DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2018-9251", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2018-9251", "description": "The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.", "published": "2018-04-04T02:29:00", "modified": "2019-10-03T00:03:00", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "HIGH", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6}, "severity": "LOW", "exploitabilityScore": 4.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 1.6, "impactScore": 3.6}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9251", "reporter": "cve@mitre.org", "references": ["https://bugzilla.gnome.org/show_bug.cgi?id=794914", "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html"], "cvelist": ["CVE-2015-8035", "CVE-2018-9251"], "immutableFields": [], "lastseen": "2022-03-23T18:52:09", "viewCount": 118, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2020-1415", "ALAS2-2020-1466"]}, {"type": "apple", "idList": ["APPLE:30DAD52FE6873B43EFC82661563B56D6", "APPLE:73A5DE43E262286D306BB143FE6D4F15", "APPLE:781D931DB9B2E3B8255557FD7BF0D6F8", "APPLE:87561C7576B031D8E8098D98D5BACF41", "APPLE:HT206166", "APPLE:HT206167", "APPLE:HT206168", "APPLE:HT206169"]}, {"type": "archlinux", "idList": ["ASA-201512-6", "ASA-201810-3", "ASA-201810-4"]}, {"type": "centos", "idList": ["CESA-2020:1190"]}, {"type": "cve", "idList": ["CVE-2015-8035", "CVE-2018-14567"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1524-1:818AD", "DEBIAN:DSA-3430-1:21018", "DEBIAN:DSA-3430-1:A974A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-8035", "DEBIANCVE:CVE-2018-14567", "DEBIANCVE:CVE-2018-9251"]}, {"type": "f5", "idList": ["F5:K76678525"]}, {"type": "fedora", "idList": ["FEDORA:454A0601DA33", "FEDORA:473D96090BE2", "FEDORA:4959A6092042", "FEDORA:8FB206094351", "FEDORA:94363633518A", "FEDORA:DA47C616A923"]}, {"type": "freebsd", "idList": ["E5423CAF-8FB8-11E5-918C-BCAEC565249C"]}, {"type": "gentoo", "idList": ["GLSA-201701-37"]}, {"type": "ibm", "idList": ["244ECED1318E3472926D72334F870E4E52EEBDA4CBF4408680F466AF6B21AED2", "2C79ED95B1DDF725C67F241D5C01546FA0476ABBA3CE0E75B8B5CD09C4F93D6C", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D4D9239D39380DAAAF0663AA50B7560152F0E3980E2EE27DD40046B16E4D33B3", "D911317A5AB78973EC0BCDD274D56A8146D89345FD34F13DAEEC08B6503FEAE0", "DAE66C3F24DC9C9F32A4918C846A8F515A6E526CE6B4F5F2BBF09EFE18B62398"]}, {"type": "kitploit", "idList": ["KITPLOIT:7323577050718865961"]}, {"type": "mageia", "idList": ["MGASA-2015-0433", "MGASA-2019-0047"]}, {"type": "nessus", "idList": ["9327.PRM", "9331.PRM", "9336.PRM", "AL2_ALAS-2020-1466.NASL", "ALA_ALAS-2020-1415.NASL", "APPLETV_9_2.NASL", "APPLE_IOS_93_CHECK.NBIN", "CENTOS8_RHSA-2020-1827.NASL", "CENTOS_RHSA-2020-1190.NASL", "DEBIAN_DLA-1524.NASL", "DEBIAN_DSA-3430.NASL", "EULEROS_SA-2019-1316.NASL", "EULEROS_SA-2019-1559.NASL", "EULEROS_SA-2019-2211.NASL", "EULEROS_SA-2019-2491.NASL", "EULEROS_SA-2019-2626.NASL", "EULEROS_SA-2020-1268.NASL", "FEDORA_2015-037F844D3E.NASL", "FEDORA_2015-C24AF963A2.NASL", "FEDORA_2016-189A7BF68C.NASL", "FEDORA_2016-A9EE80B01D.NASL", "FEDORA_2018-3B782350FF.NASL", "FEDORA_2018-E198CF4A64.NASL", "FREEBSD_PKG_E5423CAF8FB811E5918CBCAEC565249C.NASL", "GENTOO_GLSA-201701-37.NASL", "HPSMH_7_5_5.NASL", "JUNIPER_JSA10916.NASL", "LCE_4_8_0.NASL", "MACOSX_10_11_4.NASL", "MACOSX_SECUPD2016-002.NASL", "NEWSTART_CGSL_NS-SA-2020-0060_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2020-0091_LIBXML2.NASL", "OPENSUSE-2015-959.NASL", "OPENSUSE-2016-32.NASL", "OPENSUSE-2018-1149.NASL", "OPENSUSE-2018-1150.NASL", "OPENSUSE-2019-785.NASL", "PHOTONOS_PHSA-2019-3_0-0024_LIBXML2.NASL", "REDHAT-RHSA-2020-1190.NASL", "REDHAT-RHSA-2020-1827.NASL", "SL_20200407_LIBXML2_ON_SL7_X.NASL", "SUSE_SU-2016-0049-1.NASL", "SUSE_SU-2018-3080-1.NASL", "SUSE_SU-2018-3081-1.NASL", "UBUNTU_USN-2812-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310131110", "OPENVAS:1361412562310703430", "OPENVAS:1361412562310806693", "OPENVAS:1361412562310806695", "OPENVAS:1361412562310806792", "OPENVAS:1361412562310807268", "OPENVAS:1361412562310807598", "OPENVAS:1361412562310813437", "OPENVAS:1361412562310842535", "OPENVAS:1361412562310851931", "OPENVAS:1361412562310852042", "OPENVAS:1361412562310874903", "OPENVAS:1361412562310874921", "OPENVAS:1361412562310891524", "OPENVAS:1361412562311220191316", "OPENVAS:1361412562311220191559", "OPENVAS:1361412562311220192211", "OPENVAS:1361412562311220192491", "OPENVAS:1361412562311220192626", "OPENVAS:1361412562311220201268", "OPENVAS:703430"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1190", "ELSA-2020-1827"]}, {"type": "osv", "idList": ["OSV:DLA-1524-1", "OSV:DSA-3430-1"]}, {"type": "photon", "idList": ["PHSA-2019-0024", "PHSA-2019-3.0-0024"]}, {"type": "redhat", "idList": ["RHSA-2020:1190", "RHSA-2020:1827", "RHSA-2020:3194", "RHSA-2020:4298"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-14567", "RH:CVE-2018-9251"]}, {"type": "rubygems", "idList": ["RUBY:NOKOGIRI-2015-1819"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3107-1", "OPENSUSE-SU-2018:3110-1", "SUSE-SU-2016:0786-1"]}, {"type": "ubuntu", "idList": ["USN-2812-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-8035", "UB:CVE-2018-14567", "UB:CVE-2018-9251"]}, {"type": "veracode", "idList": ["VERACODE:25098"]}]}, "score": {"value": 5.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "archlinux", "idList": ["ASA-201810-3", "ASA-201810-4"]}, {"type": "cve", "idList": ["CVE-2015-8035"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1524-1:818AD"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-9251"]}, {"type": "f5", "idList": ["F5:K76678525"]}, {"type": "fedora", "idList": ["FEDORA:94363633518A", "FEDORA:DA47C616A923"]}, {"type": "kitploit", "idList": ["KITPLOIT:7323577050718865961"]}, {"type": "nessus", "idList": ["FEDORA_2018-E198CF4A64.NASL", "OPENSUSE-2018-1149.NASL", "OPENSUSE-2018-1150.NASL", "SUSE_SU-2018-3081-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310874903", "OPENVAS:1361412562310874921"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1827"]}, {"type": "photon", "idList": ["PHSA-2019-3.0-0024"]}, {"type": "redhat", "idList": ["RHSA-2020:1827"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-9251"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3107-1", "OPENSUSE-SU-2018:3110-1"]}]}, "exploitation": null, "vulnersScore": 5.3}, "_state": {"dependencies": 1659988328, "score": 1659848886}, "_internal": {"score_hash": "16aff258f5dc043d75c0123a32968d49"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/a:xmlsoft:libxml2:2.9.8"], "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.9.8:*:*:*:*:*:*:*"], "cwe": ["CWE-835"], "affectedSoftware": [{"cpeName": "xmlsoft:libxml2", "version": "2.9.8", "operator": "eq", "name": "xmlsoft libxml2"}, {"cpeName": "debian:debian_linux", "version": "8.0", "operator": "eq", "name": "debian debian linux"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:xmlsoft:libxml2:2.9.8:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://bugzilla.gnome.org/show_bug.cgi?id=794914", "name": "https://bugzilla.gnome.org/show_bug.cgi?id=794914", "refsource": "MISC", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"]}, {"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", "name": "[debian-lts-announce] 20180927 [SECURITY] [DLA 1524-1] libxml2 security update", "refsource": "MLIST", "tags": ["Third Party Advisory"]}]}

{"ubuntucve": [{"lastseen": "2022-08-04T13:50:54", "description": "The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used,\nallows remote attackers to cause a denial of service (infinite loop) via a\ncrafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by\nxmllint, a different vulnerability than CVE-2015-8035.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[leosilva](<https://launchpad.net/~leosilva>) | it's only affect if e2a9122b8dde53d320750451e9907a7dcb2ca8bb was applied, and it's not the case.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-04-04T00:00:00", "type": "ubuntucve", "title": "CVE-2018-9251", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2018-9251"], "modified": "2018-04-04T00:00:00", "id": "UB:CVE-2018-9251", "href": "https://ubuntu.com/security/CVE-2018-9251", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:47:30", "description": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a\ndenial of service (infinite loop) via a crafted XML file that triggers\nLZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability\nthan CVE-2015-8035 and CVE-2018-9251.\n\n#### Bugs\n\n * <https://gitlab.gnome.org/GNOME/libxml2/issues/13>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[leosilva](<https://launchpad.net/~leosilva>) | precise/esm version has not LZMA support\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-07-31T00:00:00", "type": "ubuntucve", "title": "CVE-2018-14567", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2018-07-31T00:00:00", "id": "UB:CVE-2018-14567", "href": "https://ubuntu.com/security/CVE-2018-14567", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:14:36", "description": "The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect\ncompression errors, which allows context-dependent attackers to cause a\ndenial of service (process hang) via crafted XML data.\n\n#### Bugs\n\n * <https://bugzilla.gnome.org/show_bug.cgi?id=757466>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | The test xz file does not trigger the DoS in our 2.9.2 builds. xz support was accidentally disabled in 2.9.2. Marking the devel release as 'needed' so that the build system fix (18b8988511b0954272cac4d6c3e6724f9dbf6e0a) doesn't slip in without this CVE fix.\n", "cvss3": {}, "published": "2015-11-02T00:00:00", "type": "ubuntucve", "title": "CVE-2015-8035", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035"], "modified": "2015-11-02T00:00:00", "id": "UB:CVE-2015-8035", "href": "https://ubuntu.com/security/CVE-2015-8035", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-07-09T17:33:34", "description": "The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-04-04T02:29:00", "type": "debiancve", "title": "CVE-2018-9251", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2018-9251"], "modified": "2018-04-04T02:29:00", "id": "DEBIANCVE:CVE-2018-9251", "href": "https://security-tracker.debian.org/tracker/CVE-2018-9251", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-09T17:33:34", "description": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-08-16T20:29:00", "type": "debiancve", "title": "CVE-2018-14567", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2018-08-16T20:29:00", "id": "DEBIANCVE:CVE-2018-14567", "href": "https://security-tracker.debian.org/tracker/CVE-2018-14567", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-09T17:33:33", "description": "The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.", "cvss3": {}, "published": "2015-11-18T16:59:00", "type": "debiancve", "title": "CVE-2015-8035", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035"], "modified": "2015-11-18T16:59:00", "id": "DEBIANCVE:CVE-2015-8035", "href": "https://security-tracker.debian.org/tracker/CVE-2015-8035", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2022-07-07T11:10:42", "description": "The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-04-09T20:20:56", "type": "redhatcve", "title": "CVE-2018-9251", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2018-9251"], "modified": "2022-07-07T11:08:38", "id": "RH:CVE-2018-9251", "href": "https://access.redhat.com/security/cve/cve-2018-9251", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-07T11:10:41", "description": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-08-22T02:19:05", "type": "redhatcve", "title": "CVE-2018-14567", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2022-07-07T10:30:31", "id": "RH:CVE-2018-14567", "href": "https://access.redhat.com/security/cve/cve-2018-14567", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T13:17:34", "description": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-08-16T20:29:00", "type": "cve", "title": "CVE-2018-14567", "cwe": ["CWE-835"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2020-09-10T01:15:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/a:xmlsoft:libxml2:2.9.8"], "id": "CVE-2018-14567", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14567", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T14:09:56", "description": "The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.", "cvss3": {}, "published": "2015-11-18T16:59:00", "type": "cve", "title": "CVE-2015-8035", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035"], "modified": "2019-03-08T16:06:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/a:xmlsoft:libxml2:2.9.1", "cpe:/o:apple:mac_os_x:10.11.3", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:apple:iphone_os:9.2.1", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:apple:tvos:9.1", "cpe:/o:apple:watchos:2.1"], "id": "CVE-2015-8035", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8035", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:apple:watchos:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:9.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-10-16T00:26:33", "description": "An update of the libxml2 package has been released.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Libxml2 PHSA-2019-3.0-0024", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-9251"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libxml2", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0024_LIBXML2.NASL", "href": "https://www.tenable.com/plugins/nessus/128154", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0024. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128154);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2018-9251\");\n\n script_name(english:\"Photon OS 3.0: Libxml2 PHSA-2019-3.0-0024\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libxml2 package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-9251\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libxml2-2.9.9-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libxml2-debuginfo-2.9.9-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libxml2-devel-2.9.9-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libxml2-python-2.9.9-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T00:47:52", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1827 advisory.\n\n - libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n - libxml2: infinite loop in xz_decomp function in xzlib.c (CVE-2018-9251)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-11-18T00:00:00", "type": "nessus", "title": "RHEL 8 : libxml2 (RHSA-2020:1827)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-9251", "CVE-2018-14404"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.2", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:libxml2", "p-cpe:/a:redhat:enterprise_linux:libxml2-devel", "p-cpe:/a:redhat:enterprise_linux:python3-libxml2"], "id": "REDHAT-RHSA-2020-1827.NASL", "href": "https://www.tenable.com/plugins/nessus/143009", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1827. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143009);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2018-9251\", \"CVE-2018-14404\");\n script_xref(name:\"RHSA\", value:\"2020:1827\");\n\n script_name(english:\"RHEL 8 : libxml2 (RHSA-2020:1827)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1827 advisory.\n\n - libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n - libxml2: infinite loop in xz_decomp function in xzlib.c (CVE-2018-9251)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/476.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/835.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-9251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1827\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1565318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1595985\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2, libxml2-devel and / or python3-libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14404\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(476, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libxml2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ],\n 'rhel_aus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_2_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_2_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_2_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_4_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_4_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_4_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_4_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'libxml2-2.9.7-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'libxml2-2.9.7-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'libxml2-2.9.7-7.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'libxml2-2.9.7-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'libxml2-devel-2.9.7-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'libxml2-devel-2.9.7-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'libxml2-devel-2.9.7-7.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'libxml2-devel-2.9.7-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-libxml2-2.9.7-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-libxml2-2.9.7-7.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-libxml2-2.9.7-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / python3-libxml2');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:31:20", "description": "Fix few CVEs\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-08-10T00:00:00", "type": "nessus", "title": "Fedora 27 : libxml2 (2018-e198cf4a64)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-9251"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxml2", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-E198CF4A64.NASL", "href": "https://www.tenable.com/plugins/nessus/111621", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-e198cf4a64.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111621);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-14404\", \"CVE-2018-9251\");\n script_xref(name:\"FEDORA\", value:\"2018-e198cf4a64\");\n\n script_name(english:\"Fedora 27 : libxml2 (2018-e198cf4a64)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix few CVEs\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-e198cf4a64\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"libxml2-2.9.8-4.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:29:01", "description": "Fix few CVEs\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : libxml2 (2018-3b782350ff)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-9251"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxml2", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-3B782350FF.NASL", "href": "https://www.tenable.com/plugins/nessus/120363", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-3b782350ff.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120363);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-14404\", \"CVE-2018-9251\");\n script_xref(name:\"FEDORA\", value:\"2018-3b782350ff\");\n\n script_name(english:\"Fedora 28 : libxml2 (2018-3b782350ff)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix few CVEs\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-3b782350ff\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"libxml2-2.9.8-4.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:06:27", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1827 advisory.\n\n - libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n - libxml2: infinite loop in xz_decomp function in xzlib.c (CVE-2018-9251)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : libxml2 (CESA-2020:1827)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-9251", "CVE-2018-14404"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:libxml2", "p-cpe:/a:centos:centos:libxml2-devel", "p-cpe:/a:centos:centos:python3-libxml2"], "id": "CENTOS8_RHSA-2020-1827.NASL", "href": "https://www.tenable.com/plugins/nessus/145930", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:1827. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145930);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2018-9251\", \"CVE-2018-14404\");\n script_xref(name:\"RHSA\", value:\"2020:1827\");\n\n script_name(english:\"CentOS 8 : libxml2 (CESA-2020:1827)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:1827 advisory.\n\n - libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n - libxml2: infinite loop in xz_decomp function in xzlib.c (CVE-2018-9251)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1827\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2, libxml2-devel and / or python3-libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14404\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libxml2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'libxml2-2.9.7-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-2.9.7-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.7-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.7-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.7-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.7-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / python3-libxml2');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:30:47", "description": "This update for libxml2 fixes the following security issues :\n\n - CVE-2018-9251: The xz_decomp function allowed remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279)\n\n - CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1105166)\n\n - CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval() function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack (bsc#1102046)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-10-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxml2 (openSUSE-2018-1150)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxml2-2", "p-cpe:/a:novell:opensuse:libxml2-2-32bit", "p-cpe:/a:novell:opensuse:libxml2-2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-debugsource", "p-cpe:/a:novell:opensuse:libxml2-devel", "p-cpe:/a:novell:opensuse:libxml2-devel-32bit", "p-cpe:/a:novell:opensuse:libxml2-tools", "p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2-python-debugsource", "p-cpe:/a:novell:opensuse:python2-libxml2-python", "p-cpe:/a:novell:opensuse:python2-libxml2-python-debuginfo", "p-cpe:/a:novell:opensuse:python3-libxml2-python", "p-cpe:/a:novell:opensuse:python3-libxml2-python-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-1150.NASL", "href": "https://www.tenable.com/plugins/nessus/118116", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1150.