncause a denial of service (uninitialized memory access and application\ncrash) or possibly have unspecified other impact via a crafted COLLATE\nclause, as demonstrated by COLLATE'''''''' at the end of a SELECT\nstatement.\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not\nproperly implement comparison operators, which allows\ncontext-dependent attackers to cause a denial of service (invalid free\noperation) or possibly have unspecified other impact via a crafted\nCHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE\nstatement.\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\nnot properly handle precision and width values during floating-point\nconversions, which allows context-dependent attackers to cause a\ndenial of service (integer overflow and stack-based buffer overflow)\nor possibly have unspecified other impact via large integers in a\ncrafted printf function call in a SELECT statement.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.sqlite.org/src/info/eddc05e7bb31fae7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.sqlite.org/src/info/02e3c88fbf6abdcf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.sqlite.org/src/info/c494171f77dc2e5e\"\n );\n # http://seclists.org/fulldisclosure/2015/Apr/31\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/fulldisclosure/2015/Apr/31\"\n );\n # https://vuxml.freebsd.org/freebsd/dec3164f-3121-45ef-af18-bb113ac5082f.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?972e9809\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"sqlite3<3.8.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:15:48", "description": "Michal Zalewski discovered multiple vulnerabilities in SQLite, which may result in denial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2015-05-07T00:00:00", "type": "nessus", "title": "Debian DSA-3252-1 : sqlite3 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:sqlite3", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3252.NASL", "href": "https://www.tenable.com/plugins/nessus/83273", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3252. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83273);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_bugtraq_id(74228);\n script_xref(name:\"DSA\", value:\"3252\");\n\n script_name(english:\"Debian DSA-3252-1 : sqlite3 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783968\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/sqlite3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3252\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the sqlite3 packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 3.8.7.1-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"lemon\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-0\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-0-dbg\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-dev\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-tcl\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sqlite3\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sqlite3-doc\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:14:28", "description": "Multiple vulnerabilities has been found and corrected in sqlite3 :\n\nSQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement (CVE-2015-3414).\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0 O>O) in a CREATE TABLE statement (CVE-2015-3415).\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement (CVE-2015-3416).\n\nThe updated packages provides a solution for these security issues.", "cvss3": {}, "published": "2015-05-01T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : sqlite3 (MDVSA-2015:217)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lemon", "p-cpe:/a:mandriva:linux:lib64sqlite3-devel", "p-cpe:/a:mandriva:linux:lib64sqlite3-static-devel", "p-cpe:/a:mandriva:linux:lib64sqlite3_0", "p-cpe:/a:mandriva:linux:sqlite3-tcl", "p-cpe:/a:mandriva:linux:sqlite3-tools", "cpe:/o:mandriva:business_server:1", "cpe:/o:mandriva:business_server:2"], "id": "MANDRIVA_MDVSA-2015-217.NASL", "href": "https://www.tenable.com/plugins/nessus/83169", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:217. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83169);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"MDVSA\", value:\"2015:217\");\n\n script_name(english:\"Mandriva Linux Security Advisory : sqlite3 (MDVSA-2015:217)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in sqlite3 :\n\nSQLite before 3.8.9 does not properly implement the dequoting of\ncollation-sequence names, which allows context-dependent attackers to\ncause a denial of service (uninitialized memory access and application\ncrash) or possibly have unspecified other impact via a crafted COLLATE\nclause, as demonstrated by COLLATE at the end of a SELECT statement\n(CVE-2015-3414).\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not\nproperly implement comparison operators, which allows\ncontext-dependent attackers to cause a denial of service (invalid free\noperation) or possibly have unspecified other impact via a crafted\nCHECK clause, as demonstrated by CHECK(0 O>O) in a CREATE TABLE\nstatement (CVE-2015-3415).\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\nnot properly handle precision and width values during floating-point\nconversions, which allows context-dependent attackers to cause a\ndenial of service (integer overflow and stack-based buffer overflow)\nor possibly have unspecified other impact via large integers in a\ncrafted printf function call in a SELECT statement (CVE-2015-3416).\n\nThe updated packages provides a solution for these security issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212357\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sqlite3-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sqlite3_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:sqlite3-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:sqlite3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lemon-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64sqlite3-devel-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64sqlite3-static-devel-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64sqlite3_0-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"sqlite3-tcl-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"sqlite3-tools-3.8.9-1.mbs1\")) flag++;\n\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lemon-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64sqlite3-devel-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64sqlite3-static-devel-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64sqlite3_0-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"sqlite3-tcl-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"sqlite3-tools-3.8.9-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:20:02", "description": "A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)", "cvss3": {}, "published": "2015-09-03T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : sqlite (ALAS-2015-591)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:lemon", "p-cpe:/a:amazon:linux:sqlite", "p-cpe:/a:amazon:linux:sqlite-debuginfo", "p-cpe:/a:amazon:linux:sqlite-devel", "p-cpe:/a:amazon:linux:sqlite-doc", "p-cpe:/a:amazon:linux:sqlite-tcl", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-591.NASL", "href": "https://www.tenable.com/plugins/nessus/85749", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-591.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85749);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"ALAS\", value:\"2015-591\");\n\n script_name(english:\"Amazon Linux AMI : sqlite (ALAS-2015-591)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-591.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update sqlite' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"lemon-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-debuginfo-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-devel-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-doc-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-tcl-3.7.17-6.13.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-23T02:29:28", "description": "According to the versions of the sqlite packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3415)\n\n - A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3414)\n\n - A NULL pointer dereference vulnerability was found in SQLite. Loading a database whose schema was corrupted using a CREATE TABLE AS statement would result in a SQLite crash.(CVE-2018-8740)\n\n - It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3416)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.1.0 : sqlite (EulerOS-SA-2019-1425)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2018-8740"], "modified": "2021-02-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:sqlite", "p-cpe:/a:huawei:euleros:sqlite-devel", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1425.NASL", "href": "https://www.tenable.com/plugins/nessus/124928", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124928);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/08\");\n\n script_cve_id(\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2018-8740\"\n );\n script_bugtraq_id(\n 74228\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : sqlite (EulerOS-SA-2019-1425)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the sqlite packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - It was found that SQLite's sqlite3VdbeExec() function\n did not properly implement comparison operators. A\n local attacker could submit a specially crafted CHECK\n statement that would crash the SQLite process, or have\n other unspecified impacts.(CVE-2015-3415)\n\n - A flaw was found in the way SQLite handled dequoting of\n collation-sequence names. A local attacker could submit\n a specially crafted COLLATE statement that would crash\n the SQLite process, or have other unspecified\n impacts.(CVE-2015-3414)\n\n - A NULL pointer dereference vulnerability was found in\n SQLite. Loading a database whose schema was corrupted\n using a CREATE TABLE AS statement would result in a\n SQLite crash.(CVE-2018-8740)\n\n - It was found that SQLite's sqlite3VXPrintf() function\n did not properly handle precision and width values\n during floating-point conversions. A local attacker\n could submit a specially crafted SELECT statement that\n would crash the SQLite process, or have other\n unspecified impacts.(CVE-2015-3416)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1425\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d8337062\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected sqlite packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"sqlite-3.7.17-8.h2.eulerosv2r7\",\n \"sqlite-devel-3.7.17-8.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:18:24", "description": "It was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.\n(CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting of collation-sequence names. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented comparison operators. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf precision and width values during floating-point conversions. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-3416).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-07-31T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : sqlite3 vulnerabilities (USN-2698-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7443", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libsqlite3-0", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2698-1.NASL", "href": "https://www.tenable.com/plugins/nessus/85156", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2698-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85156);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-7443\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"USN\", value:\"2698-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : sqlite3 vulnerabilities (USN-2698-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that SQLite incorrectly handled skip-scan\noptimization. An attacker could use this issue to cause applications\nusing SQLite to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 14.04 LTS.\n(CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting\nof collation-sequence names. An attacker could use this issue to cause\napplications using SQLite to crash, resulting in a denial of service,\nor possibly execute arbitrary code. This issue only affected Ubuntu\n14.04 LTS and Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented\ncomparison operators. An attacker could use this issue to cause\napplications using SQLite to crash, resulting in a denial of service,\nor possibly execute arbitrary code. This issue only affected Ubuntu\n15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf\nprecision and width values during floating-point conversions. An\nattacker could use this issue to cause applications using SQLite to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2015-3416).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2698-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsqlite3-0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.7.9-2ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.8.2-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.8.7.4-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsqlite3-0\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:17:24", "description": "Upstream reports that six security-related issues in PHP were fixed in this release, as well as several security issues in bundled sqlite library (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416). All PHP 5.4 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-09T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php54 (ALAS-2015-561)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php54", "p-cpe:/a:amazon:linux:php54-bcmath", "p-cpe:/a:amazon:linux:php54-cli", "p-cpe:/a:amazon:linux:php54-common", "p-cpe:/a:amazon:linux:php54-dba", "p-cpe:/a:amazon:linux:php54-debuginfo", "p-cpe:/a:amazon:linux:php54-devel", "p-cpe:/a:amazon:linux:php54-embedded", "p-cpe:/a:amazon:linux:php54-enchant", "p-cpe:/a:amazon:linux:php54-fpm", "p-cpe:/a:amazon:linux:php54-gd", "p-cpe:/a:amazon:linux:php54-imap", "p-cpe:/a:amazon:linux:php54-intl", "p-cpe:/a:amazon:linux:php54-ldap", "p-cpe:/a:amazon:linux:php54-mbstring", "p-cpe:/a:amazon:linux:php54-mcrypt", "p-cpe:/a:amazon:linux:php54-mssql", "p-cpe:/a:amazon:linux:php54-mysql", "p-cpe:/a:amazon:linux:php54-mysqlnd", "p-cpe:/a:amazon:linux:php54-odbc", "p-cpe:/a:amazon:linux:php54-pdo", "p-cpe:/a:amazon:linux:php54-pgsql", "p-cpe:/a:amazon:linux:php54-process", "p-cpe:/a:amazon:linux:php54-pspell", "p-cpe:/a:amazon:linux:php54-recode", "p-cpe:/a:amazon:linux:php54-snmp", "p-cpe:/a:amazon:linux:php54-soap", "p-cpe:/a:amazon:linux:php54-tidy", "p-cpe:/a:amazon:linux:php54-xml", "p-cpe:/a:amazon:linux:php54-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-561.NASL", "href": "https://www.tenable.com/plugins/nessus/84623", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-561.