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118116);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-14404\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n\n script_name(english:\"openSUSE Security Update : libxml2 (openSUSE-2018-1150)\");\n script_summary(english:\"Check for the openSUSE-2018-1150 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libxml2 fixes the following security issues :\n\n - CVE-2018-9251: The xz_decomp function allowed remote\n attackers to cause a denial of service (infinite loop)\n via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n (bsc#1088279)\n\n - CVE-2018-14567: Prevent denial of service (infinite\n loop) via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n (bsc#1105166)\n\n - CVE-2018-14404: Prevent NULL pointer dereference in the\n xmlXPathCompOpEval() function when parsing an invalid\n XPath expression in the XPATH_OP_AND or XPATH_OP_OR case\n leading to a denial of service attack (bsc#1102046)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1088279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1102046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105166\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-python-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python2-libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python2-libxml2-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-libxml2-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-2-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-2-debuginfo-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-debugsource-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-devel-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-tools-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-tools-debuginfo-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python-libxml2-python-debugsource-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python2-libxml2-python-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python2-libxml2-python-debuginfo-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python3-libxml2-python-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python3-libxml2-python-debuginfo-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-debuginfo-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.7-lp150.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2-2 / libxml2-2-debuginfo / libxml2-debugsource / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:27:59", "description": "This update for libxml2 fixes the following security issues :\n\n - CVE-2018-9251: The xz_decomp function allowed remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279)\n\n - CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1105166)\n\n - CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval() function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack (bsc#1102046)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxml2 (openSUSE-2019-785)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxml2-2", "p-cpe:/a:novell:opensuse:libxml2-2-32bit", "p-cpe:/a:novell:opensuse:libxml2-2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-debugsource", "p-cpe:/a:novell:opensuse:libxml2-devel", "p-cpe:/a:novell:opensuse:libxml2-devel-32bit", "p-cpe:/a:novell:opensuse:libxml2-tools", "p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2-python-debugsource", "p-cpe:/a:novell:opensuse:python2-libxml2-python", "p-cpe:/a:novell:opensuse:python2-libxml2-python-debuginfo", "p-cpe:/a:novell:opensuse:python3-libxml2-python", "p-cpe:/a:novell:opensuse:python3-libxml2-python-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-785.NASL", "href": "https://www.tenable.com/plugins/nessus/123336", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-785.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123336);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-14404\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n\n script_name(english:\"openSUSE Security Update : libxml2 (openSUSE-2019-785)\");\n script_summary(english:\"Check for the openSUSE-2019-785 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libxml2 fixes the following security issues :\n\n - CVE-2018-9251: The xz_decomp function allowed remote\n attackers to cause a denial of service (infinite loop)\n via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n (bsc#1088279)\n\n - CVE-2018-14567: Prevent denial of service (infinite\n loop) via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n (bsc#1105166)\n\n - CVE-2018-14404: Prevent NULL pointer dereference in the\n xmlXPathCompOpEval() function when parsing an invalid\n XPath expression in the XPATH_OP_AND or XPATH_OP_OR case\n leading to a denial of service attack (bsc#1102046)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1088279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1102046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105166\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-python-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python2-libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python2-libxml2-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-libxml2-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-2-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-2-debuginfo-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-debugsource-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-devel-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-tools-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libxml2-tools-debuginfo-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python-libxml2-python-debugsource-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python2-libxml2-python-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python2-libxml2-python-debuginfo-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python3-libxml2-python-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python3-libxml2-python-debuginfo-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-debuginfo-2.9.7-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.7-lp150.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2-2 / libxml2-2-32bit / libxml2-2-32bit-debuginfo / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:29:12", "description": "This update for libxml2 fixes the following security issues :\n\nCVE-2018-9251: The xz_decomp function allowed remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279)\n\nCVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1105166)\n\nCVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval() function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack (bsc#1102046)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2018:3080-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2020-03-16T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxml2", "p-cpe:/a:novell:suse_linux:libxml2-2", "p-cpe:/a:novell:suse_linux:libxml2-2-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo", "p-cpe:/a:novell:suse_linux:libxml2-debugsource", "p-cpe:/a:novell:suse_linux:libxml2-devel", "p-cpe:/a:novell:suse_linux:libxml2-tools", "p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo", "p-cpe:/a:novell:suse_linux:python-libxml2-python-debugsource", "p-cpe:/a:novell:suse_linux:python2-libxml2-python", "p-cpe:/a:novell:suse_linux:python2-libxml2-python-debuginfo", "p-cpe:/a:novell:suse_linux:python3-libxml2-python", "p-cpe:/a:novell:suse_linux:python3-libxml2-python-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-3080-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120125", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3080-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120125);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/16\");\n\n script_cve_id(\"CVE-2018-14404\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2018:3080-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libxml2 fixes the following security issues :\n\nCVE-2018-9251: The xz_decomp function allowed remote attackers to\ncause a denial of service (infinite loop) via a crafted XML file that\ntriggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279)\n\nCVE-2018-14567: Prevent denial of service (infinite loop) via a\ncrafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by\nxmllint (bsc#1105166)\n\nCVE-2018-14404: Prevent NULL pointer dereference in the\nxmlXPathCompOpEval() function when parsing an invalid XPath expression\nin the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service\nattack (bsc#1102046)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14404/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14567/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9251/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183080-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d57ed144\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-2182=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2-python-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python2-libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python2-libxml2-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-libxml2-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-debuginfo-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libxml2-2-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libxml2-2-debuginfo-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libxml2-debugsource-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libxml2-devel-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libxml2-tools-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libxml2-tools-debuginfo-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"python-libxml2-python-debugsource-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"python2-libxml2-python-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"python2-libxml2-python-debuginfo-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"python3-libxml2-python-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"python3-libxml2-python-debuginfo-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-debuginfo-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libxml2-2-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libxml2-2-debuginfo-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libxml2-debugsource-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libxml2-devel-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libxml2-tools-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libxml2-tools-debuginfo-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"python-libxml2-python-debugsource-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"python2-libxml2-python-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"python2-libxml2-python-debuginfo-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"python3-libxml2-python-2.9.7-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"python3-libxml2-python-debuginfo-2.9.7-3.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:15:34", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libxml2 packages installed that are affected by multiple vulnerabilities:\n\n - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. (CVE-2016-5131)\n\n - Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2017-15412)\n\n - A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case.\n Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. (CVE-2018-14404)\n\n - libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251. (CVE-2018-14567)\n\n - The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file. (CVE-2017-18258)\n\n - The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.\n (CVE-2015-8035)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : libxml2 Multiple Vulnerabilities (NS-SA-2020-0060)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0060_LIBXML2.NASL", "href": "https://www.tenable.com/plugins/nessus/143906", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0060. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143906);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\n \"CVE-2015-8035\",\n \"CVE-2016-5131\",\n \"CVE-2017-15412\",\n \"CVE-2017-18258\",\n \"CVE-2018-14404\",\n \"CVE-2018-14567\"\n );\n script_bugtraq_id(\n 77390,\n 92053,\n 102098,\n 105198\n );\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : libxml2 Multiple Vulnerabilities (NS-SA-2020-0060)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libxml2 packages installed that are affected\nby multiple vulnerabilities:\n\n - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82,\n allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors\n related to the XPointer range-to function. (CVE-2016-5131)\n\n - Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products,\n allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2017-15412)\n\n - A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2\n through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case.\n Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable\n to a denial of service attack due to a crash of the application. (CVE-2018-14404)\n\n - libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite\n loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different\n vulnerability than CVE-2015-8035 and CVE-2018-9251. (CVE-2018-14567)\n\n - The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of\n service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict\n memory usage to what is required for a legitimate file. (CVE-2017-18258)\n\n - The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which\n allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.\n (CVE-2015-8035)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0060\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL libxml2 packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-15412\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'libxml2-2.9.1-6.el7.4',\n 'libxml2-debuginfo-2.9.1-6.el7.4',\n 'libxml2-devel-2.9.1-6.el7.4',\n 'libxml2-python-2.9.1-6.el7.4',\n 'libxml2-static-2.9.1-6.el7.4'\n ],\n 'CGSL MAIN 5.04': [\n 'libxml2-2.9.1-6.el7.4',\n 'libxml2-debuginfo-2.9.1-6.el7.4',\n 'libxml2-devel-2.9.1-6.el7.4',\n 'libxml2-python-2.9.1-6.el7.4',\n 'libxml2-static-2.9.1-6.el7.4'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-16T15:22:55", "description": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. (CVE-2018-14404)\n\nUse after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n(CVE-2017-15412)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.\n(CVE-2015-8035)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251 . (CVE-2018-14567)\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.\n(CVE-2017-18258)\n\nUse-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. (CVE-2016-5131)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-07-23T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : libxml2 (ALAS-2020-1466)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2020-07-27T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libxml2", "p-cpe:/a:amazon:linux:libxml2-debuginfo", "p-cpe:/a:amazon:linux:libxml2-devel", "p-cpe:/a:amazon:linux:libxml2-python", "p-cpe:/a:amazon:linux:libxml2-static", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1466.NASL", "href": "https://www.tenable.com/plugins/nessus/138855", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1466.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138855);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/27\");\n\n script_cve_id(\"CVE-2015-8035\", \"CVE-2016-5131\", \"CVE-2017-15412\", \"CVE-2017-18258\", \"CVE-2018-14404\", \"CVE-2018-14567\");\n script_xref(name:\"ALAS\", value:\"2020-1466\");\n\n script_name(english:\"Amazon Linux 2 : libxml2 (ALAS-2020-1466)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A NULL pointer dereference vulnerability exists in the\nxpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when\nparsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR\ncase. Applications processing untrusted XSL format inputs with the use\nof the libxml2 library may be vulnerable to a denial of service attack\ndue to a crash of the application. (CVE-2018-14404)\n\nUse after free in libxml2 before 2.9.5, as used in Google Chrome prior\nto 63.0.3239.84 and other products, allowed a remote attacker to\npotentially exploit heap corruption via a crafted HTML page.\n(CVE-2017-15412)\n\nA denial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to crash.\n(CVE-2015-8035)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to\ncause a denial of service (infinite loop) via a crafted XML file that\ntriggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different\nvulnerability than CVE-2015-8035 and CVE-2018-9251 . (CVE-2018-14567)\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote\nattackers to cause a denial of service (memory consumption) via a\ncrafted LZMA file, because the decoder functionality does not restrict\nmemory usage to what is required for a legitimate file.\n(CVE-2017-18258)\n\nUse-after-free vulnerability in libxml2 through 2.9.4, as used in\nGoogle Chrome before 52.0.2743.82, allows remote attackers to cause a\ndenial of service or possibly have unspecified other impact via\nvectors related to the XPointer range-to function. (CVE-2016-5131)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1466.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update libxml2' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"libxml2-2.9.1-6.amzn2.4.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libxml2-debuginfo-2.9.1-6.amzn2.4.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libxml2-devel-2.9.1-6.amzn2.4.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libxml2-python-2.9.1-6.amzn2.4.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libxml2-static-2.9.1-6.amzn2.4.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-16T15:25:53", "description": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application. (CVE-2018-14404)\n\nUse after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file. (CVE-2017-15412)\n\nThe xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data. A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.\n(CVE-2015-8035)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251 . (CVE-2018-14567)\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.\n(CVE-2017-18258)\n\nUse-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. (CVE-2016-5131)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-08-13T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : libxml2 (ALAS-2020-1415)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libxml2", "p-cpe:/a:amazon:linux:libxml2-debuginfo", "p-cpe:/a:amazon:linux:libxml2-devel", "p-cpe:/a:amazon:linux:libxml2-python26", "p-cpe:/a:amazon:linux:libxml2-python27", "p-cpe:/a:amazon:linux:libxml2-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2020-1415.NASL", "href": "https://www.tenable.com/plugins/nessus/139549", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1415.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139549);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2015-8035\",\n \"CVE-2016-5131\",\n \"CVE-2017-15412\",\n \"CVE-2017-18258\",\n \"CVE-2018-14404\",\n \"CVE-2018-14567\"\n );\n script_xref(name:\"ALAS\", value:\"2020-1415\");\n\n script_name(english:\"Amazon Linux AMI : libxml2 (ALAS-2020-1415)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"A NULL pointer dereference vulnerability exists in the\nxpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when\nparsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR\ncase. Applications processing untrusted XSL format inputs with the use\nof the libxml2 library may be vulnerable to a denial of service attack\ndue to a crash of the application. A NULL pointer dereference\nvulnerability exists in the xpath.c:xmlXPathCompOpEval() function of\nlibxml2 when parsing invalid XPath expression. Applications processing\nuntrusted XSL format inputs with the use of libxml2 library may be\nvulnerable to denial of service attack due to crash of the\napplication. (CVE-2018-14404)\n\nUse after free in libxml2 before 2.9.5, as used in Google Chrome prior\nto 63.0.3239.84 and other products, allowed a remote attacker to\npotentially exploit heap corruption via a crafted HTML page. A\nuse-after-free flaw was found in the libxml2 library. An attacker\ncould use this flaw to cause an application linked against libxml2 to\ncrash when parsing a specially crafted XML file. (CVE-2017-15412)\n\nThe xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly\ndetect compression errors, which allows context-dependent attackers to\ncause a denial of service (process hang) via crafted XML data. A\ndenial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to crash.