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84623);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3416\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-4642\", \"CVE-2015-4643\", \"CVE-2015-4644\");\n script_xref(name:\"ALAS\", value:\"2015-561\");\n\n script_name(english:\"Amazon Linux AMI : php54 (ALAS-2015-561)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream reports that six security-related issues in PHP were fixed in\nthis release, as well as several security issues in bundled sqlite\nlibrary (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416). All PHP 5.4\nusers are encouraged to upgrade to this version. Please see the\nupstream release notes for full details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.4.42\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-561.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php54' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php54-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-bcmath-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-cli-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-common-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-dba-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-debuginfo-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-devel-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-embedded-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-enchant-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-fpm-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-gd-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-imap-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-intl-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-ldap-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mbstring-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mcrypt-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mssql-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mysql-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mysqlnd-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-odbc-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pdo-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pgsql-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-process-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pspell-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-recode-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-snmp-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-soap-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-tidy-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-xml-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-xmlrpc-5.4.42-1.71.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php54 / php54-bcmath / php54-cli / php54-common / php54-dba / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:56:19", "description": "Versions of PHP 5.5.x prior to 5.5.26, or 5.6.x prior to 5.6.10 are exposed to the following vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the 'compile_branch()' and 'pcre_compile2()' functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326)\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition. (CVE-2015-3414)\n - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the 'sqlite3VdbeExec()' function in 'vdbe.c'. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415)\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the 'sqlite3VXPrintf()' function in 'printf.c'. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416)\n - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the '\\0' character with a safe file extension, to bypass access restrictions. (CVE-2015-4598)\n - An arbitrary command injection vulnerability exists due to a flaw in the 'php_escape_shell_arg()' function in 'exec.c'. A remote attacker can exploit this, via the 'escapeshellarg()' PHP method, to inject arbitrary operating system commands. (CVE-2015-4642)\n - A heap buffer overflow condition exists in the 'ftp_genlist()' function in 'ftp.c'. due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-4643)\n - A denial of service vulnerability exists due to a NULL pointer dereference flaw in the 'build_tablename()' function in 'pgsql.c'. An authenticated, remote attacker can exploit this to cause an application crash. (CVE-2015-4644)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-18T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.26 / 5.6.x < 5.6.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "8787.PRM", "href": "https://www.tenable.com/plugins/nnm/8787", "sourceData": "Binary data 8787.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:44:22", "description": "According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition. (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the '\\\\0' character with a safe file extension, to bypass access restrictions. (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due to a flaw in the php_escape_shell_arg() function in exec.c. A remote attacker can exploit this, via the escapeshellarg() PHP method, to inject arbitrary operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the ftp_genlist() function in ftp.c. due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-4643) - A denial of service vulnerability exists due to a NULL pointer dereference flaw in the build_tablename() function in pgsql.c. An authenticated, remote attacker can exploit this to cause an application crash. (CVE-2015-4644)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-09T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98802", "href": "https://www.tenable.com/plugins/was/98802", "sourceData": "No source data", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:38:08", "description": "According to its banner, the version of PHP 5.5.x running on the remote web server is prior to 5.5.26. It is, therefore, affected by multiple vulnerabilities : \n\n - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the '\\0' character with a safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due to a flaw in the php_escape_shell_arg() function in exec.c. A remote attacker can exploit this, via the escapeshellarg() PHP method, to inject arbitrary operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the ftp_genlist() function in ftp.c. due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-4643) \n - A denial of service vulnerability exists due to a NULL pointer dereference flaw in the build_tablename() function in pgsql.c. An authenticated, remote attacker can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-24T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.26 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_5_26.NASL", "href": "https://www.tenable.com/plugins/nessus/84363", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84363);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-2325\",\n \"CVE-2015-2326\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-4598\",\n \"CVE-2015-4642\",\n \"CVE-2015-4643\",\n \"CVE-2015-4644\"\n );\n script_bugtraq_id(\n 74228,\n 75174,\n 75175,\n 75244,\n 75290,\n 75291,\n 75292\n );\n\n script_name(english:\"PHP 5.5.x < 5.5.26 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.5.x running on the\nremote web server is prior to 5.5.26. It is, therefore, affected by\nmultiple vulnerabilities : \n\n - Multiple heap buffer overflow conditions exist in the\n bundled Perl-Compatible Regular Expression (PCRE)\n library due to improper validation of user-supplied\n input to the compile_branch() and pcre_compile2()\n functions. A remote attacker can exploit these\n conditions to cause a heap-based buffer overflow,\n resulting in a denial of service condition or the\n execution of arbitrary code. (CVE-2015-2325,\n CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of quotes\n in collation sequence names. A remote attacker can\n exploit this to cause uninitialized memory access,\n resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to an improper implementation of\n comparison operators in the sqlite3VdbeExec() function\n in vdbe.c. A remote attacker can exploit this to cause\n an invalid free operation, resulting in a denial of\n service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of precision\n and width values during floating-point conversions in\n the sqlite3VXPrintf() function in printf.c. A remote\n attacker can exploit this to cause a stack-based buffer\n overflow, resulting in a denial of service condition or\n the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure\n in multiple extensions to check for NULL bytes in a path\n when processing or reading a file. A remote attacker can\n exploit this, by combining the '\\0' character with a\n safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due\n to a flaw in the php_escape_shell_arg() function in\n exec.c. A remote attacker can exploit this, via the\n escapeshellarg() PHP method, to inject arbitrary\n operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the\n ftp_genlist() function in ftp.c. due to improper\n validation of user-supplied input. A remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2015-4643)\n \n - A denial of service vulnerability exists due to a NULL\n pointer dereference flaw in the build_tablename()\n function in pgsql.c. An authenticated, remote attacker\n can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.5.26\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.5.26 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4642\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.5)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.5\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.5.x\", port);\n\nif (version =~ \"^5\\.5\\.([0-9]|1[0-9]|2[0-5])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.5.26' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:16:48", "description": "According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the '\\0' character with a safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due to a flaw in the php_escape_shell_arg() function in exec.c. A remote attacker can exploit this, via the escapeshellarg() PHP method, to inject arbitrary operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the ftp_genlist() function in ftp.c. due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-4643) \n - A denial of service vulnerability exists due to a NULL pointer dereference flaw in the build_tablename() function in pgsql.c. An authenticated, remote attacker can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-24T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_6_10.NASL", "href": "https://www.tenable.com/plugins/nessus/84364", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84364);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-2325\",\n \"CVE-2015-2326\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-4598\",\n \"CVE-2015-4642\",\n \"CVE-2015-4643\",\n \"CVE-2015-4644\"\n );\n script_bugtraq_id(\n 74228,\n 75174,\n 75175,\n 75244,\n 75290,\n 75291,\n 75292\n );\n\n script_name(english:\"PHP 5.6.x < 5.6.10 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.6.x running on the\nremote web server is prior to 5.6.10. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the\n bundled Perl-Compatible Regular Expression (PCRE)\n library due to improper validation of user-supplied\n input to the compile_branch() and pcre_compile2()\n functions. A remote attacker can exploit these\n conditions to cause a heap-based buffer overflow,\n resulting in a denial of service condition or the\n execution of arbitrary code. (CVE-2015-2325,\n CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of quotes\n in collation sequence names. A remote attacker can\n exploit this to cause uninitialized memory access,\n resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to an improper implementation of\n comparison operators in the sqlite3VdbeExec() function\n in vdbe.c. A remote attacker can exploit this to cause\n an invalid free operation, resulting in a denial of\n service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of precision\n and width values during floating-point conversions in\n the sqlite3VXPrintf() function in printf.c. A remote\n attacker can exploit this to cause a stack-based buffer\n overflow, resulting in a denial of service condition or\n the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure\n in multiple extensions to check for NULL bytes in a path\n when processing or reading a file. A remote attacker can\n exploit this, by combining the '\\0' character with a\n safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due\n to a flaw in the php_escape_shell_arg() function in\n exec.c. A remote attacker can exploit this, via the\n escapeshellarg() PHP method, to inject arbitrary\n operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the\n ftp_genlist() function in ftp.c. due to improper\n validation of user-supplied input. A remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2015-4643)\n \n - A denial of service vulnerability exists due to a NULL\n pointer dereference flaw in the build_tablename()\n function in pgsql.c. An authenticated, remote attacker\n can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.6.10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.6.10 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4642\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.6)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.6\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.6.x\", port);\n\nif (version =~ \"^5\\.6\\.[0-9]($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.6.10' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:16:58", "description": "According to its banner, the version of PHP 5.4.x running on the remote web server is prior to 5.4.42. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the '\\0' character with a safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due to a flaw in the php_escape_shell_arg() function in exec.c. A remote attacker can exploit this, via the escapeshellarg() PHP method, to inject arbitrary operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the ftp_genlist() function in ftp.c. due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-4643) \n - A denial of service vulnerability exists due to a NULL pointer dereference flaw in the build_tablename() function in pgsql.c. An authenticated, remote attacker can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-24T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.42 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_4_42.NASL", "href": "https://www.tenable.com/plugins/nessus/84362", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84362);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-2325\",\n \"CVE-2015-2326\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-4598\",\n \"CVE-2015-4642\",\n \"CVE-2015-4643\",\n \"CVE-2015-4644\"\n );\n script_bugtraq_id(\n 74228,\n 75174,\n 75175,\n 75244,\n 75290,\n 75291,\n 75292\n );\n\n script_name(english:\"PHP 5.4.x < 5.4.42 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.4.x running on the\nremote web server is prior to 5.4.42. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the\n bundled Perl-Compatible Regular Expression (PCRE)\n library due to improper validation of user-supplied\n input to the compile_branch() and pcre_compile2()\n functions. A remote attacker can exploit these\n conditions to cause a heap-based buffer overflow,\n resulting in a denial of service condition or the\n execution of arbitrary code. (CVE-2015-2325,\n CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of quotes\n in collation sequence names. A remote attacker can\n exploit this to cause uninitialized memory access,\n resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to an improper implementation of\n comparison operators in the sqlite3VdbeExec() function\n in vdbe.c. A remote attacker can exploit this to cause\n an invalid free operation, resulting in a denial of\n service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of precision\n and width values during floating-point conversions in\n the sqlite3VXPrintf() function in printf.c. A remote\n attacker can exploit this to cause a stack-based buffer\n overflow, resulting in a denial of service condition or\n the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure\n in multiple extensions to check for NULL bytes in a path\n when processing or reading a file. A remote attacker can\n exploit this, by combining the '\\0' character with a\n safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due\n to a flaw in the php_escape_shell_arg() function in\n exec.c. A remote attacker can exploit this, via the\n escapeshellarg() PHP method, to inject arbitrary\n operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the\n ftp_genlist() function in ftp.c. due to improper\n validation of user-supplied input. A remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2015-4643)\n \n - A denial of service vulnerability exists due to a NULL\n pointer dereference flaw in the build_tablename()\n function in pgsql.c. An authenticated, remote attacker\n can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.4.42\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.4.42 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4642\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.4)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.4\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.4.x\", port);\n\nif (version =~ \"^5\\.4\\.([0-9]|[1-3][0-9]|4[01])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.4.42' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:18:24", "description": "Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326). All PHP 5.5 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-09T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php55 (ALAS-2015-562)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php55", "p-cpe:/a:amazon:linux:php55-bcmath", "p-cpe:/a:amazon:linux:php55-cli", "p-cpe:/a:amazon:linux:php55-common", "p-cpe:/a:amazon:linux:php55-dba", "p-cpe:/a:amazon:linux:php55-debuginfo", "p-cpe:/a:amazon:linux:php55-devel", "p-cpe:/a:amazon:linux:php55-embedded", "p-cpe:/a:amazon:linux:php55-enchant", "p-cpe:/a:amazon:linux:php55-fpm", "p-cpe:/a:amazon:linux:php55-gd", "p-cpe:/a:amazon:linux:php55-gmp", "p-cpe:/a:amazon:linux:php55-imap", "p-cpe:/a:amazon:linux:php55-intl", "p-cpe:/a:amazon:linux:php55-ldap", "p-cpe:/a:amazon:linux:php55-mbstring", "p-cpe:/a:amazon:linux:php55-mcrypt", "p-cpe:/a:amazon:linux:php55-mssql", "p-cpe:/a:amazon:linux:php55-mysqlnd", "p-cpe:/a:amazon:linux:php55-odbc", "p-cpe:/a:amazon:linux:php55-opcache", "p-cpe:/a:amazon:linux:php55-pdo", "p-cpe:/a:amazon:linux:php55-pgsql", "p-cpe:/a:amazon:linux:php55-process", "p-cpe:/a:amazon:linux:php55-pspell", "p-cpe:/a:amazon:linux:php55-recode", "p-cpe:/a:amazon:linux:php55-snmp", "p-cpe:/a:amazon:linux:php55-soap", "p-cpe:/a:amazon:linux:php55-tidy", "p-cpe:/a:amazon:linux:php55-xml", "p-cpe:/a:amazon:linux:php55-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-562.NASL", "href": "https://www.tenable.com/plugins/nessus/84624", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-562.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84624);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3416\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-4642\", \"CVE-2015-4643\", \"CVE-2015-4644\");\n script_xref(name:\"ALAS\", value:\"2015-562\");\n\n script_name(english:\"Amazon Linux AMI : php55 (ALAS-2015-562)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream reports that several bugs have been fixed as well as several\nsecurity issues into some bundled libraries (CVE-2015-3414 ,\nCVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326). All\nPHP 5.5 users are encouraged to upgrade to this version. Please see\nthe upstream release notes for full details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.26\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-562.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php55' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php55-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-bcmath-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-cli-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-common-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-dba-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-debuginfo-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-devel-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-embedded-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-enchant-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-fpm-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gd-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gmp-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-imap-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-intl-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-ldap-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mbstring-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mcrypt-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mssql-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mysqlnd-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-odbc-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-opcache-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pdo-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pgsql-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-process-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pspell-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-recode-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-snmp-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-soap-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-tidy-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xml-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xmlrpc-5.5.26-1.103.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php55 / php55-bcmath / php55-cli / php55-common / php55-dba / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:18:13", "description": "Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326). All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-09T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php56 (ALAS-2015-563)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php56", "p-cpe:/a:amazon:linux:php56-bcmath", "p-cpe:/a:amazon:linux:php56-cli", "p-cpe:/a:amazon:linux:php56-common", "p-cpe:/a:amazon:linux:php56-dba", "p-cpe:/a:amazon:linux:php56-dbg", "p-cpe:/a:amazon:linux:php56-debuginfo", "p-cpe:/a:amazon:linux:php56-devel", "p-cpe:/a:amazon:linux:php56-embedded", "p-cpe:/a:amazon:linux:php56-enchant", "p-cpe:/a:amazon:linux:php56-fpm", "p-cpe:/a:amazon:linux:php56-gd", "p-cpe:/a:amazon:linux:php56-gmp", "p-cpe:/a:amazon:linux:php56-imap", "p-cpe:/a:amazon:linux:php56-intl", "p-cpe:/a:amazon:linux:php56-ldap", "p-cpe:/a:amazon:linux:php56-mbstring", "p-cpe:/a:amazon:linux:php56-mcrypt", "p-cpe:/a:amazon:linux:php56-mssql", "p-cpe:/a:amazon:linux:php56-mysqlnd", "p-cpe:/a:amazon:linux:php56-odbc", "p-cpe:/a:amazon:linux:php56-opcache", "p-cpe:/a:amazon:linux:php56-pdo", "p-cpe:/a:amazon:linux:php56-pgsql", "p-cpe:/a:amazon:linux:php56-process", "p-cpe:/a:amazon:linux:php56-pspell", "p-cpe:/a:amazon:linux:php56-recode", "p-cpe:/a:amazon:linux:php56-snmp", "p-cpe:/a:amazon:linux:php56-soap", "p-cpe:/a:amazon:linux:php56-tidy", "p-cpe:/a:amazon:linux:php56-xml", "p-cpe:/a:amazon:linux:php56-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-563.NASL", "href": "https://www.tenable.com/plugins/nessus/84625", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-563.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84625);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3416\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-4642\", \"CVE-2015-4643\", \"CVE-2015-4644\");\n script_xref(name:\"ALAS\", value:\"2015-563\");\n\n script_name(english:\"Amazon Linux AMI : php56 (ALAS-2015-563)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream reports that several bugs have been fixed as well as several\nsecurity issues into some bundled libraries (CVE-2015-3414 ,\nCVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326). All\nPHP 5.6 users are encouraged to upgrade to this version. Please see\nthe upstream release notes for full details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.6.10\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-563.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php56' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php56-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-bcmath-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-cli-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-common-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dba-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dbg-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-debuginfo-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-devel-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-embedded-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-enchant-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-fpm-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gd-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gmp-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-imap-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-intl-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-ldap-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mbstring-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mcrypt-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mssql-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mysqlnd-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-odbc-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-opcache-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pdo-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pgsql-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-process-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pspell-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-recode-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-snmp-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-soap-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-tidy-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xml-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xmlrpc-5.6.10-1.115.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php56 / php56-bcmath / php56-cli / php56-common / php56-dba / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:17:39", "description": "New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-20T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / current : php (SSA:2015-198-02) (BACKRONYM)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3152", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:php", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2015-198-02.NASL", "href": "https://www.tenable.com/plugins/nessus/84830", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2015-198-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84830);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3152\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\", \"CVE-2015-4642\", \"CVE-2015-4643\", \"CVE-2015-4644\");\n script_bugtraq_id(74228, 75174, 75175, 75290, 75291, 75292);\n script_xref(name:\"SSA\", value:\"2015-198-02\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / current : php (SSA:2015-198-02) (BACKRONYM)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New php packages are available for Slackware 14.0, 14.1, and -current\nto fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.420251\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72457f25\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/17\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"php\", pkgver:\"5.4.43\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.4.43\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"php\", pkgver:\"5.4.43\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.4.43\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"php\", pkgver:\"5.6.11\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.6.11\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:24:53", "description": "The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-08T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3270", "CVE-2009-3560", "CVE-2009-3720", "CVE-2012-1147", "CVE-2012-1148", "CVE-2012-6702", "CVE-2013-7443", "CVE-2015-1283", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3717", "CVE-2015-6607", "CVE-2016-0718", "CVE-2016-4472", "CVE-2016-5300", "CVE-2016-6153"], "modified": "2019-11-13T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "MACOS_ITUNES_12_6.NASL", "href": "https://www.tenable.com/plugins/nessus/100027", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100027);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/13\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)\");\n script_summary(english:\"Checks iTunes version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-0718\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_itunes_detect.nasl\");\n script_require_keys(\"Host/MacOSX/Version\", \"installed_sw/iTunes\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"iTunes\");\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:52:33", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1058-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self- referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-20T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:1058-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2019-19244", "CVE-2019-19317", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19646", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-19959", "CVE-2019-20218", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-15358", "CVE-2020-9327"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsqlite3-0", "p-cpe:/a:novell:opensuse:libsqlite3-0-32bit", "p-cpe:/a:novell:opensuse:sqlite3", "p-cpe:/a:novell:opensuse:sqlite3-devel", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1058.NASL", "href": "https://www.tenable.com/plugins/nessus/151816", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1058-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151816);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2019-19244\",\n \"CVE-2019-19317\",\n \"CVE-2019-19603\",\n \"CVE-2019-19645\",\n \"CVE-2019-19646\",\n \"CVE-2019-19880\",\n \"CVE-2019-19923\",\n \"CVE-2019-19924\",\n \"CVE-2019-19925\",\n \"CVE-2019-19926\",\n \"CVE-2019-19959\",\n \"CVE-2019-20218\",\n \"CVE-2020-9327\",\n \"CVE-2020-13434\",\n \"CVE-2020-13435\",\n \"CVE-2020-13630\",\n \"CVE-2020-13631\",\n \"CVE-2020-13632\",\n \"CVE-2020-15358\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0358-S\");\n\n script_name(english:\"openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:1058-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1058-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows\n context-dependent attackers to cause a denial of service (uninitialized memory access and application\n crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by\n COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison\n operators, which allows context-dependent attackers to cause a denial of service (invalid free operation)\n or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a\n CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window\n functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated\n column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application\n crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-\n referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain\n cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference\n because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT\n JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect\n results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This\n is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP\n archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by\n errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for\n CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving\n embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for\n example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet\n feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related\n to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo()\n query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy\n heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and\n segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1157818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1164719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1173641\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SB6Z44NRR3L5O3VXGRWAB7XUKDS4TMFZ/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7bcf13b2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-20218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9327\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsqlite3-0, libsqlite3-0-32bit, sqlite3 and / or sqlite3-devel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19646\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nos_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\npkgs = [\n {'reference':'libsqlite3-0-3.36.0-lp152.4.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsqlite3-0-32bit-3.36.0-lp152.4.3.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite3-3.36.0-lp152.4.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite3-devel-3.36.0-lp152.4.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsqlite3-0 / libsqlite3-0-32bit / sqlite3 / sqlite3-devel');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:56", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2320-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self- referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-16T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:2320-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2019-19244", "CVE-2019-19317", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19646", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-19959", "CVE-2019-20218", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-15358", "CVE-2020-9327"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsqlite3-0", "p-cpe:/a:novell:opensuse:libsqlite3-0-32bit", "p-cpe:/a:novell:opensuse:sqlite3", "p-cpe:/a:novell:opensuse:sqlite3-devel", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-2320.NASL", "href": "https://www.tenable.com/plugins/nessus/151748", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:2320-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151748);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2019-19244\",\n \"CVE-2019-19317\",\n \"CVE-2019-19603\",\n \"CVE-2019-19645\",\n \"CVE-2019-19646\",\n \"CVE-2019-19880\",\n \"CVE-2019-19923\",\n \"CVE-2019-19924\",\n \"CVE-2019-19925\",\n \"CVE-2019-19926\",\n \"CVE-2019-19959\",\n \"CVE-2019-20218\",\n \"CVE-2020-9327\",\n \"CVE-2020-13434\",\n \"CVE-2020-13435\",\n \"CVE-2020-13630\",\n \"CVE-2020-13631\",\n \"CVE-2020-13632\",\n \"CVE-2020-15358\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0358-S\");\n\n script_name(english:\"openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:2320-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:2320-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows\n context-dependent attackers to cause a denial of service (uninitialized memory access and application\n crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by\n COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison\n operators, which allows context-dependent attackers to cause a denial of service (invalid free operation)\n or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a\n CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window\n functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated\n column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application\n crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-\n referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain\n cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference\n because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT\n JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect\n results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This\n is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP\n archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by\n errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for\n CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving\n embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for\n example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet\n feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related\n to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo()\n query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy\n heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and\n segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1157818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1164719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1173641\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JD4EZ74IZ57MKTDKDVIUAIG6VCAEKMD5/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?405d0bcc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-20218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9327\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsqlite3-0, libsqlite3-0-32bit, sqlite3 and / or sqlite3-devel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19646\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nos_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\npkgs = [\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite3-3.36.0-3.12.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsqlite3-0 / libsqlite3-0-32bit / sqlite3 / sqlite3-devel');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:41", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2320-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self- referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-15T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : sqlite3 (SUSE-SU-2021:2320-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2019-19244", "CVE-2019-19317", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19646", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-19959", "CVE-2019-20218", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-15358", "CVE-2020-9327"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsqlite3-0", "p-cpe:/a:novell:suse_linux:libsqlite3-0-32bit", "p-cpe:/a:novell:suse_linux:sqlite3", "p-cpe:/a:novell:suse_linux:sqlite3-devel", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-2320-1.NASL", "href": "https://www.tenable.com/plugins/nessus/151654", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:2320-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151654);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2019-19244\",\n \"CVE-2019-19317\",\n \"CVE-2019-19603\",\n \"CVE-2019-19645\",\n \"CVE-2019-19646\",\n \"CVE-2019-19880\",\n \"CVE-2019-19923\",\n \"CVE-2019-19924\",\n \"CVE-2019-19925\",\n \"CVE-2019-19926\",\n \"CVE-2019-19959\",\n \"CVE-2019-20218\",\n \"CVE-2020-9327\",\n \"CVE-2020-13434\",\n \"CVE-2020-13435\",\n \"CVE-2020-13630\",\n \"CVE-2020-13631\",\n \"CVE-2020-13632\",\n \"CVE-2020-15358\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:2320-1\");\n script_xref(name:\"IAVA\", value:\"2020-A-0358-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : sqlite3 (SUSE-SU-2021:2320-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:2320-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows\n context-dependent attackers to cause a denial of service (uninitialized memory access and application\n crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by\n COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison\n operators, which allows context-dependent attackers to cause a denial of service (invalid free operation)\n or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a\n CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window\n functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated\n column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application\n crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-\n referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain\n cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference\n because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT\n JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect\n results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This\n is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP\n archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by\n errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for\n CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving\n embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for\n example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet\n feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related\n to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo()\n query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy\n heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and\n segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1157818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1164719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1173641\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-July/009137.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1fe5c1d1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-20218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9327\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsqlite3-0, libsqlite3-0-32bit, sqlite3 and / or sqlite3-devel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19646\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1|2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1/2/3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'sqlite3-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsqlite3-0 / libsqlite3-0-32bit / sqlite3 / sqlite3-devel');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:09:03", "description": "According to its self-reported version number, the remote pfSense install is prior to 2.2.3. It is, therefore, affected by multiple vulnerabilities as stated in the referenced vendor advisories.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-31T00:00:00", "type": "nessus", "title": "pfSense < 2.2.3 Multiple Vulnerabilities (SA-15_07) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4000", "CVE-2015-4029", "CVE-2015-4171", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644", "CVE-2015-6508", "CVE-2015-6509", "CVE-2015-6510", "CVE-2015-6511"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:pfsense:pfsense", "cpe:/a:bsdperimeter:pfsense"], "id": "PFSENSE_SA-15_06.NASL", "href": "https://www.tenable.com/plugins/nessus/106495", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106495);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2014-8176\",\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-2325\",\n \"CVE-2015-2326\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-4000\",\n \"CVE-2015-4029\",\n \"CVE-2015-4171\",\n \"CVE-2015-4598\",\n \"CVE-2015-4642\",\n \"CVE-2015-4643\",\n \"CVE-2015-4644\",\n \"CVE-2015-6508\",\n \"CVE-2015-6509\",\n \"CVE-2015-6510\",\n \"CVE-2015-6511\"\n );\n script_bugtraq_id(\n 74228,\n 75174,\n 75175,\n 75244,\n 75290,\n 75291,\n 75292\n );\n script_xref(name:\"FreeBSD\", value:\"SA-15:10.openssl\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"pfSense < 2.2.3 Multiple Vulnerabilities (SA-15_07) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote firewall host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote pfSense\ninstall is prior to 2.2.3. It is, therefore, affected by multiple\nvulnerabilities as stated in the referenced vendor advisories.