\n(CVE-2015-8035)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to\ncause a denial of service (infinite loop) via a crafted XML file that\ntriggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different\nvulnerability than CVE-2015-8035 and CVE-2018-9251 . (CVE-2018-14567)\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote\nattackers to cause a denial of service (memory consumption) via a\ncrafted LZMA file, because the decoder functionality does not restrict\nmemory usage to what is required for a legitimate file.\n(CVE-2017-18258)\n\nUse-after-free vulnerability in libxml2 through 2.9.4, as used in\nGoogle Chrome before 52.0.2743.82, allows remote attackers to cause a\ndenial of service or possibly have unspecified other impact via\nvectors related to the XPointer range-to function. (CVE-2016-5131)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2020-1415.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update libxml2' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-15412\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-2.9.1-6.4.40.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-debuginfo-2.9.1-6.4.40.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-devel-2.9.1-6.4.40.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-python26-2.9.1-6.4.40.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-python27-2.9.1-6.4.40.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-static-2.9.1-6.4.40.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python26 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-16T15:44:36", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libxml2 packages installed that are affected by multiple vulnerabilities:\n\n - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. (CVE-2016-5131)\n\n - Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2017-15412)\n\n - A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case.\n Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. (CVE-2018-14404)\n\n - libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251. (CVE-2018-14567)\n\n - The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file. (CVE-2017-18258)\n\n - The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.\n (CVE-2015-8035)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : libxml2 Multiple Vulnerabilities (NS-SA-2020-0091)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0091_LIBXML2.NASL", "href": "https://www.tenable.com/plugins/nessus/143920", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0091. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143920);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\n \"CVE-2015-8035\",\n \"CVE-2016-5131\",\n \"CVE-2017-15412\",\n \"CVE-2017-18258\",\n \"CVE-2018-14404\",\n \"CVE-2018-14567\"\n );\n script_bugtraq_id(\n 77390,\n 92053,\n 102098,\n 105198\n );\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : libxml2 Multiple Vulnerabilities (NS-SA-2020-0091)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libxml2 packages installed that are affected\nby multiple vulnerabilities:\n\n - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82,\n allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors\n related to the XPointer range-to function. (CVE-2016-5131)\n\n - Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products,\n allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2017-15412)\n\n - A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2\n through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case.\n Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable\n to a denial of service attack due to a crash of the application. (CVE-2018-14404)\n\n - libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite\n loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different\n vulnerability than CVE-2015-8035 and CVE-2018-9251. (CVE-2018-14567)\n\n - The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of\n service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict\n memory usage to what is required for a legitimate file. (CVE-2017-18258)\n\n - The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which\n allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.\n (CVE-2015-8035)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0091\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL libxml2 packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-15412\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.05': [\n 'libxml2-2.9.1-6.el7.4',\n 'libxml2-debuginfo-2.9.1-6.el7.4',\n 'libxml2-devel-2.9.1-6.el7.4',\n 'libxml2-python-2.9.1-6.el7.4',\n 'libxml2-static-2.9.1-6.el7.4'\n ],\n 'CGSL MAIN 5.05': [\n 'libxml2-2.9.1-6.el7.4',\n 'libxml2-debuginfo-2.9.1-6.el7.4',\n 'libxml2-devel-2.9.1-6.el7.4',\n 'libxml2-python-2.9.1-6.el7.4',\n 'libxml2-static-2.9.1-6.el7.4'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T17:03:42", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android.\n Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.(CVE-2017-0663)\n\n - libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.(CVE-2018-14567)\n\n - The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.(CVE-2017-8872)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.(CVE-2017-9048)\n\n - The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.(CVE-2015-8035)\n\n - The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.(CVE-2017-18258)\n\n - ** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states 'I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.'(CVE-2017-5969)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}, "published": "2019-12-04T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : libxml2 (EulerOS-SA-2019-2491)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2017-0663", "CVE-2017-18258", "CVE-2017-5969", "CVE-2017-8872", "CVE-2017-9048", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:libxml2-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2491.NASL", "href": "https://www.tenable.com/plugins/nessus/131644", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131644);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2015-8035\",\n \"CVE-2017-0663\",\n \"CVE-2017-5969\",\n \"CVE-2017-8872\",\n \"CVE-2017-9048\",\n \"CVE-2017-18258\",\n \"CVE-2018-14567\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : libxml2 (EulerOS-SA-2019-2491)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - A remote code execution vulnerability in libxml2 could\n enable an attacker using a specially crafted file to\n execute arbitrary code within the context of an\n unprivileged process. This issue is rated as High due\n to the possibility of remote code execution in an\n application that uses this library. Product: Android.\n Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1,\n 7.1.2. Android ID: A-37104170.(CVE-2017-0663)\n\n - libxml2 2.9.8, if --with-lzma is used, allows remote\n attackers to cause a denial of service (infinite loop)\n via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a\n different vulnerability than CVE-2015-8035 and\n CVE-2018-9251.(CVE-2018-14567)\n\n - The htmlParseTryOrFinish function in HTMLparser.c in\n libxml2 2.9.4 allows attackers to cause a denial of\n service (buffer over-read) or information\n disclosure.(CVE-2017-8872)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a\n stack-based buffer overflow. The function\n xmlSnprintfElementContent in valid.c is supposed to\n recursively dump the element content definition into a\n char buffer 'buf' of size 'size'. At the end of the\n routine, the function may strcat two more characters\n without checking whether the current strlen(buf) + 2 <\n size. This vulnerability causes programs that use\n libxml2, such as PHP, to crash.(CVE-2017-9048)\n\n - The xz_decomp function in xzlib.c in libxml2 2.9.1 does\n not properly detect compression errors, which allows\n context-dependent attackers to cause a denial of\n service (process hang) via crafted XML\n data.(CVE-2015-8035)\n\n - The xz_head function in xzlib.c in libxml2 before 2.9.6\n allows remote attackers to cause a denial of service\n (memory consumption) via a crafted LZMA file, because\n the decoder functionality does not restrict memory\n usage to what is required for a legitimate\n file.(CVE-2017-18258)\n\n - ** DISPUTED ** libxml2 2.9.4, when used in recover\n mode, allows remote attackers to cause a denial of\n service (NULL pointer dereference) via a crafted XML\n document. NOTE: The maintainer states 'I would disagree\n of a CVE with the Recover parsing option which should\n only be used for manual recovery at least for XML\n parser.'(CVE-2017-5969)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2491\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?43ee5278\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-0663\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-8872\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxml2-2.9.1-6.3.h18\",\n \"libxml2-devel-2.9.1-6.3.h18\",\n \"libxml2-python-2.9.1-6.3.h18\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-24T21:20:35", "description": "According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.(CVE-2017-9050)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.(CVE-2017-9049)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.(CVE-2017-9048)\n\n - The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.(CVE-2017-8872)\n\n - The xz_decomp function in xzlib.c in libxml2 2.9.8, if\n --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.(CVE-2018-9251)\n\n - libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.(CVE-2018-14567)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}, "published": "2020-03-20T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.2 : libxml2 (EulerOS-SA-2020-1268)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2016-1839", "CVE-2017-8872", "CVE-2017-9048", "CVE-2017-9049", "CVE-2017-9050", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:libxml2-python", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "id": "EULEROS_SA-2020-1268.NASL", "href": "https://www.tenable.com/plugins/nessus/134734", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134734);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-8872\",\n \"CVE-2017-9048\",\n \"CVE-2017-9049\",\n \"CVE-2017-9050\",\n \"CVE-2018-14567\",\n \"CVE-2018-9251\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : libxml2 (EulerOS-SA-2020-1268)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a\n heap-based buffer over-read in the xmlDictAddString\n function in dict.c. This vulnerability causes programs\n that use libxml2, such as PHP, to crash. This\n vulnerability exists because of an incomplete fix for\n CVE-2016-1839.(CVE-2017-9050)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a\n heap-based buffer over-read in the\n xmlDictComputeFastKey function in dict.c. This\n vulnerability causes programs that use libxml2, such as\n PHP, to crash. This vulnerability exists because of an\n incomplete fix for libxml2 Bug 759398.(CVE-2017-9049)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a\n stack-based buffer overflow. The function\n xmlSnprintfElementContent in valid.c is supposed to\n recursively dump the element content definition into a\n char buffer 'buf' of size 'size'. At the end of the\n routine, the function may strcat two more characters\n without checking whether the current strlen(buf) + 2 <\n size. This vulnerability causes programs that use\n libxml2, such as PHP, to crash.(CVE-2017-9048)\n\n - The htmlParseTryOrFinish function in HTMLparser.c in\n libxml2 2.9.4 allows attackers to cause a denial of\n service (buffer over-read) or information\n disclosure.(CVE-2017-8872)\n\n - The xz_decomp function in xzlib.c in libxml2 2.9.8, if\n --with-lzma is used, allows remote attackers to cause a\n denial of service (infinite loop) via a crafted XML\n file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated\n by xmllint, a different vulnerability than\n CVE-2015-8035.(CVE-2018-9251)\n\n - libxml2 2.9.8, if --with-lzma is used, allows remote\n attackers to cause a denial of service (infinite loop)\n via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a\n different vulnerability than CVE-2015-8035 and\n CVE-2018-9251.(CVE-2018-14567)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1268\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?814b9c2e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxml2-2.9.1-6.3.h17\",\n \"libxml2-devel-2.9.1-6.3.h17\",\n \"libxml2-python-2.9.1-6.3.h17\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2022-03-27T15:54:58", "description": "This update for libxml2 fixes the following security issues :\n\nCVE-2018-9251: The xz_decomp function allowed remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279).\n\nCVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1105166).\n\nCVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval() function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack (bsc#1102046).\n\nCVE-2017-18258: The xz_head function allowed remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality did not restrict memory usage to what is required for a legitimate file (bsc#1088601).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-10-10T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2018:3081-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2022-02-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxml2", "p-cpe:/a:novell:suse_linux:libxml2-2", "p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo", "p-cpe:/a:novell:suse_linux:libxml2-debugsource", "p-cpe:/a:novell:suse_linux:libxml2-tools", "p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo", "p-cpe:/a:novell:suse_linux:python-libxml2", "p-cpe:/a:novell:suse_linux:python-libxml2-debuginfo", "p-cpe:/a:novell:suse_linux:python-libxml2-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3081-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118032", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3081-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118032);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/10\");\n\n script_cve_id(\"CVE-2017-18258\", \"CVE-2018-14404\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2018:3081-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libxml2 fixes the following security issues :\n\nCVE-2018-9251: The xz_decomp function allowed remote attackers to\ncause a denial of service (infinite loop) via a crafted XML file that\ntriggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n(bsc#1088279).\n\nCVE-2018-14567: Prevent denial of service (infinite loop) via a\ncrafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by\nxmllint (bsc#1105166).\n\nCVE-2018-14404: Prevent NULL pointer dereference in the\nxmlXPathCompOpEval() function when parsing an invalid XPath expression\nin the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service\nattack (bsc#1102046).\n\nCVE-2017-18258: The xz_head function allowed remote attackers to cause\na denial of service (memory consumption) via a crafted LZMA file,\nbecause the decoder functionality did not restrict memory usage to\nwhat is required for a legitimate file (bsc#1088601).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088601\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-18258/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14404/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14567/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9251/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183081-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?01eed67d\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2181=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2181=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2181=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2181=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14404\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libxml2-2-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libxml2-2-32bit-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libxml2-2-debuginfo-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libxml2-2-debuginfo-32bit-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libxml2-debugsource-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libxml2-tools-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libxml2-tools-debuginfo-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-libxml2-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-libxml2-debuginfo-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-libxml2-debugsource-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-2-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-debugsource-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-tools-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-tools-debuginfo-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"python-libxml2-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"python-libxml2-debuginfo-2.9.4-46.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"python-libxml2-debugsource-2.9.4-46.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:30:47", "description": "This update for libxml2 fixes the following security issues :\n\n - CVE-2018-9251: The xz_decomp function allowed remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279).\n\n - CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1105166).\n\n - CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval() function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack (bsc#1102046).\n\n - CVE-2017-18258: The xz_head function allowed remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality did not restrict memory usage to what is required for a legitimate file (bsc#1088601).\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-10-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxml2 (openSUSE-2018-1149)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxml2-2", "p-cpe:/a:novell:opensuse:libxml2-2-32bit", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libxml2-debugsource", "p-cpe:/a:novell:opensuse:libxml2-devel", "p-cpe:/a:novell:opensuse:libxml2-devel-32bit", "p-cpe:/a:novell:opensuse:libxml2-tools", "p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2", "p-cpe:/a:novell:opensuse:python-libxml2-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2-debugsource", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-1149.NASL", "href": "https://www.tenable.com/plugins/nessus/118115", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1149.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118115);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-18258\", \"CVE-2018-14404\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n\n script_name(english:\"openSUSE Security Update : libxml2 (openSUSE-2018-1149)\");\n script_summary(english:\"Check for the openSUSE-2018-1149 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libxml2 fixes the following security issues :\n\n - CVE-2018-9251: The xz_decomp function allowed remote\n attackers to cause a denial of service (infinite loop)\n via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n (bsc#1088279).\n\n - CVE-2018-14567: Prevent denial of service (infinite\n loop) via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n (bsc#1105166).\n\n - CVE-2018-14404: Prevent NULL pointer dereference in the\n xmlXPathCompOpEval() function when parsing an invalid\n XPath expression in the XPATH_OP_AND or XPATH_OP_OR case\n leading to a denial of service attack (bsc#1102046).\n\n - CVE-2017-18258: The xz_head function allowed remote\n attackers to cause a denial of service (memory\n consumption) via a crafted LZMA file, because the\n decoder functionality did not restrict memory usage to\n what is required for a legitimate file (bsc#1088601).\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1088279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1088601\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1102046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105166\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libxml2-2-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libxml2-2-debuginfo-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libxml2-debugsource-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libxml2-devel-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libxml2-tools-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libxml2-tools-debuginfo-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"python-libxml2-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"python-libxml2-debuginfo-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"python-libxml2-debugsource-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.4-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.4-18.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2-2 / libxml2-2-32bit / libxml2-2-debuginfo / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:31:09", "description": "CVE-2018-14404 Fix of a NULL pointer dereference which might result in a crash and thus in a denial of service.\n\nCVE-2018-14567 and CVE-2018-9251 Approvement in LZMA error handling which prevents an infinite loop.\n\nCVE-2017-18258 Limit available memory to 100MB to avoid exhaustive memory consumption by malicious files.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 2.9.1+dfsg1-5+deb8u7.