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://doc.pfsense.org/index.php/2.2.3_New_Features_and_Changes\");\n # https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?61bea99f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to pfSense version 2.2.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4642\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:pfsense:pfsense\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:bsdperimeter:pfsense\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"pfsense_detect.nbin\");\n script_require_keys(\"Host/pfSense\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nif (!get_kb_item(\"Host/pfSense\")) audit(AUDIT_HOST_NOT, \"pfSense\");\n\napp_info = vcf::pfsense::get_app_info();\nconstraints = [\n { \"fixed_version\" : \"2.2.3\" }\n];\n\nvcf::pfsense::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n flags:{xss:TRUE}\n);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:24:51", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the APNs server component due to client certificates being transmitted in cleartext. A man-in-the-middle attacker can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component due to improper handling of RenderBox objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS) vulnerabilities exist in the WebKit component due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these vulnerabilities, by convincing a user to visit a specially crafted web page, to execute arbitrary script code in a user's browser session. (CVE-2017-2479, CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt component in the xsltAddTextString() function in transform.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause an out-of-bounds write, resulting in the execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-08T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3270", "CVE-2009-3560", "CVE-2009-3720", "CVE-2012-1147", "CVE-2012-1148", "CVE-2012-6702", "CVE-2013-7443", "CVE-2015-1283", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3717", "CVE-2015-6607", "CVE-2016-0718", "CVE-2016-4472", "CVE-2016-5300", "CVE-2016-6153", "CVE-2017-2383", "CVE-2017-2463", "CVE-2017-2479", "CVE-2017-2480", "CVE-2017-2493", "CVE-2017-5029"], "modified": "2019-11-13T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_6.NASL", "href": "https://www.tenable.com/plugins/nessus/100025", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100025);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/13\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\",\n \"CVE-2017-2383\",\n \"CVE-2017-2463\",\n \"CVE-2017-2479\",\n \"CVE-2017-2480\",\n \"CVE-2017-5029\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546,\n 96767,\n 97175,\n 97176\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-1\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-28-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the\n APNs server component due to client certificates being\n transmitted in cleartext. A man-in-the-middle attacker\n can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component\n due to improper handling of RenderBox objects. An\n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS)\n vulnerabilities exist in the WebKit component due to\n improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these\n vulnerabilities, by convincing a user to visit a\n specially crafted web page, to execute arbitrary script\n code in a user's browser session. (CVE-2017-2479,\n CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt\n component in the xsltAddTextString() function in\n transform.c due to improper validation of user-supplied\n input. An unauthenticated, remote attacker can exploit\n this to cause an out-of-bounds write, resulting in the\n execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207599\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00000.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d1057132\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00010.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?65be44ae\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-0718\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"iTunes Version\", win_local:TRUE);\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, flags:{xss:TRUE});\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:24:52", "description": "The version of Apple iTunes running on the remote host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the APNs server component due to client certificates being transmitted in cleartext. A man-in-the-middle attacker can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component due to improper handling of RenderBox objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS) vulnerabilities exist in the WebKit component due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these vulnerabilities, by convincing a user to visit a specially crafted web page, to execute arbitrary script code in a user's browser session. (CVE-2017-2479, CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt component in the xsltAddTextString() function in transform.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause an out-of-bounds write, resulting in the execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-08T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3270", "CVE-2009-3560", "CVE-2009-3720", "CVE-2012-1147", "CVE-2012-1148", "CVE-2012-6702", "CVE-2013-7443", "CVE-2015-1283", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3717", "CVE-2015-6607", "CVE-2016-0718", "CVE-2016-4472", "CVE-2016-5300", "CVE-2016-6153", "CVE-2017-2383", "CVE-2017-2463", "CVE-2017-2479", "CVE-2017-2480", "CVE-2017-2493", "CVE-2017-5029"], "modified": "2019-11-13T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_6_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/100026", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100026);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/13\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\",\n \"CVE-2017-2383\",\n \"CVE-2017-2463\",\n \"CVE-2017-2479\",\n \"CVE-2017-2480\",\n \"CVE-2017-5029\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546,\n 96767,\n 97175,\n 97176\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-1\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-28-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes running on the remote host is prior to\n12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the\n APNs server component due to client certificates being\n transmitted in cleartext. A man-in-the-middle attacker\n can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component\n due to improper handling of RenderBox objects. An\n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS)\n vulnerabilities exist in the WebKit component due to\n improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these\n vulnerabilities, by convincing a user to visit a\n specially crafted web page, to execute arbitrary script\n code in a user's browser session. (CVE-2017-2479,\n CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt\n component in the xsltAddTextString() function in\n transform.c due to improper validation of user-supplied\n input. An unauthenticated, remote attacker can exploit\n this to cause an out-of-bounds write, resulting in the\n execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00000.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d1057132\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00010.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?65be44ae\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-0718\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type == 'AppleTV') audit(AUDIT_OS_NOT, \"Windows or Mac OS\");\n\nfixed_version = \"12.6\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) < 0)\n{\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_report_v4(port:port, extra:report, severity:SECURITY_HOLE, xss:TRUE);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:55:58", "description": "The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3215-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a CREATE TABLE statement. (CVE-2015-3415)\n\n - os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.\n (CVE-2016-6153)\n\n - The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over- read or possibly unspecified other impact. (CVE-2017-10989)\n\n - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the SQLite component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement. (CVE-2017-2518)\n\n - SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan. (CVE-2018-20346)\n\n - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. (CVE-2018-8740)\n\n - In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a severe division by zero in the query planner. (CVE-2019-16168)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self- referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. (CVE-2019-8457)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-24T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : sqlite3 (SUSE-SU-2021:3215-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2016-6153", "CVE-2017-10989", "CVE-2017-2518", "CVE-2018-20346", "CVE-2018-8740", "CVE-2019-16168", "CVE-2019-19244", "CVE-2019-19317", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19646", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-19959", "CVE-2019-20218", "CVE-2019-8457", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-15358", "CVE-2020-9327"], "modified": "2022-05-16T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsqlite3-0", "p-cpe:/a:novell:suse_linux:libsqlite3-0-32bit", "p-cpe:/a:novell:suse_linux:sqlite3", "p-cpe:/a:novell:suse_linux:sqlite3-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-3215-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153643", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3215-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153643);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2016-6153\",\n \"CVE-2017-2518\",\n \"CVE-2017-10989\",\n \"CVE-2018-8740\",\n \"CVE-2018-20346\",\n \"CVE-2019-8457\",\n \"CVE-2019-16168\",\n \"CVE-2019-19244\",\n \"CVE-2019-19317\",\n \"CVE-2019-19603\",\n \"CVE-2019-19645\",\n \"CVE-2019-19646\",\n \"CVE-2019-19880\",\n \"CVE-2019-19923\",\n \"CVE-2019-19924\",\n \"CVE-2019-19925\",\n \"CVE-2019-19926\",\n \"CVE-2019-19959\",\n \"CVE-2019-20218\",\n \"CVE-2020-9327\",\n \"CVE-2020-13434\",\n \"CVE-2020-13435\",\n \"CVE-2020-13630\",\n \"CVE-2020-13631\",\n \"CVE-2020-13632\",\n \"CVE-2020-15358\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3215-1\");\n script_xref(name:\"IAVA\", value:\"2020-A-0358-S\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : sqlite3 (SUSE-SU-2021:3215-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:3215-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows\n context-dependent attackers to cause a denial of service (uninitialized memory access and application\n crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by\n COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison\n operators, which allows context-dependent attackers to cause a denial of service (invalid free operation)\n or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a\n CREATE TABLE statement. (CVE-2015-3415)\n\n - os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which\n might allow local users to obtain sensitive information, cause a denial of service (application crash), or\n have unspecified other impact by leveraging use of the current working directory for temporary files.\n (CVE-2016-6153)\n\n - The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other\n products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-\n read or possibly unspecified other impact. (CVE-2017-10989)\n\n - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is\n affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the\n SQLite component. It allows remote attackers to execute arbitrary code or cause a denial of service\n (buffer overflow and application crash) via a crafted SQL statement. (CVE-2017-2518)\n\n - SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant\n buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote\n attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in\n certain WebSQL use cases), aka Magellan. (CVE-2018-20346)\n\n - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could\n cause a NULL pointer dereference, related to build.c and prepare.c. (CVE-2018-8740)\n\n - In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application\n because of missing validation of a sqlite_stat1 sz field, aka a severe division by zero in the query\n planner. (CVE-2019-16168)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window\n functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated\n column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application\n crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-\n referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain\n cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference\n because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT\n JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect\n results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This\n is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP\n archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by\n errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for\n CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving\n embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for\n example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode()\n function when handling invalid rtree tables. (CVE-2019-8457)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet\n feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related\n to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo()\n query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy\n heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and\n segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1157818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1164719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1173641\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-September/009509.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b948800c\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2016-6153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-10989\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-2518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-20218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9327\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsqlite3-0, libsqlite3-0-32bit, sqlite3 and / or sqlite3-devel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8457\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsqlite3-0 / libsqlite3-0-32bit / sqlite3 / sqlite3-devel');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:02:21", "description": "The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11 and is affected by multiple vulnerabilities in the following components : \n\n - Address Book \n - AirScan \n - apache_mod_php \n - Apple Online Store Kit \n - AppleEvents \n - Audio \n - bash \n - Certificate Trust Policy \n - CFNetwork Cookies - CFNetwork FTPProtocol \n - CFNetwork HTTPProtocol \n - CFNetwork Proxies \n - CFNetwork SSL \n - CoreCrypto \n - CoreText \n - Dev Tools \n - Disk Images \n - dyld \n - EFI \n - Finder \n - Game Center \n - Heimdal \n - ICU \n - Install Framework Legacy \n - Intel Graphics Driver \n - IOAudioFamily \n - IOGraphics \n - IOHIDFamily \n - IOStorageFamily \n - Kernel \n - libc \n - libpthread \n - libxpc \n - Login Window \n - lukemftpd \n - Mail \n - Multipeer Connectivity \n - NetworkExtension \n - Notes \n - OpenSSH \n - OpenSSL \n - procmail \n - remote_cmds \n - removefile \n - Ruby \n - Safari \n - Safari Downloads \n - Safari Extensions \n - Safari Safe Browsing \n - Security \n - SMB \n - SQLite \n - Telephony \n - Terminal \n - tidy \n - Time Machine \n - WebKit \n - WebKit CSS \n - WebKit JavaScript Bindings \n - WebKit Page Loading \n - WebKit Plug-ins", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-10-28T00:00:00", "type": "nessus", "title": "Mac OS X < 10.11 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3951", "CVE-2014-2532", "CVE-2014-3618", "CVE-2014-6277", "CVE-2014-7186", "CVE-2014-7187", "CVE-2014-8080", "CVE-2014-8090", "CVE-2014-8146", "CVE-2014-8147", "CVE-2014-8611", "CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9652", "CVE-2014-9705", "CVE-2014-9709", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-0235", "CVE-2015-0273", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-1351", "CVE-2015-1352", "CVE-2015-1855", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-3330", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3785", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-5824", "CVE-2015-5830", "CVE-2015-5831", "CVE-2015-5833", "CVE-2015-5836", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5841", "CVE-2015-5842", "CVE-2015-5847", "CVE-2015-5849", "CVE-2015-5851", "CVE-2015-5853", "CVE-2015-5854", "CVE-2015-5855", "CVE-2015-5858", "CVE-2015-5860", "CVE-2015-5862", "CVE-2015-5863", "CVE-2015-5864", "CVE-2015-5865", "CVE-2015-5866", "CVE-2015-5867", "CVE-2015-5868", "CVE-2015-5869", "CVE-2015-5870", "CVE-2015-5871", "CVE-2015-5872", "CVE-2015-5873", "CVE-2015-5874", "CVE-2015-5875", "CVE-2015-5876", "CVE-2015-5877", "CVE-2015-5878", "CVE-2015-5879", "CVE-2015-5881", "CVE-2015-5882", "CVE-2015-5883", "CVE-2015-5884", "CVE-2015-5885", "CVE-2015-5887", "CVE-2015-5888", "CVE-2015-5889", "CVE-2015-5890", "CVE-2015-5891", "CVE-2015-5893", "CVE-2015-5894", "CVE-2015-5896", "CVE-2015-5897", "CVE-2015-5899", "CVE-2015-5900", "CVE-2015-5901", "CVE-2015-5902", "CVE-2015-5903", "CVE-2015-5912", "CVE-2015-5913", "CVE-2015-5914", "CVE-2015-5915", "CVE-2015-5917", "CVE-2015-5922"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "8982.PRM", "href": "https://www.tenable.com/plugins/nnm/8982", "sourceData": "Binary data 8982.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:02:19", "description": "The remote host is running a version of iOS that is prior to version 9.0 and the following components contain vulnerabilities :\n\n - Apple Pay \n - AppleKeyStore \n - Application Store \n - Audio \n - Certificate Trust Policy \n - CFNetwork \n - CFNetwork Cookies \n - CFNetwork FTPProtocol \n - CFNetwork Proxies \n - CFNetwork SSL \n - CoreAnimation \n - CoreCrypto \n - CoreText \n - Data Detectors Engine \n - Dev Tools \n - Disk Images \n - dyld \n - Game Center \n - ICU \n - IOAcceleratorFamily \n - IOHIDFamily \n - IOKit \n - IOMobileFrameBuffer \n - IOStorageFamily \n - iTunes Store \n - JavaScriptCore \n - Kernel \n - libc \n - libpthread \n - Mail \n - Multipeer Connectivity \n - NetworkExtension \n - OpenSSL \n - PluginKit \n - removefile \n - Safari \n - Safari Safe Browsing \n - Security \n - Siri \n - SpringBoard \n - SQLite \n - tidy \n - WebKit \n - WebKit Canvas \n - WebKit Page Loading", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "nessus", "title": "Apple iOS < 9.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3951", "CVE-2014-8146", "CVE-2014-8147", "CVE-2014-8611", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-1129", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3801", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-5748", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5824", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5829", "CVE-2015-5831", "CVE-2015-5832", "CVE-2015-5834", "CVE-2015-5835", "CVE-2015-5837", "CVE-2015-5838", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5841", "CVE-2015-5842", "CVE-2015-5843", "CVE-2015-5844", "CVE-2015-5845", "CVE-2015-5846", "CVE-2015-5847", "CVE-2015-5848", "CVE-2015-5850", "CVE-2015-5851", "CVE-2015-5855", "CVE-2015-5856", "CVE-2015-5857", "CVE-2015-5858", "CVE-2015-5860", "CVE-2015-5861", "CVE-2015-5862", "CVE-2015-5863", "CVE-2015-5867", "CVE-2015-5868", "CVE-2015-5869", "CVE-2015-5874", "CVE-2015-5876", "CVE-2015-5879", "CVE-2015-5880", "CVE-2015-5882", "CVE-2015-5885", "CVE-2015-5892", "CVE-2015-5896", "CVE-2015-5898", "CVE-2015-5899", "CVE-2015-5903", "CVE-2015-5904", "CVE-2015-5905", "CVE-2015-5906", "CVE-2015-5907", "CVE-2015-5912", "CVE-2015-5916", "CVE-2015-5921", "CVE-2015-5922"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "8979.PRM", "href": "https://www.tenable.com/plugins/nnm/8979", "sourceData": "Binary data 8979.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:03:08", "description": "The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Address Book\n - AirScan\n - apache_mod_php\n - Apple Online Store Kit\n - AppleEvents\n - Audio\n - bash\n - Certificate Trust Policy\n - CFNetwork Cookies\n - CFNetwork FTPProtocol\n - CFNetwork HTTPProtocol\n - CFNetwork Proxies\n - CFNetwork SSL\n - CoreCrypto\n - CoreText\n - Dev Tools\n - Disk Images\n - dyld\n - EFI\n - Finder\n - Game Center\n - Heimdal\n - ICU\n - Install Framework Legacy\n - Intel Graphics Driver\n - IOAudioFamily\n - IOGraphics\n - IOHIDFamily\n - IOStorageFamily\n - Kernel\n - libc\n - libpthread\n - libxpc\n - Login Window\n - lukemftpd\n - Mail\n - Multipeer Connectivity\n - NetworkExtension\n - Notes\n - OpenSSH\n - OpenSSL\n - procmail\n - remote_cmds\n - removefile\n - Ruby\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - Security\n - SMB\n - SQLite\n - Telephony\n - Terminal\n - tidy\n - Time Machine\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-10-05T00:00:00", "type": "nessus", "title": "Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3951", "CVE-2014-2532", "CVE-2014-3618", "CVE-2014-6277", "CVE-2014-7186", "CVE-2014-7187", "CVE-2014-8080", "CVE-2014-8090", "CVE-2014-8146", "CVE-2014-8147", "CVE-2014-8611", "CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9652", "CVE-2014-9705", "CVE-2014-9709", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-0235", "CVE-2015-0273", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-1351", "CVE-2015-1352", "CVE-2015-1855", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-3330", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3785", "CVE-2015-3801", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5780", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5824", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5828", "CVE-2015-5830", "CVE-2015-5831", "CVE-2015-5833", "CVE-2015-5836", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5841", "CVE-2015-5842", "CVE-2015-5847", "CVE-2015-5849", "CVE-2015-5851", "CVE-2015-5853", "CVE-2015-5854", "CVE-2015-5855", "CVE-2015-5858", "CVE-2015-5860", "CVE-2015-5862", "CVE-2015-5863", "CVE-2015-5864", "CVE-2015-5865", "CVE-2015-5866", "CVE-2015-5867", "CVE-2015-5868", "CVE-2015-5869", "CVE-2015-5870", "CVE-2015-5871", "CVE-2015-5872", "CVE-2015-5873", "CVE-2015-5874", "CVE-2015-5875", "CVE-2015-5876", "CVE-2015-5877", "CVE-2015-5878", "CVE-2015-5879", "CVE-2015-5881", "CVE-2015-5882", "CVE-2015-5883", "CVE-2015-5884", "CVE-2015-5885", "CVE-2015-5887", "CVE-2015-5888", "CVE-2015-5889", "CVE-2015-5890", "CVE-2015-5891", "CVE-2015-5893", "CVE-2015-5894", "CVE-2015-5896", "CVE-2015-5897", "CVE-2015-5899", "CVE-2015-5900", "CVE-2015-5901", "CVE-2015-5902", "CVE-2015-5903", "CVE-2015-5912", "CVE-2015-5913", "CVE-2015-5914", "CVE-2015-5915", "CVE-2015-5917", "CVE-2015-5922", "CVE-2015-7760", "CVE-2015-7761"], "modified": "2019-06-20T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_11.NASL", "href": "https://www.tenable.com/plugins/nessus/86270", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86270);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/06/20 11:24:24\");\n\n script_cve_id(\n \"CVE-2013-3951\",\n \"CVE-2014-2532\",\n \"CVE-2014-3618\",\n \"CVE-2014-6277\",\n \"CVE-2014-7186\",\n \"CVE-2014-7187\",\n \"CVE-2014-8080\",\n \"CVE-2014-8090\",\n \"CVE-2014-8146\",\n \"CVE-2014-8147\",\n \"CVE-2014-8611\",\n \"CVE-2014-9425\",\n \"CVE-2014-9427\",\n \"CVE-2014-9652\",\n \"CVE-2014-9705\",\n \"CVE-2014-9709\",\n \"CVE-2015-0231\",\n \"CVE-2015-0232\",\n \"CVE-2015-0235\",\n \"CVE-2015-0273\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-1351\",\n \"CVE-2015-1352\",\n \"CVE-2015-1855\",\n \"CVE-2015-2301\",\n \"CVE-2015-2305\",\n \"CVE-2015-2331\",\n \"CVE-2015-2348\",\n \"CVE-2015-2783\",\n \"CVE-2015-2787\",\n \"CVE-2015-3329\",\n \"CVE-2015-3330\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3785\",\n \"CVE-2015-3801\",\n \"CVE-2015-5522\",\n \"CVE-2015-5523\",\n \"CVE-2015-5764\",\n \"CVE-2015-5765\",\n \"CVE-2015-5767\",\n \"CVE-2015-5780\",\n \"CVE-2015-5788\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5820\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5824\",\n \"CVE-2015-5825\",\n \"CVE-2015-5826\",\n \"CVE-2015-5827\",\n \"CVE-2015-5828\",\n \"CVE-2015-5830\",\n \"CVE-2015-5831\",\n \"CVE-2015-5833\",\n \"CVE-2015-5836\",\n \"CVE-2015-5839\",\n \"CVE-2015-5840\",\n \"CVE-2015-5841\",\n \"CVE-2015-5842\",\n \"CVE-2015-5847\",\n \"CVE-2015-5849\",\n \"CVE-2015-5851\",\n \"CVE-2015-5853\",\n \"CVE-2015-5854\",\n \"CVE-2015-5855\",\n \"CVE-2015-5858\",\n \"CVE-2015-5860\",\n \"CVE-2015-5862\",\n \"CVE-2015-5863\",\n \"CVE-2015-5864\",\n \"CVE-2015-5865\",\n \"CVE-2015-5866\",\n \"CVE-2015-5867\",\n \"CVE-2015-5868\",\n \"CVE-2015-5869\",\n \"CVE-2015-5870\",\n \"CVE-2015-5871\",\n \"CVE-2015-5872\",\n \"CVE-2015-5873\",\n \"CVE-2015-5874\",\n \"CVE-2015-5875\",\n \"CVE-2015-5876\",\n \"CVE-2015-5877\",\n \"CVE-2015-5878\",\n \"CVE-2015-5879\",\n \"CVE-2015-5881\",\n \"CVE-2015-5882\",\n \"CVE-2015-5883\",\n \"CVE-2015-5884\",\n \"CVE-2015-5885\",\n \"CVE-2015-5887\",\n \"CVE-2015-5888\",\n \"CVE-2015-5889\",\n \"CVE-2015-5890\",\n \"CVE-2015-5891\",\n \"CVE-2015-5893\",\n \"CVE-2015-5894\",\n \"CVE-2015-5896\",\n \"CVE-2015-5897\",\n \"CVE-2015-5899\",\n \"CVE-2015-5900\",\n \"CVE-2015-5901\",\n \"CVE-2015-5902\",\n \"CVE-2015-5903\",\n \"CVE-2015-5912\",\n \"CVE-2015-5913\",\n \"CVE-2015-5914\",\n \"CVE-2015-5915\",\n \"CVE-2015-5917\",\n \"CVE-2015-5922\",\n \"CVE-2015-7760\",\n \"CVE-2015-7761\"\n );\n script_bugtraq_id(\n 60440,\n 66355,\n 69573,\n 70152,\n 70154,\n 70165,\n 70935,\n 71230,\n 71621,\n 71800,\n 71833,\n 71929,\n 71932,\n 72325,\n 72505,\n 72539,\n 72541,\n 72611,\n 72701,\n 73031,\n 73037,\n 73225,\n 73227,\n 73306,\n 73431,\n 73434,\n 74204,\n 74228,\n 74239,\n 74240,\n 74446,\n 74457,\n 75037,\n 76763,\n 76764,\n 76765,\n 76766,\n 76908,\n 76909,\n 76910,\n 76911,\n 79707\n );\n script_xref(name:\"CERT\", value:\"967332\");\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-30-3\");\n\n script_name(english:\"Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)\");\n script_summary(english:\"Checks the version of Mac OS X.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X that is 10.6.8 or\nlater but prior to 10.11. It is, therefore, affected by multiple\nvulnerabilities in the following components :\n\n - Address Book\n - AirScan\n - apache_mod_php\n - Apple Online Store Kit\n - AppleEvents\n - Audio\n - bash\n - Certificate Trust Policy\n - CFNetwork Cookies\n - CFNetwork FTPProtocol\n - CFNetwork HTTPProtocol\n - CFNetwork Proxies\n - CFNetwork SSL\n - CoreCrypto\n - CoreText\n - Dev Tools\n - Disk Images\n - dyld\n - EFI\n - Finder\n - Game Center\n - Heimdal\n - ICU\n - Install Framework Legacy\n - Intel Graphics Driver\n - IOAudioFamily\n - IOGraphics\n - IOHIDFamily\n - IOStorageFamily\n - Kernel\n - libc\n - libpthread\n - libxpc\n - Login Window\n - lukemftpd\n - Mail\n - Multipeer Connectivity\n - NetworkExtension\n - Notes\n - OpenSSH\n - OpenSSL\n - procmail\n - remote_cmds\n - removefile\n - Ruby\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - Security\n - SMB\n - SQLite\n - Telephony\n - Terminal\n - tidy\n - Time Machine\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205267\");\n # https://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76b3b492\");\n # https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7a6ddbd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X 10.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-6277\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nmatch = eregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (isnull(match)) exit(1, \"Failed to parse the Mac OS X version ('\" + os + \"').\");\n\nversion = match[1];\nif (\n version !~ \"^10\\.6\\.([89]|[1-9][0-9]+)\" &&\n version !~ \"^10\\.([7-9]|10)\\.