\n\nWe recommend that you upgrade your libxml2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-09-28T00:00:00", "type": "nessus", "title": "Debian DLA-1524-1 : libxml2 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "p-cpe:/a:debian:debian_linux:libxml2-dbg", "p-cpe:/a:debian:debian_linux:libxml2-dev", "p-cpe:/a:debian:debian_linux:libxml2-doc", "p-cpe:/a:debian:debian_linux:libxml2-utils", "p-cpe:/a:debian:debian_linux:libxml2-utils-dbg", "p-cpe:/a:debian:debian_linux:python-libxml2", "p-cpe:/a:debian:debian_linux:python-libxml2-dbg", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1524.NASL", "href": "https://www.tenable.com/plugins/nessus/117811", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1524-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117811);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-18258\", \"CVE-2018-14404\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n\n script_name(english:\"Debian DLA-1524-1 : libxml2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2018-14404 Fix of a NULL pointer dereference which might result in\na crash and thus in a denial of service.\n\nCVE-2018-14567 and CVE-2018-9251 Approvement in LZMA error handling\nwhich prevents an infinite loop.\n\nCVE-2017-18258 Limit available memory to 100MB to avoid exhaustive\nmemory consumption by malicious files.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2.9.1+dfsg1-5+deb8u7.\n\nWe recommend that you upgrade your libxml2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libxml2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libxml2\", reference:\"2.9.1+dfsg1-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-dbg\", reference:\"2.9.1+dfsg1-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-dev\", reference:\"2.9.1+dfsg1-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-doc\", reference:\"2.9.1+dfsg1-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-utils\", reference:\"2.9.1+dfsg1-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-utils-dbg\", reference:\"2.9.1+dfsg1-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxml2\", reference:\"2.9.1+dfsg1-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxml2-dbg\", reference:\"2.9.1+dfsg1-5+deb8u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T17:02:04", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select sub nodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library.Security Fix(es):** DISPUTED\n ** libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE:\n The maintainer states 'I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.'(CVE-2017-5969)A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.(CVE-2018-14404)libxml2 2.9.8, if\n --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.(CVE-2018-14567)libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.(CVE-2017-9049)libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.(CVE-2017-9048)The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.(CVE-2017-8872)The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.(CVE-2015-8035)The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.(CVE-2017-18258)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}, "published": "2019-12-18T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2019-2626)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2017-18258", "CVE-2017-5969", "CVE-2017-8872", "CVE-2017-9048", "CVE-2017-9049", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:libxml2-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2626.NASL", "href": "https://www.tenable.com/plugins/nessus/132161", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132161);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2015-8035\",\n \"CVE-2017-18258\",\n \"CVE-2017-5969\",\n \"CVE-2017-8872\",\n \"CVE-2017-9048\",\n \"CVE-2017-9049\",\n \"CVE-2018-14404\",\n \"CVE-2018-14567\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2019-2626)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - This library allows to manipulate XML files. It\n includes support to read, modify and write XML and HTML\n files. There is DTDs support this includes parsing and\n validation even with complex DtDs, either at parse time\n or later once the document has been modified. The\n output can be a simple SAX stream or and in-memory DOM\n like representations. In this case one can use the\n built-in XPath and XPointer implementation to select\n sub nodes or ranges. A flexible Input/Output mechanism\n is available, with existing HTTP and FTP modules and\n combined to an URI library.Security Fix(es):** DISPUTED\n ** libxml2 2.9.4, when used in recover mode, allows\n remote attackers to cause a denial of service (NULL\n pointer dereference) via a crafted XML document. NOTE:\n The maintainer states 'I would disagree of a CVE with\n the Recover parsing option which should only be used\n for manual recovery at least for XML\n parser.'(CVE-2017-5969)A NULL pointer dereference\n vulnerability exists in the\n xpath.c:xmlXPathCompOpEval() function of libxml2\n through 2.9.8 when parsing an invalid XPath expression\n in the XPATH_OP_AND or XPATH_OP_OR case. Applications\n processing untrusted XSL format inputs with the use of\n the libxml2 library may be vulnerable to a denial of\n service attack due to a crash of the\n application.(CVE-2018-14404)libxml2 2.9.8, if\n --with-lzma is used, allows remote attackers to cause a\n denial of service (infinite loop) via a crafted XML\n file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated\n by xmllint, a different vulnerability than\n CVE-2015-8035 and CVE-2018-9251.(CVE-2018-14567)libxml2\n 20904-GITv2.9.4-16-g0741801 is vulnerable to a\n heap-based buffer over-read in the\n xmlDictComputeFastKey function in dict.c. This\n vulnerability causes programs that use libxml2, such as\n PHP, to crash. This vulnerability exists because of an\n incomplete fix for libxml2 Bug\n 759398.(CVE-2017-9049)libxml2\n 20904-GITv2.9.4-16-g0741801 is vulnerable to a\n stack-based buffer overflow. The function\n xmlSnprintfElementContent in valid.c is supposed to\n recursively dump the element content definition into a\n char buffer 'buf' of size 'size'. At the end of the\n routine, the function may strcat two more characters\n without checking whether the current strlen(buf) + 2 <\n size. This vulnerability causes programs that use\n libxml2, such as PHP, to crash.(CVE-2017-9048)The\n htmlParseTryOrFinish function in HTMLparser.c in\n libxml2 2.9.4 allows attackers to cause a denial of\n service (buffer over-read) or information\n disclosure.(CVE-2017-8872)The xz_decomp function in\n xzlib.c in libxml2 2.9.1 does not properly detect\n compression errors, which allows context-dependent\n attackers to cause a denial of service (process hang)\n via crafted XML data.(CVE-2015-8035)The xz_head\n function in xzlib.c in libxml2 before 2.9.6 allows\n remote attackers to cause a denial of service (memory\n consumption) via a crafted LZMA file, because the\n decoder functionality does not restrict memory usage to\n what is required for a legitimate file.(CVE-2017-18258)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2626\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c6b15be1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxml2-2.9.1-6.3.h17\",\n \"libxml2-devel-2.9.1-6.3.h17\",\n \"libxml2-python-2.9.1-6.3.h17\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2022-06-16T20:23:35", "description": "The version of Tenable Log Correlation Engine (LCE) installed on the remote host is a version prior to 4.8.0. It is, therefore, affected by a denial of service vulnerability in the bundled version of Libxml2 due to an infinite loop condition in the xz_decomp() function. An unauthenticated, remote attacker can exploit this by convincing a user to input specially crafted XML content, to exhaust available system resources, resulting in a denial of service condition.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2016-04-25T00:00:00", "type": "nessus", "title": "Tenable Log Correlation Engine (LCE) < 4.8.0 Libxml2 DoS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035"], "modified": "2021-10-25T00:00:00", "cpe": ["cpe:/a:tenable:log_correlation_engine"], "id": "LCE_4_8_0.NASL", "href": "https://www.tenable.com/plugins/nessus/90706", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90706);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/25\");\n\n script_cve_id(\"CVE-2015-8035\");\n script_bugtraq_id(77390);\n\n script_name(english:\"Tenable Log Correlation Engine (LCE) < 4.8.0 Libxml2 DoS\");\n script_summary(english:\"Performs a version check.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A data aggregation application installed on the remote host is\naffected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Tenable Log Correlation Engine (LCE) installed on the\nremote host is a version prior to 4.8.0. It is, therefore, affected by\na denial of service vulnerability in the bundled version of Libxml2\ndue to an infinite loop condition in the xz_decomp() function. An\nunauthenticated, remote attacker can exploit this by convincing a user\nto input specially crafted XML content, to exhaust available system\nresources, resulting in a denial of service condition.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2016-06\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/oss-sec/2015/q4/206\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable LCE version 4.8.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8035\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:log_correlation_engine\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"lce_installed.nbin\");\n script_require_keys(\"installed_sw/Log Correlation Engine Server\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"install_func.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"Log Correlation Engine Server\";\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\npath = install['path'];\n\nfixed_version = '4.8.0';\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) < 0)\n{\n security_report_v4(\n port:0,\n severity:SECURITY_NOTE,\n extra:\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n'\n );\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-03-24T21:39:18", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the '<!DOCTYPE html' substring in a crafted HTML document.(CVE-2015-8806)\n\n - libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states 'I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.'(CVE-2017-5969)\n\n - The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.(CVE-2017-8872)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.(CVE-2017-9048)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.(CVE-2017-9049)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.(CVE-2017-9050)\n\n - The xz_decomp function in xzlib.c in libxml2 2.9.8, if\n --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.(CVE-2018-9251)\n\n - libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.(CVE-2018-14567)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2019-2211)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2015-8806", "CVE-2016-1839", "CVE-2017-5969", "CVE-2017-8872", "CVE-2017-9048", "CVE-2017-9049", "CVE-2017-9050", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:libxml2-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2211.NASL", "href": "https://www.tenable.com/plugins/nessus/130673", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130673);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2015-8806\",\n \"CVE-2017-5969\",\n \"CVE-2017-8872\",\n \"CVE-2017-9048\",\n \"CVE-2017-9049\",\n \"CVE-2017-9050\",\n \"CVE-2018-14567\",\n \"CVE-2018-9251\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2019-2211)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - dict.c in libxml2 allows remote attackers to cause a\n denial of service (heap-based buffer over-read and\n application crash) via an unexpected character\n immediately after the '<!DOCTYPE html' substring in a\n crafted HTML document.(CVE-2015-8806)\n\n - libxml2 2.9.4, when used in recover mode, allows remote\n attackers to cause a denial of service (NULL pointer\n dereference) via a crafted XML document. NOTE: The\n maintainer states 'I would disagree of a CVE with the\n Recover parsing option which should only be used for\n manual recovery at least for XML\n parser.'(CVE-2017-5969)\n\n - The htmlParseTryOrFinish function in HTMLparser.c in\n libxml2 2.9.4 allows attackers to cause a denial of\n service (buffer over-read) or information\n disclosure.(CVE-2017-8872)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a\n stack-based buffer overflow. The function\n xmlSnprintfElementContent in valid.c is supposed to\n recursively dump the element content definition into a\n char buffer 'buf' of size 'size'. At the end of the\n routine, the function may strcat two more characters\n without checking whether the current strlen(buf) + 2 <\n size. This vulnerability causes programs that use\n libxml2, such as PHP, to crash.(CVE-2017-9048)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a\n heap-based buffer over-read in the\n xmlDictComputeFastKey function in dict.c. This\n vulnerability causes programs that use libxml2, such as\n PHP, to crash. This vulnerability exists because of an\n incomplete fix for libxml2 Bug 759398.(CVE-2017-9049)\n\n - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a\n heap-based buffer over-read in the xmlDictAddString\n function in dict.c. This vulnerability causes programs\n that use libxml2, such as PHP, to crash. This\n vulnerability exists because of an incomplete fix for\n CVE-2016-1839.(CVE-2017-9050)\n\n - The xz_decomp function in xzlib.c in libxml2 2.9.8, if\n --with-lzma is used, allows remote attackers to cause a\n denial of service (infinite loop) via a crafted XML\n file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated\n by xmllint, a different vulnerability than\n CVE-2015-8035.(CVE-2018-9251)\n\n - libxml2 2.9.8, if --with-lzma is used, allows remote\n attackers to cause a denial of service (infinite loop)\n via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a\n different vulnerability than CVE-2015-8035 and\n CVE-2018-9251.(CVE-2018-14567)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2211\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?20307672\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxml2-2.9.1-6.3.h20.eulerosv2r7\",\n \"libxml2-devel-2.9.1-6.3.h20.eulerosv2r7\",\n \"libxml2-python-2.9.1-6.3.h20.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-08-19T12:28:59", "description": "According to its self-reported version number, the remote Juniper Junos device is affected by a Multiple vulnerabilities in libxml2:\n\n- Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.(CVE-2016-4448) \n- The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document. (CVE-2016-3627)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-11T00:00:00", "type": "nessus", "title": "Junos OS: Multiple vulnerabilities in libxml2 (JSA10916)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-3627", "CVE-2016-3705", "CVE-2016-4447", "CVE-2016-4448", "CVE-2016-4449", "CVE-2017-7375", "CVE-2017-18258", "CVE-2018-9251"], "modified": "2021-02-09T00:00:00", "cpe": ["cpe:/o:juniper:junos"], "id": "JUNIPER_JSA10916.NASL", "href": "https://www.tenable.com/plugins/nessus/121070", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121070);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2016-3627\",\n \"CVE-2016-3705\",\n \"CVE-2016-4447\",\n \"CVE-2016-4448\",\n \"CVE-2016-4449\",\n \"CVE-2017-7375\",\n \"CVE-2017-18258\",\n \"CVE-2018-9251\"\n );\n script_xref(name:\"JSA\", value:\"JSA10916\");\n\n script_name(english:\"Junos OS: Multiple vulnerabilities in libxml2 (JSA10916)\");\n script_summary(english:\"Checks the Junos version and build date.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote Juniper\nJunos device is affected by a Multiple vulnerabilities in libxml2:\n\n- Format string vulnerability in libxml2 before 2.9.4 allows \n attackers to have unspecified impact via format string \n specifiers in unknown vectors.(CVE-2016-4448)\n \n- The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and \n earlier, when used in recovery mode, allows context-dependent \n attackers to cause a denial of service (infinite recursion, stack \n consumption, and application crash) via a crafted XML document. \n (CVE-2016-3627)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10916\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the relevant Junos software release referenced in Juniper\nadvisory JSA10916.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4448\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:juniper:junos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Junos Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"junos_version.nasl\");\n script_require_keys(\"Host/Juniper/JUNOS/Version\", \"Host/Juniper/model\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"junos.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');\nmodel = get_kb_item_or_exit('Host/Juniper/model');\n\nfixes = make_array();\n\nfixes['12.3R'] = '12.3R12-S10';\n\nif (model =~ '^SRX')\n{\n fixes['12.1X46'] = '12.1X46-D81';\n fixes['12.3X48'] = '12.3X48-D75';\n fixes['15.1X49'] = '15.1X49-D150';\n}\nif (model =~ '^NFX')\n{\n fixes['15.1X53'] = '15.1X53-D495';\n}\nif (model =~ '^QFX5')\n{\n fixes['15.1X53'] = '15.1X53-D234';\n}\nif (model =~ '^QFX10000')\n{\n fixes['15.1X53'] = '15.1X53-D68';\n}\nif (model =~ '^EX')\n{\n fixes['15.1X53'] = '15.1X53-D590';\n}\nif (model =~ '^EX' || model =~ '^QFX')\n{\n fixes['14.1X53'] = '15.1X53-D590';\n}\nfixes['15.1'] = '15.1R4-S9';\nfixes['15.1F'] = '15.1F6-S11';\nfixes['16.1'] = '16.1R4-S11';\nfixes['16.2'] = '16.2R2-S7';\nfixes['17.1'] = '17.1R2-S9';\nfixes['17.2'] = '17.2R1-S7';\nfixes['17.3'] = '17.3R2-S4';\nfixes['17.4'] = '17.4R2';\nfixes['18.1'] = '18.1R2-S2';\nfixes['18.2'] = '18.2R1-S1';\nfixes['18.2X75'] = '18.2X75-D20';\n\nfix = check_junos(ver:ver, fixes:fixes, exit_on_fail:TRUE);\n\nif (report_verbosity > 0)\n{\n report = get_report(ver:ver, fix:fix);\n security_hole(port:0, extra:report);\n}\nelse security_hole(0);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:43:06", "description": "Update to 2.9.3 which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : mingw-libxml2-2.9.3-1.fc23 (2016-189a7bf68c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-libxml2", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-189A7BF68C.NASL", "href": "https://www.tenable.com/plugins/nessus/89484", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-189a7bf68c.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89484);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\");\n script_xref(name:\"FEDORA\", value:\"2016-189a7bf68c\");\n\n script_name(english:\"Fedora 23 : mingw-libxml2-2.9.3-1.fc23 (2016-189a7bf68c)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.9.3 which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1262853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1274225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1277149\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1281952\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e4706f27\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"mingw-libxml2-2.9.3-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-libxml2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:42:50", "description": "Update to 2.9.3 which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : mingw-libxml2-2.9.3-1.fc22 (2016-a9ee80b01d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-libxml2", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-A9EE80B01D.NASL", "href": "https://www.tenable.com/plugins/nessus/89591", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-a9ee80b01d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89591);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\");\n script_xref(name:\"FEDORA\", value:\"2016-a9ee80b01d\");\n\n script_name(english:\"Fedora 22 : mingw-libxml2-2.9.3-1.fc22 (2016-a9ee80b01d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.9.3 which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1262853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1274225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1277149\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1281952\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1623b0cf\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"mingw-libxml2-2.9.3-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-libxml2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:20:19", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A null pointer dereference vulnerability exists in the xpath function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.(CVE-2018-14404)\n\n - The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.(CVE-2017-18258)\n\n - A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.(CVE-2015-8035)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-05-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2019-1316)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2017-18258", "CVE-2018-14404"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:libxml2-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1316.NASL", "href": "https://www.tenable.com/plugins/nessus/124443", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124443);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2015-8035\",\n \"CVE-2017-18258\",\n \"CVE-2018-14404\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2019-1316)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - A null pointer dereference vulnerability exists in the\n xpath function of libxml2 when parsing invalid XPath\n expression. Applications processing untrusted XSL\n format inputs with the use of libxml2 library may be\n vulnerable to denial of service attack due to crash of\n the application.