\"\n) audit(AUDIT_OS_NOT, \"Mac OS X 10.6.8 or later\", \"Mac OS X \"+version);\n\nfixed_version = \"10.11\";\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected since it is running Mac OS X \"+version+\".\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2023-01-26T13:26:57", "description": "## Releases\n\n * Ubuntu 15.04 \n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * sqlite3 \\- C library that implements an SQL database engine\n\nIt was discovered that SQLite incorrectly handled skip-scan optimization. \nAn attacker could use this issue to cause applications using SQLite to \ncrash, resulting in a denial of service, or possibly execute arbitrary \ncode. This issue only affected Ubuntu 14.04 LTS. (CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting of \ncollation-sequence names. An attacker could use this issue to cause \napplications using SQLite to crash, resulting in a denial of service, or \npossibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS \nand Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented comparison \noperators. An attacker could use this issue to cause applications using \nSQLite to crash, resulting in a denial of service, or possibly execute \narbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf precision \nand width values during floating-point conversions. An attacker could use \nthis issue to cause applications using SQLite to crash, resulting in a \ndenial of service, or possibly execute arbitrary code. (CVE-2015-3416)\n", "cvss3": {}, "published": "2015-07-30T00:00:00", "type": "ubuntu", "title": "SQLite vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7443", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-07-30T00:00:00", "id": "USN-2698-1", "href": "https://ubuntu.com/security/notices/USN-2698-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openwrt": [{"lastseen": "2016-09-26T15:45:23", "description": "The php package has been rebuilt and was uploaded to the Chaos Calmer\n15.05 repository due to multiple security issues.\n\n\nVERSION\n\n5.6.8-1 =&gt; 5.6.17-1\n\n\nCHANGELOG\n\n[Sun, 24 Jan 2016 21:47:52 +0100 18d121b]\n\nUpdate to 5.6.17\n\nFixes CVE-2016-1903.\n\n[Wed, 23 Dec 2015 16:00:14 -0500 766cfcc]\n\nUpdate to 5.6.16\n\n[Wed, 23 Dec 2015 16:00:04 -0500 41f541b]\n\nUpdate to 5.6.15\n\n[Wed, 23 Dec 2015 15:59:54 -0500 0df349f]\n\nUpdate to 5.6.14\n\n[Wed, 23 Dec 2015 15:59:43 -0500 196b622]\n\nUpdate to 5.6.13\n\n[Wed, 23 Dec 2015 15:59:32 -0500 1cbcdf7]\n\nFix the two different maintainer fields into one (fixes #1688)\n\n[Wed, 23 Dec 2015 15:59:21 -0500 9bbdad4]\n\nUpdate to 5.6.12\n\n[Wed, 23 Dec 2015 15:59:10 -0500 6cba0bf]\n\nThis fixes the following CVEs:\n - in PCRE: CVE-2015-2325, CVE-2015-2326\n - in sqlite3: CVE-2015-3414, CVE-2015-3415, CVE-2015-3416\n\n[Wed, 23 Dec 2015 15:58:46 -0500 559df39]\n\nThis fixes CVE-2006-7243, a multipart/form-data remote dos\nvulnerability, a heap buffer overflow in unpack and a integer overflow\nin ftp_genlist, which also results in a heap overflow. For more details,\nsee http://php.net/ChangeLog-5.php#5.6.9\n\nAlso sync the timezone patch with latest version from Debian and adopt\nthis patch for the changes in this php release.\n\nRefresh 950-Fix-dl-cross-compiling-issue.patch.\n\n[Wed, 23 Dec 2015 15:58:27 -0500 f0a0448]\n\nThis patch adds build infrastructure for PHP's OPcache extension.\nCompared with the other extension, this is a Zend module and it need a\nlittle workaround during cross-compiling.\n\n[Wed, 23 Dec 2015 15:57:57 -0500 f04165e]\n\nPecl: move phpize into prepare stage\n\nThis allows pecl modules to rely on PKG_FIXUP:=autoreconf.\n\n\nCHANGES\n\n lang/php5/Makefile | 24 ++-\n lang/php5/files/php.ini | 10 ++\n ...bian_patches_use_embedded_timezonedb.patch | 136 ++++++++------\n ...xt-opcache-fix-detection-of-shm-mmap.patch | 159 +++++++++++++++++\n .../950-Fix-dl-cross-compiling-issue.patch | 23 ++-\n lang/php5/pecl.mk | 7 +-\n 6 files changed, 277 insertions(+), 82 deletions(-)", "cvss3": {}, "published": "2016-01-28T12:23:45", "type": "openwrt", "title": "php: Security update (7 CVEs)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-2325", "CVE-2016-1903", "CVE-2006-7243", "CVE-2015-3416", "CVE-2015-3414", "CVE-2015-2326"], "modified": "2016-01-28T12:23:45", "id": "OPENWRT-SA-000002", "href": "https://lists.openwrt.org/pipermail/openwrt-security-announce/2016-January/000002.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated firefox, thunderbird, and sqlite3 packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running it (CVE-2015-2708, CVE-2015-2710, CVE-2015-2713). A heap-based buffer overflow flaw was found in the way Firefox and Thunderbird processed compressed XML data. An attacker could create specially crafted compressed XML content that, when processed by Firefox or Thunderbird, could cause it to crash or execute arbitrary code with the privileges of the user running it (CVE-2015-2716). SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement (CVE-2015-3414). The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&amp;O;>O) in a CREATE TABLE statement (CVE-2015-3415). The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement (CVE-2015-3416). The sqlite3 package has been updated to version 3.10.8, fixing the CVE-2015-3414, CVE-2015-3415, and CVE-2015-3416 security issues, also fixing heap overflow and other possible issues found by fuzzing, as well as containing many other bug fixes and enhancements. The nss package has been updated to version 3.19, containing multiple root certificate updates, security enhancements, and other bug fixes. \n", "cvss3": {}, "published": "2015-05-18T19:08:05", "type": "mageia", "title": "Updated Firefox, Thunderbird & sqlite3 packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2708", "CVE-2015-2710", "CVE-2015-2713", "CVE-2015-2716", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-05-18T19:08:05", "id": "MGASA-2015-0234", "href": "https://advisories.mageia.org/MGASA-2015-0234.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2021-07-28T14:46:47", "description": "New php packages are available for Slackware 14.0, 14.1, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/php-5.4.43-i486-1_slack14.1.txz: Upgraded.\n This update fixes some bugs and security issues.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3152\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.43-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.43-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.43-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.43-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.11-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.11-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\nf34f96584f242735830b866d3daf7cef php-5.4.43-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n8271dca3b5409ce7b73d30628aa0ace4 php-5.4.43-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n6eb81ab4a6f09e4a8b4d4d5e7cbbda57 php-5.4.43-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n3a4a3f2d94af2fafb2a624d4c83c9ca3 php-5.4.43-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n020ea5fa030e4970859f79c598a1e9b5 n/php-5.6.11-i586-1.txz\n\nSlackware x86_64 -current package:\n681ed93dadf75420ca2ee5d03b369da0 n/php-5.6.11-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg php-5.4.43-i486-1_slack14.1.txz\n\nThen, restart Apache httpd:\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2015-07-17T20:25:21", "type": "slackware", "title": "[slackware-security] php", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3152", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2015-07-17T20:25:21", "id": "SSA-2015-198-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.420251", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "apple": [{"lastseen": "2021-11-10T17:00:51", "description": "# About the security content of iTunes 12.6\n\nThis document describes the security content of iTunes 12.6.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iTunes 12.6\n\nReleased March 21, 2017\n\n**iTunes**\n\nAvailable for: OS X Mavericks v10.9.5 and later\n\nImpact: Multiple issues in SQLite\n\nDescription: Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.\n\nCVE-2013-7443\n\nCVE-2015-3414\n\nCVE-2015-3415\n\nCVE-2015-3416\n\nCVE-2015-3717\n\nCVE-2015-6607\n\nCVE-2016-6153\n\n**iTunes**\n\nAvailable for: OS X Mavericks v10.9.5 and later\n\nImpact: Multiple issues in expat\n\nDescription: Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.\n\nCVE-2009-3270\n\nCVE-2009-3560\n\nCVE-2009-3720\n\nCVE-2012-1147\n\nCVE-2012-1148\n\nCVE-2012-6702\n\nCVE-2015-1283\n\nCVE-2016-0718\n\nCVE-2016-4472\n\nCVE-2016-5300\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 22, 2017\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-21T00:00:00", "type": "apple", "title": "About the security content of iTunes 12.6", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3270", "CVE-2009-3560", "CVE-2009-3720", "CVE-2012-1147", "CVE-2012-1148", "CVE-2012-6702", "CVE-2013-7443", "CVE-2015-1283", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3717", "CVE-2015-6607", "CVE-2016-0718", "CVE-2016-4472", "CVE-2016-5300", "CVE-2016-6153"], "modified": "2017-03-21T00:00:00", "id": "APPLE:9A0B3B0DFCDD94CAF1819BEC271E3754", "href": "https://support.apple.com/kb/HT207598", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-24T20:43:18", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iTunes 12.6\n\nReleased March 21, 2017\n\n**iTunes**\n\nAvailable for: OS X Mavericks v10.9.5 and later\n\nImpact: Multiple issues in SQLite\n\nDescription: Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.\n\nCVE-2013-7443\n\nCVE-2015-3414\n\nCVE-2015-3415\n\nCVE-2015-3416\n\nCVE-2015-3717\n\nCVE-2015-6607\n\nCVE-2016-6153\n\n**iTunes**\n\nAvailable for: OS X Mavericks v10.9.5 and later\n\nImpact: Multiple issues in expat\n\nDescription: Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.\n\nCVE-2009-3270\n\nCVE-2009-3560\n\nCVE-2009-3720\n\nCVE-2012-1147\n\nCVE-2012-1148\n\nCVE-2012-6702\n\nCVE-2015-1283\n\nCVE-2016-0718\n\nCVE-2016-4472\n\nCVE-2016-5300\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-03-22T07:40:40", "title": "About the security content of iTunes 12.6 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "modified": "2017-03-22T07:40:40", "id": "APPLE:HT207598", "href": "https://support.apple.com/kb/HT207598", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-24T20:44:14", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iTunes 12.6 for Windows\n\nReleased March 21, 2017\n\n**APNs Server**\n\nAvailable for: Windows 7 and later\n\nImpact: An attacker in a privileged network position can track a user's activity\n\nDescription: A client certificate was sent in plaintext. This issue was addressed through improved certificate handling.\n\nCVE-2017-2383: Matthias Wachs and Quirin Scheitle of Technical University Munich (TUM)\n\nEntry added March 28, 2017\n\n**iTunes**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple issues in SQLite\n\nDescription: Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.\n\nCVE-2013-7443\n\nCVE-2015-3414\n\nCVE-2015-3415\n\nCVE-2015-3416\n\nCVE-2015-3717\n\nCVE-2015-6607\n\nCVE-2016-6153\n\n**iTunes**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple issues in expat\n\nDescription: Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.\n\nCVE-2009-3270\n\nCVE-2009-3560\n\nCVE-2009-3720\n\nCVE-2012-1147\n\nCVE-2012-1148\n\nCVE-2012-6702\n\nCVE-2015-1283\n\nCVE-2016-0718\n\nCVE-2016-4472\n\nCVE-2016-5300\n\n**libxslt**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple vulnerabilities in libxslt\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2017-5029: Holger Fuhrmannek\n\nEntry added March 28, 2017\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2017-2463: Kai Kang (4B5F5F4B) of Tencent's Xuanwu Lab (tencent.com) working with Trend Micro's Zero Day Initiative\n\nEntry added March 28, 2017\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may exfiltrate data cross-origin\n\nDescription: A validation issue existed in element handling. This issue was addressed through improved validation.\n\nCVE-2017-2479: lokihardt of Google Project Zero\n\nCVE-2017-2480: lokihardt of Google Project Zero\n\nCVE-2017-2493: lokihardt of Google Project Zero\n\nEntry updated April 24, 2017\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-12-11T11:38:44", "title": "About the security content of iTunes 12.6 for Windows - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2479", "CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2017-2480", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2017-5029", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2017-2463", "CVE-2016-4472", "CVE-2017-2493", "CVE-2013-7443", "CVE-2017-2383"], "modified": "2017-12-11T11:38:44", "id": "APPLE:HT207599", "href": "https://support.apple.com/kb/HT207599", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-11-10T17:00:51", "description": "# About the security content of iTunes 12.6 for Windows\n\nThis document describes the security content of iTunes 12.6 for Windows.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iTunes 12.6 for Windows\n\nReleased March 21, 2017\n\n**APNs Server**\n\nAvailable for: Windows 7 and later\n\nImpact: An attacker in a privileged network position can track a user's activity\n\nDescription: A client certificate was sent in plaintext. This issue was addressed through improved certificate handling.\n\nCVE-2017-2383: Matthias Wachs and Quirin Scheitle of Technical University Munich (TUM)\n\nEntry added March 28, 2017\n\n**iTunes**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple issues in SQLite\n\nDescription: Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.\n\nCVE-2013-7443\n\nCVE-2015-3414\n\nCVE-2015-3415\n\nCVE-2015-3416\n\nCVE-2015-3717\n\nCVE-2015-6607\n\nCVE-2016-6153\n\n**iTunes**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple issues in expat\n\nDescription: Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.\n\nCVE-2009-3270\n\nCVE-2009-3560\n\nCVE-2009-3720\n\nCVE-2012-1147\n\nCVE-2012-1148\n\nCVE-2012-6702\n\nCVE-2015-1283\n\nCVE-2016-0718\n\nCVE-2016-4472\n\nCVE-2016-5300\n\n**libxslt**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple vulnerabilities in libxslt\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2017-5029: Holger Fuhrmannek\n\nEntry added March 28, 2017\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2017-2463: Kai Kang (4B5F5F4B) of Tencent's Xuanwu Lab (tencent.com) working with Trend Micro's Zero Day Initiative\n\nEntry added March 28, 2017\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may exfiltrate data cross-origin\n\nDescription: A validation issue existed in element handling. This issue was addressed through improved validation.