(CVE-2018-14404)\n\n - The xz_head function in xzlib.c in libxml2 before 2.9.6\n allows remote attackers to cause a denial of service\n (memory consumption) via a crafted LZMA file, because\n the decoder functionality does not restrict memory\n usage to what is required for a legitimate\n file.(CVE-2017-18258)\n\n - A denial of service flaw was found in libxml2. A remote\n attacker could provide a specially crafted XML or HTML\n file that, when processed by an application using\n libxml2, would cause that application to\n crash.(CVE-2015-8035)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1316\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e8dbbbe7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxml2-2.9.1-6.3.h15.eulerosv2r7\",\n \"libxml2-devel-2.9.1-6.3.h15.eulerosv2r7\",\n \"libxml2-python-2.9.1-6.3.h15.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-26T00:07:00", "description": "According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations.In this case one can use the built-in XPath and XPointer implementation to select sub nodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library.\n\n - Security Fixi1/4^esi1/4%0:\n\n - Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.i1/4^CVE-2012-2807i1/4%0\n\n - A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.i1/4^CVE-2015-8035i1/4%0\n\n - The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service i1/4^memory consumptioni1/4%0 via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.i1/4^CVE-2017-18258i1/4%0\n\n - A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEvali1/4^i1/4%0 function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.i1/4^CVE-2018-14404i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-05-15T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.1.0 : libxml2 (EulerOS-SA-2019-1559)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2807", "CVE-2015-8035", "CVE-2017-18258", "CVE-2018-14404"], "modified": "2021-02-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:libxml2-python", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1559.NASL", "href": "https://www.tenable.com/plugins/nessus/125103", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125103);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/08\");\n\n script_cve_id(\n \"CVE-2012-2807\",\n \"CVE-2015-8035\",\n \"CVE-2017-18258\",\n \"CVE-2018-14404\"\n );\n script_bugtraq_id(\n 54203,\n 54718\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : libxml2 (EulerOS-SA-2019-1559)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - This library allows to manipulate XML files. It\n includes support to read, modify and write XML and HTML\n files. There is DTDs support this includes parsing and\n validation even with complex DtDs, either at parse time\n or later once the document has been modified. The\n output can be a simple SAX stream or and in-memory DOM\n like representations.In this case one can use the\n built-in XPath and XPointer implementation to select\n sub nodes or ranges. A flexible Input/Output mechanism\n is available, with existing HTTP and FTP modules and\n combined to an URI library.\n\n - Security Fixi1/4^esi1/4%0:\n\n - Multiple integer overflows in libxml2, as used in\n Google Chrome before 20.0.1132.43 and other products,\n on 64-bit Linux platforms allow remote attackers to\n cause a denial of service or possibly have unspecified\n other impact via unknown vectors.i1/4^CVE-2012-2807i1/4%0\n\n - A denial of service flaw was found in libxml2. A remote\n attacker could provide a specially crafted XML or HTML\n file that, when processed by an application using\n libxml2, would cause that application to\n crash.i1/4^CVE-2015-8035i1/4%0\n\n - The xz_head function in xzlib.c in libxml2 before 2.9.6\n allows remote attackers to cause a denial of service\n i1/4^memory consumptioni1/4%0 via a crafted LZMA file,\n because the decoder functionality does not restrict\n memory usage to what is required for a legitimate\n file.i1/4^CVE-2017-18258i1/4%0\n\n - A NULL pointer dereference vulnerability exists in the\n xpath.c:xmlXPathCompOpEvali1/4^i1/4%0 function of libxml2\n through 2.9.8 when parsing an invalid XPath expression\n in the XPATH_OP_AND or XPATH_OP_OR case. Applications\n processing untrusted XSL format inputs with the use of\n the libxml2 library may be vulnerable to a denial of\n service attack due to a crash of the\n application.i1/4^CVE-2018-14404i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1559\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e2a133c6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxml2-2.9.1-6.3.h14\",\n \"libxml2-devel-2.9.1-6.3.h14\",\n \"libxml2-python-2.9.1-6.3.h14\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:43:58", "description": "Florian Weimer discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04.\n(CVE-2015-1819)\n\nMichal Zalewski discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-7941)\n\nKostya Serebryany discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-7942)\n\nGustavo Grieco discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-8035).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-11-17T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libxml2 vulnerabilities (USN-2812-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxml2", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2812-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86897", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2812-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86897);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\");\n script_xref(name:\"USN\", value:\"2812-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libxml2 vulnerabilities (USN-2812-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Florian Weimer discovered that libxml2 incorrectly handled certain XML\ndata. If a user or automated system were tricked into opening a\nspecially crafted document, an attacker could possibly cause resource\nconsumption, resulting in a denial of service. This issue only\naffected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04.\n(CVE-2015-1819)\n\nMichal Zalewski discovered that libxml2 incorrectly handled certain\nXML data. If a user or automated system were tricked into opening a\nspecially crafted document, an attacker could possibly cause libxml2\nto crash, resulting in a denial of service. This issue only affected\nUbuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-7941)\n\nKostya Serebryany discovered that libxml2 incorrectly handled certain\nXML data. If a user or automated system were tricked into opening a\nspecially crafted document, an attacker could possibly cause libxml2\nto crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2015-7942)\n\nGustavo Grieco discovered that libxml2 incorrectly handled certain XML\ndata. If a user or automated system were tricked into opening a\nspecially crafted document, an attacker could possibly cause libxml2\nto crash, resulting in a denial of service. This issue only affected\nUbuntu 14.04 LTS. (CVE-2015-8035).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2812-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxml2\", pkgver:\"2.7.8.dfsg-5.1ubuntu4.12\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxml2\", pkgver:\"2.9.1+dfsg1-3ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libxml2\", pkgver:\"2.9.2+dfsg1-3ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libxml2\", pkgver:\"2.9.2+zdfsg1-4ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T15:28:47", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1190 advisory.\n\n - libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)\n\n - libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)\n\n - libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)\n\n - libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)\n\n - libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n - libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-01T00:00:00", "type": "nessus", "title": "RHEL 7 : libxml2 (RHSA-2020:1190)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:libxml2", "p-cpe:/a:redhat:enterprise_linux:libxml2-devel", "p-cpe:/a:redhat:enterprise_linux:libxml2-python", "p-cpe:/a:redhat:enterprise_linux:libxml2-static"], "id": "REDHAT-RHSA-2020-1190.NASL", "href": "https://www.tenable.com/plugins/nessus/135071", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1190. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135071);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\n \"CVE-2015-8035\",\n \"CVE-2016-5131\",\n \"CVE-2017-15412\",\n \"CVE-2017-18258\",\n \"CVE-2018-14404\",\n \"CVE-2018-14567\"\n );\n script_bugtraq_id(\n 77390,\n 92053,\n 102098,\n 105198\n );\n script_xref(name:\"RHSA\", value:\"2020:1190\");\n script_xref(name:\"IAVB\", value:\"2016-B-0083-S\");\n script_xref(name:\"IAVB\", value:\"2016-B-0113-S\");\n script_xref(name:\"IAVB\", value:\"2017-B-0169-S\");\n\n script_name(english:\"RHEL 7 : libxml2 (RHSA-2020:1190)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1190 advisory.\n\n - libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)\n\n - libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)\n\n - libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)\n\n - libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)\n\n - libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n - libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/252.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/476.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2015-8035\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2016-5131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2017-15412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2017-18258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1190\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1277146\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1358641\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1523128\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1566749\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1595985\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1619875\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-15412\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(252, 400, 476);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-static\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_7_client': [\n 'rhel-7-desktop-debug-rpms',\n 'rhel-7-desktop-fastrack-debug-rpms',\n 'rhel-7-desktop-fastrack-rpms',\n 'rhel-7-desktop-fastrack-source-rpms',\n 'rhel-7-desktop-optional-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-rpms',\n 'rhel-7-desktop-optional-fastrack-source-rpms',\n 'rhel-7-desktop-optional-rpms',\n 'rhel-7-desktop-optional-source-rpms',\n 'rhel-7-desktop-rpms',\n 'rhel-7-desktop-source-rpms'\n ],\n 'enterprise_linux_7_computenode': [\n 'rhel-7-for-hpc-node-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-fastrack-rpms',\n 'rhel-7-for-hpc-node-fastrack-source-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-source-rpms',\n 'rhel-7-hpc-node-debug-rpms',\n 'rhel-7-hpc-node-optional-debug-rpms',\n 'rhel-7-hpc-node-optional-rpms',\n 'rhel-7-hpc-node-optional-source-rpms',\n 'rhel-7-hpc-node-rpms',\n 'rhel-7-hpc-node-source-rpms'\n ],\n 'enterprise_linux_7_server': [\n 'rhel-7-for-system-z-a-debug-rpms',\n 'rhel-7-for-system-z-a-optional-debug-rpms',\n 'rhel-7-for-system-z-a-optional-rpms',\n 'rhel-7-for-system-z-a-optional-source-rpms',\n 'rhel-7-for-system-z-a-rpms',\n 'rhel-7-for-system-z-a-source-rpms',\n 'rhel-7-for-system-z-debug-rpms',\n 'rhel-7-for-system-z-fastrack-debug-rpms',\n 'rhel-7-for-system-z-fastrack-rpms',\n 'rhel-7-for-system-z-fastrack-source-rpms',\n 'rhel-7-for-system-z-optional-debug-rpms',\n 'rhel-7-for-system-z-optional-fastrack-debug-rpms',\n 'rhel-7-for-system-z-optional-fastrack-rpms',\n 'rhel-7-for-system-z-optional-fastrack-source-rpms',\n 'rhel-7-for-system-z-optional-rpms',\n 'rhel-7-for-system-z-optional-source-rpms',\n 'rhel-7-for-system-z-rpms',\n 'rhel-7-for-system-z-source-rpms',\n 'rhel-7-server-debug-rpms',\n 'rhel-7-server-fastrack-debug-rpms',\n 'rhel-7-server-fastrack-rpms',\n 'rhel-7-server-fastrack-source-rpms',\n 'rhel-7-server-optional-debug-rpms',\n 'rhel-7-server-optional-fastrack-debug-rpms',\n 'rhel-7-server-optional-fastrack-rpms',\n 'rhel-7-server-optional-fastrack-source-rpms',\n 'rhel-7-server-optional-rpms',\n 'rhel-7-server-optional-source-rpms',\n 'rhel-7-server-rpms',\n 'rhel-7-server-source-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-debug-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-source-rpms',\n 'rhel-ha-for-rhel-7-server-debug-rpms',\n 'rhel-ha-for-rhel-7-server-rpms',\n 'rhel-ha-for-rhel-7-server-source-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-debug-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-source-rpms',\n 'rhel-rs-for-rhel-7-server-debug-rpms',\n 'rhel-rs-for-rhel-7-server-rpms',\n 'rhel-rs-for-rhel-7-server-source-rpms'\n ],\n 'enterprise_linux_7_workstation': [\n 'rhel-7-workstation-debug-rpms',\n 'rhel-7-workstation-fastrack-debug-rpms',\n 'rhel-7-workstation-fastrack-rpms',\n 'rhel-7-workstation-fastrack-source-rpms',\n 'rhel-7-workstation-optional-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-rpms',\n 'rhel-7-workstation-optional-fastrack-source-rpms',\n 'rhel-7-workstation-optional-rpms',\n 'rhel-7-workstation-optional-source-rpms',\n 'rhel-7-workstation-rpms',\n 'rhel-7-workstation-source-rpms'\n ],\n 'rhel_extras_7': [\n 'rhel-7-desktop-supplementary-rpms',\n 'rhel-7-desktop-supplementary-source-rpms',\n 'rhel-7-for-hpc-node-supplementary-rpms',\n 'rhel-7-for-hpc-node-supplementary-source-rpms',\n 'rhel-7-for-system-z-eus-supplementary-rpms',\n 'rhel-7-for-system-z-eus-supplementary-source-rpms',\n 'rhel-7-for-system-z-supplementary-debug-rpms',\n 'rhel-7-for-system-z-supplementary-rpms',\n 'rhel-7-for-system-z-supplementary-source-rpms',\n 'rhel-7-hpc-node-eus-supplementary-rpms',\n 'rhel-7-server-eus-supplementary-rpms',\n 'rhel-7-server-supplementary-rpms',\n 'rhel-7-server-supplementary-source-rpms',\n 'rhel-7-workstation-supplementary-rpms',\n 'rhel-7-workstation-supplementary-source-rpms'\n ],\n 'rhel_extras_oracle_java_7': [\n 'rhel-7-desktop-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-for-hpc-node-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-hpc-node-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-source-rpms',\n 'rhel-7-server-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-workstation-restricted-maintenance-oracle-java-rpms'\n ],\n 'rhel_extras_rt_7': [\n 'rhel-7-server-nfv-debug-rpms',\n 'rhel-7-server-nfv-rpms',\n 'rhel-7-server-nfv-source-rpms',\n 'rhel-7-server-rt-debug-rpms',\n 'rhel-7-server-rt-rpms',\n 'rhel-7-server-rt-source-rpms'\n ],\n 'rhel_extras_sap_7': [\n 'rhel-sap-for-rhel-7-for-system-z-debug-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-source-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-source-rpms',\n 'rhel-sap-for-rhel-7-server-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-rpms',\n 'rhel-sap-for-rhel-7-server-source-rpms'\n ],\n 'rhel_extras_sap_hana_7': [\n 'rhel-sap-hana-for-rhel-7-server-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-rpms',\n 'rhel-sap-hana-for-rhel-7-server-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'libxml2-2.9.1-6.el7.4', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-2.9.1-6.el7.4', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-2.9.1-6.el7.4', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-2.9.1-6.el7.4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-devel-2.9.1-6.el7.4', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-devel-2.9.1-6.el7.4', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-devel-2.9.1-6.el7.4', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-devel-2.9.1-6.el7.4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-python-2.9.1-6.el7.4', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-python-2.9.1-6.el7.4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-static-2.9.1-6.el7.4', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-static-2.9.1-6.el7.4', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-static-2.9.1-6.el7.4', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'libxml2-static-2.9.1-6.el7.4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / libxml2-python / libxml2-static');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T15:30:35", "description": "The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1190 advisory.\n\n - libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)\n\n - libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)\n\n - libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)\n\n - libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)\n\n - libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n - libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-10T00:00:00", "type": "nessus", "title": "CentOS 7 : libxml2 (CESA-2020:1190)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567"], "modified": "2021-03-16T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libxml2", "p-cpe:/a:centos:centos:libxml2-devel", "p-cpe:/a:centos:centos:libxml2-python", "p-cpe:/a:centos:centos:libxml2-static", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2020-1190.NASL", "href": "https://www.tenable.com/plugins/nessus/135358", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1190 and\n# CentOS Errata and Security Advisory 2020:1190 respectively.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135358);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/16\");\n\n script_cve_id(\n \"CVE-2015-8035\",\n \"CVE-2016-5131\",\n \"CVE-2017-15412\",\n \"CVE-2017-18258\",\n \"CVE-2018-14404\",\n \"CVE-2018-14567\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1190\");\n\n script_name(english:\"CentOS 7 : libxml2 (CESA-2020:1190)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:1190 advisory.\n\n - libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)\n\n - libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)\n\n - libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)\n\n - libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)\n\n - libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n - libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-cr-announce/2020-April/012518.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2ed8ea19\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/252.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/476.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5131\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(252, 400, 476);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'libxml2-2.9.1-6.el7.4', 'cpu':'i686', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-2.9.1-6.el7.4', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.1-6.el7.4', 'cpu':'i686', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.1-6.el7.4', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-python-2.9.1-6.el7.4', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-static-2.9.1-6.el7.4', 'cpu':'i686', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-static-2.9.1-6.el7.4', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / libxml2-python / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-16T15:12:11", "description": "* libxml2: Use after free triggered by XPointer paths beginning with range-to * libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c * libxml2:\nDoS caused by incorrect error detection during XZ decompression * libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c * libxml2: Unrestricted memory usage in xz_head() function in xzlib.c * libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20200407)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567"], "modified": "2020-04-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:libxml2", "p-cpe:/a:fermilab:scientific_linux:libxml2-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libxml2-devel", "p-cpe:/a:fermilab:scientific_linux:libxml2-python", "p-cpe:/a:fermilab:scientific_linux:libxml2-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20200407_LIBXML2_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/135819", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135819);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/24\");\n\n script_cve_id(\"CVE-2015-8035\", \"CVE-2016-5131\", \"CVE-2017-15412\", \"CVE-2017-18258\", \"CVE-2018-14404\", \"CVE-2018-14567\");\n\n script_name(english:\"Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20200407)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"* libxml2: Use after free triggered by XPointer paths beginning with\nrange-to * libxml2: Use after free in\nxmlXPathCompOpEvalPositionalPredicate() function in xpath.c * libxml2:\nDoS caused by incorrect error detection during XZ decompression *\nlibxml2: NULL pointer dereference in xmlXPathCompOpEval() function in\nxpath.c * libxml2: Unrestricted memory usage in xz_head() function in\nxzlib.c * libxml2: Infinite loop caused by incorrect error detection\nduring LZMA decompression\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2004&L=SCIENTIFIC-LINUX-ERRATA&P=12531\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?988a1301\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxml2-2.9.1-6.el7.4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxml2-debuginfo-2.9.1-6.el7.4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxml2-devel-2.9.1-6.el7.4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxml2-python-2.9.1-6.el7.4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxml2-static-2.9.1-6.el7.