\n\nCVE-2017-2479: lokihardt of Google Project Zero\n\nCVE-2017-2480: lokihardt of Google Project Zero\n\nCVE-2017-2493: lokihardt of Google Project Zero\n\nEntry updated April 24, 2017\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: December 11, 2017\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-21T00:00:00", "type": "apple", "title": "About the security content of iTunes 12.6 for Windows", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3270", "CVE-2009-3560", "CVE-2009-3720", "CVE-2012-1147", "CVE-2012-1148", "CVE-2012-6702", "CVE-2013-7443", "CVE-2015-1283", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3717", "CVE-2015-6607", "CVE-2016-0718", "CVE-2016-4472", "CVE-2016-5300", "CVE-2016-6153", "CVE-2017-2383", "CVE-2017-2463", "CVE-2017-2479", "CVE-2017-2480", "CVE-2017-2493", "CVE-2017-5029"], "modified": "2017-03-21T00:00:00", "id": "APPLE:198F1AB81F91F2CEB090B4B4D49C57AD", "href": "https://support.apple.com/kb/HT207599", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2022-11-06T17:58:39", "description": "An update that fixes 21 vulnerabilities, contains one\n feature is now available.\n\nDescription:\n\n This update for sqlite3 fixes the following issues:\n\n - Update to version 3.36.0\n - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to\n mishandling of query-flattener\n optimization (bsc#1173641)\n - CVE-2020-9327: NULL pointer dereference and segmentation fault because\n of generated column optimizations in isAuxiliaryVtabOperator\n (bsc#1164719)\n - CVE-2019-20218: selectExpander in select.c proceeds with WITH stack\n unwinding even after a parsing error (bsc#1160439)\n - CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving\n embedded '\\0' input (bsc#1160438)\n - CVE-2019-19923: improper handling of certain uses of SELECT DISTINCT\n in flattenSubquery may lead to null pointer dereference (bsc#1160309)\n - CVE-2019-19924: improper error handling in sqlite3WindowRewrite()\n (bsc#1159850)\n - CVE-2019-19925: improper handling of NULL pathname during an update of a\n ZIP archive (bsc#1159847)\n - CVE-2019-19926: improper handling of certain errors during parsing\n multiSelect in select.c (bsc#1159715)\n - CVE-2019-19880: exprListAppendList in window.c allows attackers to\n trigger an invalid pointer dereference (bsc#1159491)\n - CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW\n statements, does not consider confusion with a shadow table name\n (bsc#1158960)\n - CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check\n PRAGMA command in certain cases of generated columns (bsc#1158959)\n - CVE-2019-19645: alter.c allows attackers to trigger infinite recursion\n via certain types of self-referential views in conjunction with ALTER\n TABLE statements (bsc#1158958)\n - CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed\n bitmask in the case of a generated column, which allows attackers to\n cause a denial of service (bsc#1158812)\n - CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in\n select.c allows a crash if a sub-select uses both DISTINCT and window\n functions, and also has certain ORDER BY usage (bsc#1157818)\n - CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability\n (bsc#928701)\n - CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names\n (bsc#928700)\n - CVE-2020-13434: integer overflow in sqlite3_str_vappendf (bsc#1172115)\n - CVE-2020-13630: (bsc#1172234: use-after-free in fts3EvalNextRow\n - CVE-2020-13631: virtual table allowed to be renamed to one of its shadow\n tables (bsc#1172236)\n - CVE-2020-13632: NULL pointer dereference via crafted matchinfo() query\n (bsc#1172240)\n - CVE-2020-13435: Malicious SQL statements could have crashed the process\n that is running SQLite (bsc#1172091)\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2021-2320=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T00:00:00", "type": "suse", "title": "Security update for sqlite3 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2019-19244", "CVE-2019-19317", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19646", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-19959", "CVE-2019-20218", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-15358", "CVE-2020-9327"], "modified": "2021-07-14T00:00:00", "id": "OPENSUSE-SU-2021:2320-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JD4EZ74IZ57MKTDKDVIUAIG6VCAEKMD5/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-10T04:09:11", "description": "An update that fixes 21 vulnerabilities, contains one\n feature is now available.\n\nDescription:\n\n This update for sqlite3 fixes the following issues:\n\n - Update to version 3.36.0\n - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to\n mishandling of query-flattener\n optimization (bsc#1173641)\n - CVE-2020-9327: NULL pointer dereference and segmentation fault because\n of generated column optimizations in isAuxiliaryVtabOperator\n (bsc#1164719)\n - CVE-2019-20218: selectExpander in select.c proceeds with WITH stack\n unwinding even after a parsing error (bsc#1160439)\n - CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving\n embedded '\\0' input (bsc#1160438)\n - CVE-2019-19923: improper handling of certain uses of SELECT DISTINCT\n in flattenSubquery may lead to null pointer dereference (bsc#1160309)\n - CVE-2019-19924: improper error handling in sqlite3WindowRewrite()\n (bsc#1159850)\n - CVE-2019-19925: improper handling of NULL pathname during an update of a\n ZIP archive (bsc#1159847)\n - CVE-2019-19926: improper handling of certain errors during parsing\n multiSelect in select.c (bsc#1159715)\n - CVE-2019-19880: exprListAppendList in window.c allows attackers to\n trigger an invalid pointer dereference (bsc#1159491)\n - CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW\n statements, does not consider confusion with a shadow table name\n (bsc#1158960)\n - CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check\n PRAGMA command in certain cases of generated columns (bsc#1158959)\n - CVE-2019-19645: alter.c allows attackers to trigger infinite recursion\n via certain types of self-referential views in conjunction with ALTER\n TABLE statements (bsc#1158958)\n - CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed\n bitmask in the case of a generated column, which allows attackers to\n cause a denial of service (bsc#1158812)\n - CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in\n select.c allows a crash if a sub-select uses both DISTINCT and window\n functions, and also has certain ORDER BY usage (bsc#1157818)\n - CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability\n (bsc#928701)\n - CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names\n (bsc#928700)\n - CVE-2020-13434: integer overflow in sqlite3_str_vappendf (bsc#1172115)\n - CVE-2020-13630: (bsc#1172234: use-after-free in fts3EvalNextRow\n - CVE-2020-13631: virtual table allowed to be renamed to one of its shadow\n tables (bsc#1172236)\n - CVE-2020-13632: NULL pointer dereference via crafted matchinfo() query\n (bsc#1172240)\n - CVE-2020-13435: Malicious SQL statements could have crashed the process\n that is running SQLite (bsc#1172091)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2021-1058=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-20T00:00:00", "type": "suse", "title": "Security update for sqlite3 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2019-19244", "CVE-2019-19317", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19646", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-19959", "CVE-2019-20218", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-15358", "CVE-2020-9327"], "modified": "2021-07-20T00:00:00", "id": "OPENSUSE-SU-2021:1058-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SB6Z44NRR3L5O3VXGRWAB7XUKDS4TMFZ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oracle": [{"lastseen": "2021-10-22T15:44:23", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to: \n\n * Critical Patch Updates, Security Alerts and Bulletins for information about Oracle Security Advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 334 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2420273.1>).\n\nMany industry experts anticipate that exploits leveraging known flaws in modern processor designs will continue to be disclosed for the foreseeable future (i.e., \u201cSpectre\u201d variants). For information related to these issues, please refer to:\n\n * the January 2018 Critical Patch Update (and later) Advisories,\n * the \"Addendum to the January 2018 Critical Patch Update Advisory for Spectre (CVE-2017-5715, CVE-2017-5753) and Meltdown (CVE-2017-5754)\" ([Doc ID 2347948.1](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2347948.1>)), and\n * \"Information about processor vulnerabilities CVE-2018-3640 (\"Spectre v3a\") and CVE-2018-3639 (\"Spectre v4\")\" ([Doc ID 2399123.1](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2399123.1>)).\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-17T00:00:00", "title": "CPU July 2018", "type": "oracle", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600", "CVE-2018-3010", "CVE-2017-5533", "CVE-2018-3004", "CVE-2015-5351", "CVE-2018-3091", "CVE-2018-3021", "CVE-2017-13218", "CVE-2017-9798", "CVE-2018-3109", "CVE-2018-2935", "CVE-2018-1000120", "CVE-2018-2948", "CVE-2018-3019", "CVE-2011-4461", "CVE-2018-2984", "CVE-2016-7103", "CVE-2017-5753", "CVE-2018-2893", "CVE-2018-2917", "CVE-2018-2981", "CVE-2017-10989", "CVE-2017-5754", "CVE-2018-3098", "CVE-2018-2965", "CVE-2018-3029", "CVE-2018-3072", "CVE-2018-1304", "CVE-2018-2969", "CVE-2018-2955", "CVE-2018-3104", "CVE-2018-3079", "CVE-2018-2906", "CVE-2018-3048", "CVE-2015-6420", "CVE-2018-2988", "CVE-2018-2944", "CVE-2018-3093", "CVE-2018-2881", "CVE-2015-3415", "CVE-2018-3055", "CVE-2017-6074", "CVE-2018-3050", "CVE-2016-5019", "CVE-2018-3027", "CVE-2018-3025", "CVE-2018-2951", "CVE-2018-3046", "CVE-2018-1275", "CVE-2018-2990", "CVE-2018-7489", "CVE-2018-2980", "CVE-2018-3069", "CVE-2018-2894", "CVE-2018-2954", "CVE-2018-3053", "CVE-2018-2953", "CVE-2018-2938", "CVE-2016-4055", "CVE-2018-3008", "CVE-2016-9878", "CVE-2017-3735", "CVE-2018-2973", "CVE-2015-5262", "CVE-2018-3009", "CVE-2014-0230", "CVE-2018-2947", "CVE-2018-1271", "CVE-2018-3015", "CVE-2018-3096", "CVE-2018-2989", "CVE-2018-2897", "CVE-2018-2961", "CVE-2018-2920", "CVE-2018-3006", "CVE-2018-1000121", "CVE-2016-0714", "CVE-2018-2994", "CVE-2016-3092", "CVE-2018-3043", "CVE-2018-2937", "CVE-2018-2924", "CVE-2018-2966", "CVE-2017-3652", "CVE-2016-5300", "CVE-2018-3031", "CVE-2018-2908", "CVE-2018-1171", "CVE-2018-3100", "CVE-2017-3648", "CVE-2014-9746", "CVE-2018-2992", "CVE-2015-5345", "CVE-2018-3002", "CVE-2018-2942", "CVE-2018-3061", "CVE-2018-3075", "CVE-2016-2105", "CVE-2018-2998", "CVE-2014-3577", "CVE-2018-2956", "CVE-2018-2975", "CVE-2016-2107", "CVE-2016-4463", "CVE-2018-3044", "CVE-2015-7501", "CVE-2018-2976", "CVE-2018-2999", "CVE-2017-3649", "CVE-2018-3101", "CVE-2018-3067", "CVE-2017-0785", "CVE-2017-3737", "CVE-2018-2962", "CVE-2018-2926", "CVE-2017-15707", "CVE-2018-2958", "CVE-2016-1182", "CVE-2018-1258", "CVE-2018-3073", "CVE-2018-1000122", "CVE-2018-1305", "CVE-2018-3095", "CVE-2017-13088", "CVE-2018-2977", "CVE-2017-5662", "CVE-2018-2995", "CVE-2017-9526", "CVE-2018-3086", "CVE-2018-2964", "CVE-2018-3047", "CVE-2018-2985", "CVE-2018-3032", "CVE-2018-2960", "CVE-2018-2997", "CVE-2018-2972", "CVE-2018-3034", "CVE-2018-3023", "CVE-2018-2904", "CVE-2016-0718", "CVE-2018-2882", "CVE-2018-3065", "CVE-2018-3102", "CVE-2014-2532", "CVE-2018-2957", "CVE-2017-5715", "CVE-2018-3057", "CVE-2016-2109", "CVE-2017-3633", "CVE-2018-2921", "CVE-2018-2915", "CVE-2018-1000300", "CVE-2017-3647", "CVE-2018-2959", "CVE-2018-2767", "CVE-2014-0114", "CVE-2018-3080", "CVE-2018-2934", "CVE-2017-3732", "CVE-2018-2949", "CVE-2018-3089", "CVE-2018-2945", "CVE-2018-2943", "CVE-2018-0739", "CVE-2015-5346", "CVE-2018-2896", "CVE-2018-3013", "CVE-2018-2936", "CVE-2018-2986", "CVE-2018-2905", "CVE-2018-2916", "CVE-2018-3087", "CVE-2018-3007", "CVE-2015-3416", "CVE-2018-1313", "CVE-2018-2991", "CVE-2018-2598", "CVE-2018-3033", "CVE-2018-8013", "CVE-2015-5174", "CVE-2014-9029", "CVE-2018-3012", "CVE-2018-3036", "CVE-2018-3062", "CVE-2018-3108", "CVE-2018-1272", "CVE-2018-2987", "CVE-2017-7525", "CVE-2018-3060", "CVE-2018-3071", "CVE-2018-3014", "CVE-2018-3051", "CVE-2015-3414", "CVE-2018-3103", "CVE-2018-2979", "CVE-2018-2993", "CVE-2018-3092", "CVE-2015-0204", "CVE-2014-7810", "CVE-2018-3022", "CVE-2018-1270", "CVE-2018-2903", "CVE-2017-3651", "CVE-2018-3058", "CVE-2016-0706", "CVE-2017-3641", "CVE-2018-2928", "CVE-2017-5664", "CVE-2018-2900", "CVE-2018-2898", "CVE-2018-3003", "CVE-2018-3001", "CVE-2018-2950", "CVE-2018-2929", "CVE-2018-0733", "CVE-2017-3635", "CVE-2018-3094", "CVE-2016-1181", "CVE-2018-2941", "CVE-2014-8157", "CVE-2018-2933", "CVE-2018-3017", "CVE-2016-9843", "CVE-2018-2946", "CVE-2016-2176", "CVE-2016-8735", "CVE-2018-2940", "CVE-2017-3738", "CVE-2018-2930", "CVE-2018-3049", "CVE-2018-2918", "CVE-2018-3076", "CVE-2018-2982", "CVE-2018-3041", "CVE-2016-5195", "CVE-2018-3026", "CVE-2018-2901", "CVE-2018-2939", "CVE-2018-3081", "CVE-2018-3085", "CVE-2017-5645", "CVE-2016-2099", "CVE-2018-3024", "CVE-2018-2892", "CVE-2018-3070", "CVE-2018-3018", "CVE-2017-12617", "CVE-2018-3077", "CVE-2018-3054", "CVE-2017-5529", "CVE-2017-3653", "CVE-2016-9841", "CVE-2015-7940", "CVE-2018-2970", "CVE-2018-2963", "CVE-2017-3736", "CVE-2018-3028", "CVE-2018-3074", "CVE-2018-3052", "CVE-2018-3063", "CVE-2017-0379", "CVE-2018-2919", "CVE-2018-3039", "CVE-2018-3082", "CVE-2018-2899", "CVE-2018-2974", "CVE-2018-2932", "CVE-2018-3038", "CVE-2018-3097", "CVE-2018-3020", "CVE-2016-3506", "CVE-2018-3005", "CVE-2018-3090", "CVE-2017-3636", "CVE-2018-3035", "CVE-2018-2968", "CVE-2018-2907", "CVE-2017-15095", "CVE-2018-3064", "CVE-2018-3037", "CVE-2018-2895", "CVE-2018-3068", "CVE-2018-3078", "CVE-2018-2996", "CVE-2018-2923", "CVE-2018-3030", "CVE-2018-3099", "CVE-2018-3084", "CVE-2016-2106", "CVE-2017-3634", "CVE-2016-6814", "CVE-2018-3066", "CVE-2018-2925", "CVE-2018-3056", "CVE-2018-3639", "CVE-2018-1000301", "CVE-2018-3040", "CVE-2018-3000", "CVE-2018-3045", "CVE-2018-3640", "CVE-2018-3016", "CVE-2018-3088", "CVE-2018-2967", "CVE-2018-2888", "CVE-2018-1327", "CVE-2018-2927", "CVE-2018-2952", "CVE-2018-3105", "CVE-2018-3042", "CVE-2018-2891", "CVE-2018-2978"], "modified": "2018-10-12T00:00:00", "id": "ORACLE:CPUJUL2018", "href": "https://www.oracle.com/security-alerts/cpujul2018.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}