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:44:04", "description": "reports :\n\nCVE-2015-5312 Another entity expansion issue (David Drysdale).\n\nCVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey (David Drysdale).\n\nCVE-2015-7498 Avoid processing entities after encoding conversion failures (Daniel Veillard).\n\nCVE-2015-7499 (1) Add xmlHaltParser() to stop the parser (Daniel Veillard).\n\nCVE-2015-7499 (2) Detect incoherency on GROW (Daniel Veillard).\n\nCVE-2015-7500 Fix memory access error due to incorrect entities boundaries (Daniel Veillard).\n\nCVE-2015-7941 (1) Stop parsing on entities boundaries errors (Daniel Veillard).\n\nCVE-2015-7941 (2) Cleanup conditional section error handling (Daniel Veillard).\n\nCVE-2015-7942 Another variation of overflow in Conditional sections (Daniel Veillard).\n\nCVE-2015-7942 (2) Fix an error in previous Conditional section patch (Daniel Veillard).\n\nCVE-2015-8035 Fix XZ compression support loop (Daniel Veillard).\n\nCVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh Davenport)", "cvss3": {"score": null, "vector": null}, "published": "2015-11-23T00:00:00", "type": "nessus", "title": "FreeBSD : libxml2 -- multiple vulnerabilities (e5423caf-8fb8-11e5-918c-bcaec565249c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libxml2", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_E5423CAF8FB811E5918CBCAEC565249C.NASL", "href": "https://www.tenable.com/plugins/nessus/87000", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87000);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8242\");\n\n script_name(english:\"FreeBSD : libxml2 -- multiple vulnerabilities (e5423caf-8fb8-11e5-918c-bcaec565249c)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"reports :\n\nCVE-2015-5312 Another entity expansion issue (David Drysdale).\n\nCVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey\n(David Drysdale).\n\nCVE-2015-7498 Avoid processing entities after encoding conversion\nfailures (Daniel Veillard).\n\nCVE-2015-7499 (1) Add xmlHaltParser() to stop the parser (Daniel\nVeillard).\n\nCVE-2015-7499 (2) Detect incoherency on GROW (Daniel Veillard).\n\nCVE-2015-7500 Fix memory access error due to incorrect entities\nboundaries (Daniel Veillard).\n\nCVE-2015-7941 (1) Stop parsing on entities boundaries errors (Daniel\nVeillard).\n\nCVE-2015-7941 (2) Cleanup conditional section error handling (Daniel\nVeillard).\n\nCVE-2015-7942 Another variation of overflow in Conditional sections\n(Daniel Veillard).\n\nCVE-2015-7942 (2) Fix an error in previous Conditional section patch\n(Daniel Veillard).\n\nCVE-2015-8035 Fix XZ compression support loop (Daniel Veillard).\n\nCVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh\nDavenport)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://xmlsoft.org/news.html\"\n );\n # http://www.openwall.com/lists/oss-security/2015/11/18/23\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openwall.com/lists/oss-security/2015/11/18/23\"\n );\n # https://vuxml.freebsd.org/freebsd/e5423caf-8fb8-11e5-918c-bcaec565249c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bf2b1197\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libxml2<2.9.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-03-27T14:52:53", "description": "Very large set of security issues for libxml2 and a bunch of bug fixes too#CVE-2015-8242 #CVE-2015-7500 #CVE-2015-7499 #CVE-2015-5312 #CVE-2015-7498 #CVE-2015-7497 #CVE-2015-1819 #CVE-2015-7941 #CVE-2015-7942 #CVE-2015-8035\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : libxml2-2.9.3-1.fc23 (2015-c24af963a2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxml2", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-C24AF963A2.NASL", "href": "https://www.tenable.com/plugins/nessus/89394", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-c24af963a2.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89394);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_xref(name:\"FEDORA\", value:\"2015-c24af963a2\");\n\n script_name(english:\"Fedora 23 : libxml2-2.9.3-1.fc23 (2015-c24af963a2)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Very large set of security issues for libxml2 and a bunch of bug fixes\ntoo#CVE-2015-8242 #CVE-2015-7500 #CVE-2015-7499 #CVE-2015-5312\n#CVE-2015-7498 #CVE-2015-7497 #CVE-2015-1819 #CVE-2015-7941\n#CVE-2015-7942 #CVE-2015-8035\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1211278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?add3c570\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"libxml2-2.9.3-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-03-27T14:51:15", "description": "Very large set of security issues for libxml2 and a bunch of bug fixes too#CVE-2015-8242 #CVE-2015-7500 #CVE-2015-7499 #CVE-2015-5312 #CVE-2015-7498 #CVE-2015-7497 #CVE-2015-1819 #CVE-2015-7941 #CVE-2015-7942 #CVE-2015-8035\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : libxml2-2.9.3-1.fc22 (2015-037f844d3e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxml2", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-037F844D3E.NASL", "href": "https://www.tenable.com/plugins/nessus/89130", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-037f844d3e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89130);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_xref(name:\"FEDORA\", value:\"2015-037f844d3e\");\n\n script_name(english:\"Fedora 22 : libxml2-2.9.3-1.fc22 (2015-037f844d3e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Very large set of security issues for libxml2 and a bunch of bug fixes\ntoo#CVE-2015-8242 #CVE-2015-7500 #CVE-2015-7499 #CVE-2015-5312\n#CVE-2015-7498 #CVE-2015-7497 #CVE-2015-1819 #CVE-2015-7941\n#CVE-2015-7942 #CVE-2015-8035\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1211278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8ecd72e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"libxml2-2.9.3-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T20:24:52", "description": "According to its banner, the version of HP System Management Homepage (SMH) hosted on the remote web server is affected by the following vulnerabilities :\n\n - A denial of service vulnerability exists in the Apache HTTP Server due to the lack of the mod_reqtimeout module. An unauthenticated, remote attacker can exploit this, via a saturation of partial HTTP requests, to cause a daemon outage. (CVE-2007-6750)\n\n - A cross-site scripting (XSS) vulnerability exists in jQuery when using location.hash to select elements. An unauthenticated, remote attacker can exploit this, via a specially crafted tag, to inject arbitrary script code or HTML into the user's browser session.\n (CVE-2011-4969)\n\n - A NULL pointer dereference flaw exists in file rsa_ameth.c due to improper handling of ASN.1 signatures that are missing the PSS parameter. A remote attacker can exploit this to cause the signature verification routine to crash, resulting in a denial of service condition. (CVE-2015-3194)\n\n - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195)\n\n - An out-of-bounds read error exists in cURL and libcurl within the smb_request_state() function due to improper bounds checking. An unauthenticated, remote attacker can exploit this, using a malicious SMB server and crafted length and offset values, to disclose sensitive memory information or to cause a denial of service condition. (CVE-2015-3237)\n\n - A flaw exists in libxslt in the xsltStylePreCompute() function within file preproc.c due to a failure to check if the parent node is an element. An unauthenticated, remote attacker can exploit this, via a specially crafted XML file, to cause a denial of service condition. (CVE-2015-7995)\n\n - An infinite loop condition exists in the xz_decomp() function within file xzlib.c when handling xz compressed XML content due to a failure to detect compression errors. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition. (CVE-2015-8035)\n\n - A double-free error exists due to improper validation of user-supplied input when parsing malformed DSA private keys. A remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2016-0705)\n\n - An out-of-bounds read error exists in the fmtstr() function within file crypto/bio/b_print.c when printing very long strings due to a failure to properly calculate string lengths. An unauthenticated, remote attacker can exploit this, via a long string, to cause a denial of service condition, as demonstrated by a large amount of ASN.1 data. (CVE-2016-0799)\n\n - An unspecified flaw exists that allows a local attacker to impact the confidentiality and integrity of the system. No other details are available. (CVE-2016-2015)\n\n - A flaw exists in the doapr_outch() function within file crypto/bio/b_print.c due to a failure to verify that a certain memory allocation succeeds. An unauthenticated, remote attacker can exploit this, via a long string, to cause a denial of service condition, as demonstrated by a large amount of ASN.1 data. (CVE-2016-2842)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-05-18T00:00:00", "type": "nessus", "title": "HP System Management Homepage Multiple Vulnerabilities (HPSBMU03593)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6750", "CVE-2011-4969", "CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3237", "CVE-2015-7995", "CVE-2015-8035", "CVE-2016-0705", "CVE-2016-0799", "CVE-2016-2015", "CVE-2016-2842"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:hp:system_management_homepage"], "id": "HPSMH_7_5_5.NASL", "href": "https://www.tenable.com/plugins/nessus/91222", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91222);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2007-6750\",\n \"CVE-2011-4969\",\n \"CVE-2015-3194\",\n \"CVE-2015-3195\",\n \"CVE-2015-3237\",\n \"CVE-2015-7995\",\n \"CVE-2015-8035\",\n \"CVE-2016-0705\",\n \"CVE-2016-0799\",\n \"CVE-2016-2015\",\n \"CVE-2016-2842\"\n );\n script_bugtraq_id(\n 21865,\n 58458,\n 75387,\n 77325,\n 77390,\n 78623,\n 78626\n );\n script_xref(name:\"HP\", value:\"emr_na-c05111017\");\n script_xref(name:\"HP\", value:\"HPSBMU03593\");\n\n script_name(english:\"HP System Management Homepage Multiple Vulnerabilities (HPSBMU03593)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of HP System Management Homepage\n(SMH) hosted on the remote web server is affected by the following\nvulnerabilities :\n\n - A denial of service vulnerability exists in the Apache\n HTTP Server due to the lack of the mod_reqtimeout\n module. An unauthenticated, remote attacker can exploit\n this, via a saturation of partial HTTP requests, to\n cause a daemon outage. (CVE-2007-6750)\n\n - A cross-site scripting (XSS) vulnerability exists in\n jQuery when using location.hash to select elements. An\n unauthenticated, remote attacker can exploit this, via\n a specially crafted tag, to inject arbitrary script\n code or HTML into the user's browser session.\n (CVE-2011-4969)\n\n - A NULL pointer dereference flaw exists in file\n rsa_ameth.c due to improper handling of ASN.1 signatures\n that are missing the PSS parameter. A remote attacker\n can exploit this to cause the signature verification\n routine to crash, resulting in a denial of service\n condition. (CVE-2015-3194)\n\n - A flaw exists in the ASN1_TFLG_COMBINE implementation in\n file tasn_dec.c related to handling malformed\n X509_ATTRIBUTE structures. A remote attacker can exploit\n this to cause a memory leak by triggering a decoding\n failure in a PKCS#7 or CMS application, resulting in a\n denial of service. (CVE-2015-3195)\n\n - An out-of-bounds read error exists in cURL and libcurl\n within the smb_request_state() function due to improper\n bounds checking. An unauthenticated, remote attacker\n can exploit this, using a malicious SMB server and\n crafted length and offset values, to disclose sensitive\n memory information or to cause a denial of service\n condition. (CVE-2015-3237)\n\n - A flaw exists in libxslt in the xsltStylePreCompute()\n function within file preproc.c due to a failure to check\n if the parent node is an element. An unauthenticated,\n remote attacker can exploit this, via a specially\n crafted XML file, to cause a denial of service\n condition. (CVE-2015-7995)\n\n - An infinite loop condition exists in the xz_decomp()\n function within file xzlib.c when handling xz compressed\n XML content due to a failure to detect compression\n errors. An unauthenticated, remote attacker can exploit\n this, via specially crafted XML data, to cause a denial\n of service condition. (CVE-2015-8035)\n\n - A double-free error exists due to improper validation of\n user-supplied input when parsing malformed DSA private\n keys. A remote attacker can exploit this to corrupt\n memory, resulting in a denial of service condition or\n the execution of arbitrary code. (CVE-2016-0705)\n\n - An out-of-bounds read error exists in the fmtstr()\n function within file crypto/bio/b_print.c when printing\n very long strings due to a failure to properly calculate\n string lengths. An unauthenticated, remote attacker can\n exploit this, via a long string, to cause a denial of\n service condition, as demonstrated by a large amount of\n ASN.1 data. (CVE-2016-0799)\n\n - An unspecified flaw exists that allows a local attacker\n to impact the confidentiality and integrity of the\n system. No other details are available. (CVE-2016-2015)\n\n - A flaw exists in the doapr_outch() function within file\n crypto/bio/b_print.c due to a failure to verify that a\n certain memory allocation succeeds. An unauthenticated,\n remote attacker can exploit this, via a long string,\n to cause a denial of service condition, as demonstrated\n by a large amount of ASN.1 data. (CVE-2016-2842)\");\n # https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05111017\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8d21af70\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to HP System Management Homepage version 7.5.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-2842\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:system_management_homepage\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"compaq_wbem_detect.nasl\", \"os_fingerprint.nasl\");\n script_require_keys(\"www/hp_smh\");\n script_require_ports(\"Services/www\", 2301, 2381);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\n# Only Linux and Windows are affected -- HP-UX is not mentioned\nif (report_paranoia < 2)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Windows\" >!< os && \"Linux\" >!< os) audit(AUDIT_OS_NOT, \"Windows or Linux\", os);\n}\n\nport = get_http_port(default:2381, embedded:TRUE);\ninstall = get_install_from_kb(appname:'hp_smh', port:port, exit_on_fail:TRUE);\ndir = install['dir'];\nversion = install['ver'];\nprod = get_kb_item_or_exit(\"www/\"+port+\"/hp_smh/variant\");\n\nif (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_APP_VER, prod, build_url(port:port, qs:dir+\"/\") );\n\n# nb: 'version' can have non-numeric characters in it so we'll create\n# an alternate form and make sure that's safe for use in 'ver_compare()'.\nversion_alt = ereg_replace(pattern:\"[_-]\", replace:\".\", string:version);\nif (!ereg(pattern:\"^[0-9][0-9.]+$\", string:version_alt))\n audit(AUDIT_VER_FORMAT, version);\n\nif (\n ver_compare(ver:version_alt, fix:\"7.5.5\", strict:FALSE) == -1\n )\n{\n source_line = get_kb_item(\"www/\"+port+\"/hp_smh/source\");\n report = '\\n Product : ' + prod;\n if (!isnull(source_line))\n report += '\\n Version source : ' + source_line;\n\n report_items = make_array(\n \"Installed version\", version,\n \"Fixed version\", \"7.5.5\"\n );\n order = make_list(\"Installed version\", \"Fixed version\");\n report += report_items_str(report_items:report_items, ordered_fields:order);\n security_report_v4(severity:SECURITY_HOLE, port:port, extra:report, xss:TRUE);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, prod, port, version);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:43:22", "description": "- security update: This update fixes the following security issues :\n\n - CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193]\n\n - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734]\n\n - CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735]\n\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018]\n\n - CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021]\n\n - CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260]\n\n - CVE-2015-5312 Fix another entity expansion issue [bnc#957105]\n\n - CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106]\n\n - CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107]\n\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109]\n\n - CVE-2015-8317 Multiple out-of-bound read could lead to denial of service [bnc#956260]\n\n - CVE-2015-8035 DoS when parsing specially crafted XML document if XZ support is enabled [bnc#954429]\n\n - CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110] This update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": null, "vector": null}, "published": "2016-01-25T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxml2 (openSUSE-2016-32)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxml2-2", "p-cpe:/a:novell:opensuse:libxml2-2-32bit", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libxml2-debugsource", "p-cpe:/a:novell:opensuse:libxml2-devel", "p-cpe:/a:novell:opensuse:libxml2-devel-32bit", "p-cpe:/a:novell:opensuse:libxml2-tools", "p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2", "p-cpe:/a:novell:opensuse:python-libxml2-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2-debugsource", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-32.NASL", "href": "https://www.tenable.com/plugins/nessus/88122", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-32.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88122);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n\n script_name(english:\"openSUSE Security Update : libxml2 (openSUSE-2016-32)\");\n script_summary(english:\"Check for the openSUSE-2016-32 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - security update: This update fixes the following\n security issues :\n\n - CVE-2015-1819 Enforce the reader to run in constant\n memory [bnc#928193]\n\n - CVE-2015-7941 Fix out of bound read with crafted xml\n input by stopping parsing on entities boundaries errors\n [bnc#951734]\n\n - CVE-2015-7942 Fix another variation of overflow in\n Conditional sections [bnc#951735]\n\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when\n EOF [bnc#956018]\n\n - CVE-2015-8242 Buffer overead with HTML parser in push\n mode [bnc#956021]\n\n - CVE-2015-8317 Return if the encoding declaration is\n broken or encoding conversion failed [bnc#956260]\n\n - CVE-2015-5312 Fix another entity expansion issue\n [bnc#957105]\n\n - CVE-2015-7497 Avoid an heap buffer overflow in\n xmlDictComputeFastQKey [bnc#957106]\n\n - CVE-2015-7498 Processes entities after encoding\n conversion failures [bnc#957107]\n\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser /\n Detect incoherency on GROW [bnc#957109]\n\n - CVE-2015-8317 Multiple out-of-bound read could lead to\n denial of service [bnc#956260]\n\n - CVE-2015-8035 DoS when parsing specially crafted XML\n document if XZ support is enabled [bnc#954429]\n\n - CVE-2015-7500 Fix memory access error due to incorrect\n entities boundaries [bnc#957110] This update was\n imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=928193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957110\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-2-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-2-debuginfo-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-debugsource-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-devel-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-tools-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-tools-debuginfo-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-libxml2-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-libxml2-debuginfo-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-libxml2-debugsource-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.1-10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2-2 / libxml2-2-32bit / libxml2-2-debuginfo / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:43:39", "description": "- security update: This update fixes the following security issues :\n\n - CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193]\n\n - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734]\n\n - CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735]\n\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018]\n\n - CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021]\n\n - CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260]\n\n - CVE-2015-5312 Fix another entity expansion issue [bnc#957105]\n\n - CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106]\n\n - CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107]\n\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109]\n\n - CVE-2015-8317 Multiple out-of-bound read could lead to denial of service [bnc#956260]\n\n - CVE-2015-8035 DoS when parsing specially crafted XML document if XZ support is enabled [bnc#954429]\n\n - CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-01-12T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2016:0049-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxml2", "p-cpe:/a:novell:suse_linux:libxml2-2", "p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo", "p-cpe:/a:novell:suse_linux:libxml2-debugsource", "p-cpe:/a:novell:suse_linux:libxml2-tools", "p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo", "p-cpe:/a:novell:suse_linux:python-libxml2", "p-cpe:/a:novell:suse_linux:python-libxml2-debuginfo", "p-cpe:/a:novell:suse_linux:python-libxml2-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-0049-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87865", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:0049-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87865);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n script_bugtraq_id(75570);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2016:0049-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - security update: This update fixes the following\n security issues :\n\n - CVE-2015-1819 Enforce the reader to run in constant\n memory [bnc#928193]\n\n - CVE-2015-7941 Fix out of bound read with crafted xml\n input by stopping parsing on entities boundaries errors\n [bnc#951734]\n\n - CVE-2015-7942 Fix another variation of overflow in\n Conditional sections [bnc#951735]\n\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when\n EOF [bnc#956018]\n\n - CVE-2015-8242 Buffer overead with HTML parser in push\n mode [bnc#956021]\n\n - CVE-2015-8317 Return if the encoding declaration is\n broken or encoding conversion failed [bnc#956260]\n\n - CVE-2015-5312 Fix another entity expansion issue\n [bnc#957105]\n\n - CVE-2015-7497 Avoid an heap buffer overflow in\n xmlDictComputeFastQKey [bnc#957106]\n\n - CVE-2015-7498 Processes entities after encoding\n conversion failures [bnc#957107]\n\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser /\n Detect incoherency on GROW [bnc#957109]\n\n - CVE-2015-8317 Multiple out-of-bound read could lead to\n denial of service [bnc#956260]\n\n - CVE-2015-8035 DoS when parsing specially crafted XML\n document if XZ support is enabled [bnc#954429]\n\n - CVE-2015-7500 Fix memory access error due to incorrect\n entities boundaries [bnc#957110]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=928193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-1819/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5312/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7497/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7498/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7499/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7500/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7941/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7942/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8035/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8241/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8242/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8317/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4cc8f2f2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP1-2016-38=1\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2016-38=1\n\nSUSE Linux Enterprise Server 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-38=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2016-38=1\n\nSUSE Linux Enterprise Desktop 12-SP1 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-38=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2016-38=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-tools-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-tools-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-libxml2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-libxml2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-tools-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-tools-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python-libxml2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python-libxml2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python-libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-2-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-tools-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-tools-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"python-libxml2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"python-libxml2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"python-libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-tools-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-tools-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"python-libxml2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"python-libxml2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"python-libxml2-debugsource-2.9.1-13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:43:35", "description": "Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or crash the application.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-12-29T00:00:00", "type": "nessus", "title": "Debian DSA-3430-1 : libxml2 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8317", "CVE-2015-8710"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3430.NASL", "href": "https://www.tenable.com/plugins/nessus/87608", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3430. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87608);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8317\", \"CVE-2015-8710\");\n script_xref(name:\"DSA\", value:\"3430\");\n\n script_name(english:\"Debian DSA-3430-1 : libxml2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in libxml2, a library\nproviding support to read, modify and write XML and HTML files. A\nremote attacker could provide a specially crafted XML or HTML file\nthat, when processed by an application using libxml2, would cause that\napplication to use an excessive amount of CPU, leak potentially\nsensitive information, or crash the application.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libxml2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libxml2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3430\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libxml2 packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 2.8.0+dfsg1-7+wheezy5.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 2.9.1+dfsg1-5+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libxml2\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-dbg\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-dev\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-doc\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-utils\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-utils-dbg\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-libxml2\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-libxml2-dbg\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-dbg\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-dev\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-doc\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-utils\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-utils-dbg\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxml2\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxml2-dbg\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:43:35", "description": "- update to 2.9.3\n\n - full changelog: http://www.xmlsoft.org/news.html\n\n - fixed CVEs: CVE-2015-8242, CVE-2015-7500, CVE-2015-7499, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-8035, CVE-2015-7942, CVE-2015-1819, CVE-2015-7941, CVE-2014-3660, CVE-2014-0191, CVE-2015-8241, CVE-2015-8317\n\n - fixed bugs: [bsc#928193], [bsc#951734], [bsc#951735], [bsc#954429], [bsc#956018], [bsc#956021], [bsc#956260], [bsc#957105], [bsc#957106], [bsc#957107], [bsc#957109], [bsc#957110]", "cvss3": {"score": null, "vector": null}, "published": "2015-12-29T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxml2 (openSUSE-2015-959)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0191", "CVE-2014-3660", "CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxml2-2", "p-cpe:/a:novell:opensuse:libxml2-2-32bit", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libxml2-debugsource", "p-cpe:/a:novell:opensuse:libxml2-devel", "p-cpe:/a:novell:opensuse:libxml2-devel-32bit", "p-cpe:/a:novell:opensuse:libxml2-tools", "p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2", "p-cpe:/a:novell:opensuse:python-libxml2-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2-debugsource", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-959.NASL", "href": "https://www.tenable.com/plugins/nessus/87631", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-959.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87631);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0191\", \"CVE-2014-3660\", \"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n\n script_name(english:\"openSUSE Security Update : libxml2 (openSUSE-2015-959)\");\n script_summary(english:\"Check for the openSUSE-2015-959 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - update to 2.9.3\n\n - full changelog: http://www.xmlsoft.org/news.html\n\n - fixed CVEs: CVE-2015-8242, CVE-2015-7500, CVE-2015-7499,\n CVE-2015-5312, CVE-2015-7497, CVE-2015-7498,\n CVE-2015-8035, CVE-2015-7942, CVE-2015-1819,\n CVE-2015-7941, CVE-2014-3660, CVE-2014-0191,\n CVE-2015-8241, CVE-2015-8317\n\n - fixed bugs: [bsc#928193], [bsc#951734], [bsc#951735],\n [bsc#954429], [bsc#956018], [bsc#956021], [bsc#956260],\n [bsc#957105], [bsc#957106], [bsc#957107], [bsc#957109],\n [bsc#957110]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.xmlsoft.org/news.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=928193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957110\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-2-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-2-debuginfo-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-debugsource-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-devel-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-tools-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-tools-debuginfo-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-libxml2-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-libxml2-debuginfo-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-libxml2-debugsource-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-2-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-2-debuginfo-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-debugsource-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-devel-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-tools-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-tools-debuginfo-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-libxml2-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-libxml2-debuginfo-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-libxml2-debugsource-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.3-7.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2-2 / libxml2-2-32bit / libxml2-2-debuginfo / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:38:28", "description": "The remote host is affected by the vulnerability described in GLSA-201701-37 (libxml2: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could entice a user or automated system to process a specially crafted XML document, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-17T00:00:00", "type": "nessus", "title": "GLSA-201701-37 : libxml2: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2015-8806", "CVE-2016-1836", "CVE-2016-1838", "CVE-2016-1839", "CVE-2016-1840", "CVE-2016-2073", "CVE-2016-3627", "CVE-2016-3705", "CVE-2016-4483", "CVE-2016-4658", "CVE-2016-5131"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:libxml2", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201701-37.NASL", "href": "https://www.tenable.com/plugins/nessus/96541", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201701-37.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96541);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8242\", \"CVE-2015-8806\", \"CVE-2016-1836\", \"CVE-2016-1838\", \"CVE-2016-1839\", \"CVE-2016-1840\", \"CVE-2016-2073\", \"CVE-2016-3627\", \"CVE-2016-3705\", \"CVE-2016-4483\", \"CVE-2016-4658\", \"CVE-2016-5131\");\n script_xref(name:\"GLSA\", value:\"201701-37\");\n\n script_name(english:\"GLSA-201701-37 : libxml2: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201701-37\n(libxml2: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libxml2. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could entice a user or automated system to process a\n specially crafted XML document, possibly resulting in execution of\n arbitrary code with the privileges of the process or a Denial of Service\n condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201701-37\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libxml2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/libxml2-2.9.4-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/libxml2\", unaffected:make_list(\"ge 2.9.4-r1\"), vulnerable:make_list(\"lt 2.9.4-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-11T14:53:36", "description": "The remote host is running a version of Mac OS X that is 10.9.5 or 10.10.5 and is missing Security Update 2016-002. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - apache_mod_php\n - Kernel\n - libxml2\n - OpenSSH\n - Python\n - Tcl\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-22T00:00:00", "type": "nessus", "title": "Mac OS X 10.9.5 / 10.10.5 Multiple Vulnerabilities (Security Update 2016-002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9495", "CVE-2015-0973", "CVE-2015-1819", "CVE-2015-5312", "CVE-2015-5333", "CVE-2015-5334", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8126", "CVE-2015-8242", "CVE-2015-8472", "CVE-2016-0777", "CVE-2016-0778", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1759", "CVE-2016-1761", "CVE-2016-1762"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2016-002.NASL", "href": "https://www.tenable.com/plugins/nessus/90097", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90097);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2014-9495\",\n \"CVE-2015-0973\",\n \"CVE-2015-1819\",\n \"CVE-2015-5312\",\n \"CVE-2015-5333\",\n \"CVE-2015-5334\",\n \"CVE-2015-7499\",\n \"CVE-2015-7500\",\n \"CVE-2015-7942\",\n \"CVE-2015-8035\",\n \"CVE-2015-8126\",\n \"CVE-2015-8242\",\n \"CVE-2015-8472\",\n \"CVE-2016-0777\",\n \"CVE-2016-0778\",\n \"CVE-2016-1754\",\n \"CVE-2016-1755\",\n \"CVE-2016-1759\",\n \"CVE-2016-1761\",\n \"CVE-2016-1762\"\n );\n script_bugtraq_id(\n 71820,\n 71994,\n 75570,\n 77112,\n 77390,\n 77568,\n 77681,\n 78624,\n 79507,\n 79509,\n 79536,\n 79562,\n 80695,\n 80698\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-03-21-5\");\n\n script_name(english:\"Mac OS X 10.9.5 / 10.10.5 Multiple Vulnerabilities (Security Update 2016-002)\");\n script_summary(english:\"Checks for the presence of Security Update 2016-002.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X that is 10.9.5 or\n10.10.5 and is missing Security Update 2016-002. It is, therefore,\naffected by multiple vulnerabilities in the following components :\n\n - apache_mod_php\n - Kernel\n - libxml2\n - OpenSSH\n - Python\n - Tcl\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT206167\");\n # http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6c87f79a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2016-002 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\npatch = \"2016-002\";\n\n# Compare 2 patch numbers to determine if patch requirements are satisfied.\n# Return true if this patch or a later patch is applied\n# Return false otherwise\nfunction check_patch(year, number)\n{\n local_var p_split = split(patch, sep:\"-\");\n local_var p_year = int( p_split[0]);\n local_var p_num = int( p_split[1]);\n\n if (year > p_year) return TRUE;\n else if (year < p_year) return FALSE;\n else if (number >= p_num) return TRUE;\n else return FALSE;\n}\n\nif (!get_kb_item(\"Host/local_checks_enabled\"))\n audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.(9|10)\\.5([^0-9]|$)\", string:os))\n audit(AUDIT_OS_NOT, \"Mac OS X 10.9.5 or Mac OS X 10.10.5\");\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nsec_boms_report = egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\..*bom$\", string:packages);\nsec_boms = split(sec_boms_report, sep:'\\n');\n\nforeach package (sec_boms)\n{\n # Grab patch year and number\n match = eregmatch(pattern:\"[^0-9](20[0-9][0-9])[-.]([0-9]{3})[^0-9]\", string:package);\n if (empty_or_null(match[1]) || empty_or_null(match[2]))\n continue;\n\n patch_found = check_patch(year:int(match[1]), number:int(match[2]));\n if (patch_found) exit(0, \"The host has Security Update \" + patch + \" or later installed and is therefore not affected.\");\n}\n\nreport = '\\n Missing security update : ' + patch;\nreport += '\\n Installed security BOMs : ';\nif (sec_boms_report) report += str_replace(find:'\\n', replace:'\\n ', string:sec_boms_report);\nelse report += 'n/a';\nreport += '\\n';\n\nsecurity_report_v4(port:0, severity:SECURITY_HOLE, extra:report);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T20:21:13", "description": "According to its banner, the remote Apple TV device is a version prior to 9.2. It is, therefore, affected by the following vulnerabilities :\n\n - An XML external entity (XXE) expansion flaw exists in libxml2 due to the XML parser accepting entities from untrusted sources. An unauthenticated, remote attacker can exploit this, via crafted XML data, to cause a denial of service through resource exhaustion.\n (CVE-2015-1819)\n\n - An XML external entity (XXE) injection flaw exists in libxml2 in file parser.c due to the XML parser accepting entities from untrusted sources. An unauthenticated, remote attacker can exploit this, via crafted XML data, to cause a denial of service or to disclose sensitive information. (CVE-2015-5312)\n\n - A heap buffer overflow condition exists in libxml2 in the xmlGROW() function within file parser.c while handling XML data. An unauthenticated, remote attacker can exploit this to disclose sensitive information.\n (CVE-2015-7499)\n\n - An out-of-bounds heap read error exists in libxml2 in the xmlParseMisc() function within file parser.c while handling entity boundaries. An unauthenticated, remote attacker can exploit this to cause a denial of service.\n (CVE-2015-7500)\n\n - An out-of-bounds read error exists in libxml2 in the xmlParseConditionalSections() function within file parser.c due to a failure to properly skip intermediary entities when it stops parsing invalid input. An unauthenticated, remote attacker can exploit this, via crafted XML data, to cause a denial of service.\n (CVE-2015-7942)\n\n - A flaw exists in libxml2 in the xz_decomp() function within file xzlib.c due to a failure to properly detect compression errors when handling compressed XML content.\n An unauthenticated, remote attacker can exploit this, via crafted XML data, to cause an infinite loop, resulting in a denial of service.\n (CVE-2015-8035)\n\n - A out-of-bounds read error exists in libxml2 in the xmlSAX2TextNode() function within file SAX2.c due to improper sanitization of input data. An unauthenticated, remote attacker can exploit this, via crafted XML data, to cause a denial of service or to disclose sensitive information. (CVE-2015-8242)\n\n - A use-after-free error exists in Nghttp2 within file lib/nghttp2_session.c when handling idle streams. An unauthenticated, remote attacker can exploit this to deference already freed memory, allowing the execution of arbitrary code. (CVE-2015-8659)\n\n - An overflow condition exists in the Broadcom Wi-Fi driver due to improper validation of data while handling SSID or WPS_ID_DEVICE_NAME values. An unauthenticated, adjacent attacker can exploit this, via a crafted wireless control message packet, to cause a denial of service or to execute arbitrary code. (CVE-2016-0801)\n\n - An overflow condition exists in the Broadcom Wi-Fi driver due to improper validation of user-supplied input when handling the packet length of event messages.\n An unauthenticated, adjacent attacker can exploit this, via a crafted wireless control message packet, to cause a denial of service or to execute arbitrary code.\n (CVE-2016-0802)\n\n - A flaw exists in FontParser due to improper validation of user-supplied input when handling encoded fonts that contain invalid characters. An unauthenticated, remote attacker can exploit this, via a crafted PDF document, to corrupt memory, resulting in a denial of service or the execution arbitrary code. (CVE-2016-1740)\n\n - A flaw exists in IOHIDFamily due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a crafted application, to gain access to kernel memory layout information.\n (CVE-2016-1748)\n\n - A use-after-free error exists in the kernel that allows an unauthenticated, remote attacker to execute arbitrary code via a crafted application. (CVE-2016-1750)\n\n - A flaw exists in the kernel due to a failure to properly restrict execution permissions. An unauthenticated, remote attacker can exploit this, via a crafted application, to bypass code-signing protection mechanisms. (CVE-2016-1751)\n\n - An unspecified flaw exists in the kernel that allows a local attacker to cause a denial of service via a crafted application. (CVE-2016-1752)\n\n - An integer overflow condition exists in the kernel due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a crafted application, to gain elevated privileges.\n (CVE-2016-1753)\n\n - A memory corruption issue exists in the kernel due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, by convincing a user to install a malicious application, to cause a denial of service or execute arbitrary code.\n CVE-2016-1754)\n\n - A use-after-free error exists in the AppleKeyStore user client when handling multiple threads, which is triggered when one thread closes the user client while another attempts to call an external method. An unauthenticated, remote attacker can exploit this, by convincing a user to install a malicious application, to execute arbitrary code with elevated privileges.\n (CVE-2016-1755)\n\n - A flaw exists in libxml2 due to improper validation of user-supplied input while handling XML content. An unauthenticated, remote attacker can exploit this, via a crafted XML document, to cause a denial of service or to execute arbitrary code. (CVE-2016-1762)\n\n - An out-of-bounds write error exists in TrueTypeScaler due to improper validation of user-supplied input while handling bdat tables in TTF fonts. An unauthenticated, remote attacker can exploit this, via a crafted TTF font, to cause a denial or service or to execute arbitrary code. (CVE-2016-1775)\n\n - A flaw exists in WebKit due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a crafted website, to cause a denial of service or execute arbitrary code.\n (CVE-2016-1783)\n\n - An unspecified flaw exists in the History implementation of WebKit that allows an unauthenticated, remote attacker to cause a denial of service via a crafted website. (CVE-2016-1784)\n\n - A heap buffer overflow condition exists in Mozilla Network Security Services due to improper validation of user-supplied input while parsing ASN.1 structures. An unauthenticated, remote attacker can exploit this, via crafted ASN.1 data in an X.509 certificate, to cause a denial of service or execute arbitrary code.\n (CVE-2016-1950)\n\nNote that only 4th generation models are affected by these vulnerabilities, and this plugin only checks these models.", "cvss3": {"score": 10, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}, "published": "2016-04-01T00:00:00", "type": "nessus", "title": "Apple TV < 9.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2015-8659", "CVE-2016-0801", "CVE-2016-0802", "CVE-2016-1740", "CVE-2016-1748", "CVE-2016-1750", "CVE-2016-1751", "CVE-2016-1752", "CVE-2016-1753", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1762", "CVE-2016-1775", "CVE-2016-1783", "CVE-2016-1784", "CVE-2016-1950"], "modified": "2019-11-19T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "APPLETV_9_2.NASL", "href": "https://www.tenable.com/plugins/nessus/90309", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90309);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/11/19\");\n\n script_cve_id(\n \"CVE-2015-1819\",\n \"CVE-2015-5312\",\n \"CVE-2015-7499\",\n \"CVE-2015-7500\",\n \"CVE-2015-7942\",\n \"CVE-2015-8035\",\n \"CVE-2015-8242\",\n \"CVE-2015-8659\",\n \"CVE-2016-0801\",\n \"CVE-2016-0802\",\n \"CVE-2016-1740\",\n \"CVE-2016-1748\",\n \"CVE-2016-1750\",\n \"CVE-2016-1751\",\n \"CVE-2016-1752\",\n \"CVE-2016-1753\",\n \"CVE-2016-1754\",\n \"CVE-2016-1755\",\n \"CVE-2016-1762\",\n \"CVE-2016-1775\",\n \"CVE-2016-1783\",\n \"CVE-2016-1784\",\n \"CVE-2016-1950\"\n );\n script_bugtraq_id(\n 75570,\n 77390,\n 77681,\n 79507,\n 79509,\n 79536,\n 79562,\n 80438\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-03-21-3\");\n\n script_name(english:\"Apple TV < 9.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the build number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote Apple TV device is a version prior\nto 9.2. It is, therefore, affected by the following vulnerabilities :\n\n - An XML external entity (XXE) expansion flaw exists in\n libxml2 due to the XML parser accepting entities from\n untrusted sources. An unauthenticated, remote attacker\n can exploit this, via crafted XML data, to cause a\n denial of service through resource exhaustion.\n (CVE-2015-1819)\n\n - An XML external entity (XXE) injection flaw exists in\n libxml2 in file parser.c due to the XML parser accepting\n entities from untrusted sources. An unauthenticated,\n remote attacker can exploit this, via crafted XML data,\n to cause a denial of service or to disclose sensitive\n information. (CVE-2015-5312)\n\n - A heap buffer overflow condition exists in libxml2 in\n the xmlGROW() function within file parser.c while\n handling XML data. An unauthenticated, remote attacker\n can exploit this to disclose sensitive information.\n (CVE-2015-7499)\n\n - An out-of-bounds heap read error exists in libxml2 in\n the xmlParseMisc() function within file parser.c while\n handling entity boundaries. An unauthenticated, remote\n attacker can exploit this to cause a denial of service.\n (CVE-2015-7500)\n\n - An out-of-bounds read error exists in libxml2 in the\n xmlParseConditionalSections() function within file\n parser.c due to a failure to properly skip intermediary\n entities when it stops parsing invalid input. An\n unauthenticated, remote attacker can exploit this, via\n crafted XML data, to cause a denial of service.\n (CVE-2015-7942)\n\n - A flaw exists in libxml2 in the xz_decomp() function\n within file xzlib.c due to a failure to properly detect\n compression errors when handling compressed XML content.\n An unauthenticated, remote attacker can exploit this,\n via crafted XML data, to cause an infinite loop,\n resulting in a denial of service.\n (CVE-2015-8035)\n\n - A out-of-bounds read error exists in libxml2 in the\n xmlSAX2TextNode() function within file SAX2.c due to\n improper sanitization of input data. An unauthenticated,\n remote attacker can exploit this, via crafted XML data,\n to cause a denial of service or to disclose sensitive\n information. (CVE-2015-8242)\n\n - A use-after-free error exists in Nghttp2 within file\n lib/nghttp2_session.c when handling idle streams. An\n unauthenticated, remote attacker can exploit this to\n deference already freed memory, allowing the execution\n of arbitrary code. (CVE-2015-8659)\n\n - An overflow condition exists in the Broadcom Wi-Fi\n driver due to improper validation of data while handling\n SSID or WPS_ID_DEVICE_NAME values. An unauthenticated,\n adjacent attacker can exploit this, via a crafted\n wireless control message packet, to cause a denial of\n service or to execute arbitrary code. (CVE-2016-0801)\n\n - An overflow condition exists in the Broadcom Wi-Fi\n driver due to improper validation of user-supplied\n input when handling the packet length of event messages.\n An unauthenticated, adjacent attacker can exploit this,\n via a crafted wireless control message packet, to cause\n a denial of service or to execute arbitrary code.\n (CVE-2016-0802)\n\n - A flaw exists in FontParser due to improper validation\n of user-supplied input when handling encoded fonts that\n contain invalid characters. An unauthenticated, remote\n attacker can exploit this, via a crafted PDF document,\n to corrupt memory, resulting in a denial of service or\n the execution arbitrary code. (CVE-2016-1740)\n\n - A flaw exists in IOHIDFamily due to improper validation\n of user-supplied input. An unauthenticated, remote\n attacker can exploit this, via a crafted application,\n to gain access to kernel memory layout information.\n (CVE-2016-1748)\n\n - A use-after-free error exists in the kernel that allows\n an unauthenticated, remote attacker to execute arbitrary\n code via a crafted application. (CVE-2016-1750)\n\n - A flaw exists in the kernel due to a failure to properly\n restrict execution permissions. An unauthenticated,\n remote attacker can exploit this, via a crafted\n application, to bypass code-signing protection\n mechanisms. (CVE-2016-1751)\n\n - An unspecified flaw exists in the kernel that allows a\n local attacker to cause a denial of service via a\n crafted application. (CVE-2016-1752)\n\n - An integer overflow condition exists in the kernel due\n to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this, via\n a crafted application, to gain elevated privileges.\n (CVE-2016-1753)\n\n - A memory corruption issue exists in the kernel due to\n improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this, by\n convincing a user to install a malicious application,\n to cause a denial of service or execute arbitrary code.\n CVE-2016-1754)\n\n - A use-after-free error exists in the AppleKeyStore user\n client when handling multiple threads, which is\n triggered when one thread closes the user client while\n another attempts to call an external method. An\n unauthenticated, remote attacker can exploit this, by\n convincing a user to install a malicious application, to\n execute arbitrary code with elevated privileges.\n (CVE-2016-1755)\n\n - A flaw exists in libxml2 due to improper validation of\n user-supplied input while handling XML content. An\n unauthenticated, remote attacker can exploit this, via a\n crafted XML document, to cause a denial of service or to\n execute arbitrary code. (CVE-2016-1762)\n\n - An out-of-bounds write error exists in TrueTypeScaler\n due to improper validation of user-supplied input while\n handling bdat tables in TTF fonts. An unauthenticated,\n remote attacker can exploit this, via a crafted TTF\n font, to cause a denial or service or to execute\n arbitrary code. (CVE-2016-1775)\n\n - A flaw exists in WebKit due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this, via a crafted website, to cause a\n denial of service or execute arbitrary code.\n (CVE-2016-1783)\n\n - An unspecified flaw exists in the History implementation\n of WebKit that allows an unauthenticated, remote\n attacker to cause a denial of service via a crafted\n website. (CVE-2016-1784)\n\n - A heap buffer overflow condition exists in Mozilla\n Network Security Services due to improper validation of\n user-supplied input while parsing ASN.1 structures. An\n unauthenticated, remote attacker can exploit this, via\n crafted ASN.1 data in an X.509 certificate, to cause a\n denial of service or execute arbitrary code.\n (CVE-2016-1950)\n\nNote that only 4th generation models are affected by these\nvulnerabilities, and this plugin only checks these models.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT206169\");\n # http://prod.lists.apple.com/archives/security-announce/2016/Mar/msg00002.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5c691f32\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple TV version 9.2 or later. Note that this update is\navailable only for 4th generation models.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8659\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:apple_tv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"appletv_version.nasl\");\n script_require_keys(\"AppleTV/Version\", \"AppleTV/URL\", \"AppleTV/Port\");\n script_require_ports(\"Services/www\", 7000);\n\n exit(0);\n}\n\ninclude(\"appletv_func.inc\");\ninclude(\"audit.inc\");\n\nurl = get_kb_item('AppleTV/URL');\nif (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');\nport = get_kb_item('AppleTV/Port');\nif (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');\n\nbuild = get_kb_item('AppleTV/Version');\nif (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');\n\nmodel = get_kb_item('AppleTV/Model');\nif (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');\n\n# fix\nfixed_build = \"13Y234\";\ntvos_ver = \"9.2\"; # for reporting purposes only\n\n# determine gen from the model\ngen = APPLETV_MODEL_GEN[model];\n\nappletv_check_version(\n build : build,\n fix : fixed_build,\n affected_gen : 4,\n fix_tvos_ver : tvos_ver,\n model : model,\n gen : gen,\n severity : SECURITY_HOLE,\n port : port,\n url : url\n);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:41:36", "description": "Versions of Apple TV earlier than 9.2 are unpatched for vulnerabilities in the following components :\n\n - FontParser (CVE-2016-1740)\n - HTTPProtocol (CVE-2015-8659)\n - IOHIDFamily (CVE-2016-1748)\n - Kernel (CVE-2016-1750)\n - Kernel (CVE-2016-1753)\n - Kernel (CVE-2016-1751)\n - Kernel (CVE-2016-1754, CVE-2016-1755)\n - Kernel (CVE-2016-1752)\n - libxml2 (CVE-2015-1819, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500, CVE-2015-7942, CVE-2015-8035, CVE-2015-8242, CVE-2016-1762)\n - Security (CVE-2016-1950)\n - TrueTypeScaler (CVE-2016-1775)\n - WebKit (CVE-2016-1783)\n - WebKit History (CVE-2016-1784)\n - Wi-Fi (CVE-2016-0801, CVE-2016-0802)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-05-27T00:00:00", "type": "nessus", "title": "Apple TV < 9.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2016-1950", "CVE-2016-1762", "CVE-2016-0801", "CVE-2016-1740", "CVE-2015-8659", "CVE-2016-1748", "CVE-2016-1750", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1753", "CVE-2016-1752", "CVE-2016-1775", "CVE-2016-0802", "CVE-2016-1751", "CVE-2016-1783", "CVE-2016-1784"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:apple_tv:*:*:*:*:*:*:*:*"], "id": "9336.PRM", "href": "https://www.tenable.com/plugins/nnm/9336", "sourceData": "Binary data 9336.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:41:35", "description": "The remote host is running a version of iOS that is prior to version 9.3 and the following components contain vulnerabilities :\n\n - AppleUSBNetworking\n - FontParser\n - HTTPProtocol\n - IOHIDFamily\n - Kernel\n - LaunchServices\n - libxml2\n - Messages\n - Profiles\n - Security\n - TrueTypeScaler\n - WebKit\n - Wi-Fi", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-05-26T00:00:00", "type": "nessus", "title": "Apple iOS < 9.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1757", "CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2016-1950", "CVE-2016-1762", "CVE-2016-0801", "CVE-2016-1734", "CVE-2016-1740", "CVE-2015-8659", "CVE-2016-1748", "CVE-2016-1750", "CVE-2016-1756", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1758", "CVE-2016-1753", "CVE-2016-1752", "CVE-2016-1761", "CVE-2016-1788", "CVE-2016-1775", "CVE-2016-0802", "CVE-2016-1751", "CVE-2016-1783", "CVE-2016-1784", "CVE-2016-1781", "CVE-2016-1778", "CVE-2016-1782", "CVE-2016-1779", "CVE-2016-1785", "CVE-2016-1786", "CVE-2016-1760", "CVE-2016-1763", "CVE-2016-1766", "CVE-2016-1780"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "9331.PRM", "href": "https://www.tenable.com/plugins/nnm/9331", "sourceData": "Binary data 9331.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-16T15:57:21", "description": "The mobile device is running a version of iOS prior to version 9.3. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - AppleUSBNetworking\n - FontParser\n - HTTPProtocol\n - IOHIDFamily\n - Kernel\n - LaunchServices\n - libxml2\n - Messages\n - Profiles\n - Security\n - TrueTypeScaler\n - WebKit\n - Wi-Fi", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-23T00:00:00", "type": "nessus", "title": "Apple iOS < 9.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2015-8659", "CVE-2016-0801", "CVE-2016-0802", "CVE-2016-1734", "CVE-2016-1740", "CVE-2016-1748", "CVE-2016-1750", "CVE-2016-1751", "CVE-2016-1752", "CVE-2016-1753", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1756", "CVE-2016-1757", "CVE-2016-1758", "CVE-2016-1760", "CVE-2016-1761", "CVE-2016-1762", "CVE-2016-1763", "CVE-2016-1766", "CVE-2016-1775", "CVE-2016-1778", "CVE-2016-1779", "CVE-2016-1780", "CVE-2016-1781", "CVE-2016-1782", "CVE-2016-1783", "CVE-2016-1784", "CVE-2016-1785", "CVE-2016-1786", "CVE-2016-1788", "CVE-2016-1950"], "modified": "2022-08-15T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_93_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/90118", "sourceData": "Binary data apple_ios_93_check.nbin", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:41:35", "description": "The remote host is running a version of Mac OS X version 10.11.x prior to 10.11.4 and is affected by multiple vulnerabilities in the following components :\n\n - apache_mod_php\n - AppleRAID\n - AppleUSBNetworking\n - Bluetooth\n - Carbon\n - dyld\n - FontParser\n - HTTPProtocol\n - Intel Graphics Driver\n - IOFireWireFamily\n - IOGraphics\n - IOHIDFamily\n - IOUSBFamily\n - Kernel\n - libxml2\n - Messages\n - NVIDIA Graphics Drivers\n - OpenSSH\n - OpenSSL\n - Python\n - QuickTime\n - Reminders\n - Ruby\n - Security\n - Tcl\n - TrueTypeScaler\n - Wi-Fi\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-05-27T00:00:00", "type": "nessus", "title": "Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1757", "CVE-2014-9495", "CVE-2015-0973", "CVE-2015-3195", "CVE-2015-8126", "CVE-2015-8472", "CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2016-1950", "CVE-2016-0777", "CVE-2016-0778", "CVE-2016-1762", "CVE-2015-7551", "CVE-2016-0801", "CVE-2016-1733", "CVE-2016-1732", "CVE-2016-1734", "CVE-2016-1735", "CVE-2016-1736", "CVE-2016-1737", "CVE-2016-1738", "CVE-2016-1740", "CVE-2015-8659", "CVE-2016-1743", "CVE-2016-1744", "CVE-2016-1745", "CVE-2016-1746", "CVE-2016-1747", "CVE-2016-1748", "CVE-2016-1749", "CVE-2016-1750", "CVE-2016-1756", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1759", "CVE-2016-1758", "CVE-2016-1753", "CVE-2016-1752", "CVE-2016-1761", "CVE-2016-1764", "CVE-2016-1788", "CVE-2016-1741", "CVE-2016-1767", "CVE-2016-1768", "CVE-2016-1769", "CVE-2016-1770", "CVE-2016-1773", "CVE-2016-1775", "CVE-2016-0802"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "9327.PRM", "href": "https://www.tenable.com/plugins/nnm/9327", "sourceData": "Binary data 9327.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-08T14:49:57", "description": "The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.4. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - apache_mod_php\n - AppleRAID\n - AppleUSBNetworking\n - Bluetooth\n - Carbon\n - dyld\n - FontParser\n - HTTPProtocol\n - Intel Graphics Driver\n - IOFireWireFamily\n - IOGraphics\n - IOHIDFamily\n - IOUSBFamily\n - Kernel\n - libxml2\n - Messages\n - NVIDIA Graphics Drivers\n - OpenSSH\n - OpenSSL\n - Python\n - QuickTime\n - Reminders\n - Ruby\n - Security\n - Tcl\n - TrueTypeScaler\n - Wi-Fi\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-22T00:00:00", "type": "nessus", "title": "Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9495", "CVE-2015-0973", "CVE-2015-1819", "CVE-2015-3195", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7551", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8126", "CVE-2015-8242", "CVE-2015-8472", "CVE-2015-8659", "CVE-2016-0777", "CVE-2016-0778", "CVE-2016-0801", "CVE-2016-0802", "CVE-2016-1732", "CVE-2016-1733", "CVE-2016-1734", "CVE-2016-1735", "CVE-2016-1736", "CVE-2016-1737", "CVE-2016-1738", "CVE-2016-1740", "CVE-2016-1741", "CVE-2016-1743", "CVE-2016-1744", "CVE-2016-1745", "CVE-2016-1746", "CVE-2016-1747", "CVE-2016-1748", "CVE-2016-1749", "CVE-2016-1750", "CVE-2016-1752", "CVE-2016-1753", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1756", "CVE-2016-1757", "CVE-2016-1758", "CVE-2016-1759", "CVE-2016-1761", "CVE-2016-1762", "CVE-2016-1764", "CVE-2016-1767", "CVE-2016-1768", "CVE-2016-1769", "CVE-2016-1770", "CVE-2016-1773", "CVE-2016-1775", "CVE-2016-1788", "CVE-2016-1950"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_11_4.NASL", "href": "https://www.tenable.com/plugins/nessus/90096", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90096);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2014-9495\",\n \"CVE-2015-0973\",\n \"CVE-2015-1819\",\n \"CVE-2015-3195\",\n \"CVE-2015-5312\",\n \"CVE-2015-7499\",\n \"CVE-2015-7500\",\n \"CVE-2015-7551\",\n \"CVE-2015-7942\",\n \"CVE-2015-8035\",\n \"CVE-2015-8126\",\n \"CVE-2015-8242\",\n \"CVE-2015-8472\",\n \"CVE-2015-8659\",\n \"CVE-2016-0777\",\n \"CVE-2016-0778\",\n \"CVE-2016-0801\",\n \"CVE-2016-0802\",\n \"CVE-2016-1732\",\n \"CVE-2016-1733\",\n \"CVE-2016-1734\",\n \"CVE-2016-1735\",\n \"CVE-2016-1736\",\n \"CVE-2016-1737\",\n \"CVE-2016-1738\",\n \"CVE-2016-1740\",\n \"CVE-2016-1741\",\n \"CVE-2016-1743\",\n \"CVE-2016-1744\",\n \"CVE-2016-1745\",\n \"CVE-2016-1746\",\n \"CVE-2016-1747\",\n \"CVE-2016-1748\",\n \"CVE-2016-1749\",\n \"CVE-2016-1750\",\n \"CVE-2016-1752\",\n \"CVE-2016-1753\",\n \"CVE-2016-1754\",\n \"CVE-2016-1755\",\n \"CVE-2016-1756\",\n \"CVE-2016-1757\",\n \"CVE-2016-1758\",\n \"CVE-2016-1759\",\n \"CVE-2016-1761\",\n \"CVE-2016-1762\",\n \"CVE-2016-1764\",\n \"CVE-2016-1767\",\n \"CVE-2016-1768\",\n \"CVE-2016-1769\",\n \"CVE-2016-1770\",\n \"CVE-2016-1773\",\n \"CVE-2016-1775\",\n \"CVE-2016-1788\",\n \"CVE-2016-1950\"\n );\n script_bugtraq_id(\n 71820,\n 71994,\n 75570,\n 77390,\n 77568,\n 77681,\n 78624,\n 78626,\n 79507,\n 79509,\n 79536,\n 79562,\n 80438,\n 80695,\n 80698\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-03-21-5\");\n\n script_name(english:\"Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Mac OS X.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X that is 10.11.x prior\nto 10.11.4. It is, therefore, affected by multiple vulnerabilities in\nthe following components :\n\n - apache_mod_php\n - AppleRAID\n - AppleUSBNetworking\n - Bluetooth\n - Carbon\n - dyld\n - FontParser\n - HTTPProtocol\n - Intel Graphics Driver\n - IOFireWireFamily\n - IOGraphics\n - IOHIDFamily\n - IOUSBFamily\n - Kernel\n - libxml2\n - Messages\n - NVIDIA Graphics Drivers\n - OpenSSH\n - OpenSSL\n - Python\n - QuickTime\n - Reminders\n - Ruby\n - Security\n - Tcl\n - TrueTypeScaler\n - Wi-Fi\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT206167\");\n # http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6c87f79a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X version 10.11.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1761\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os)\n audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70)\n exit(1, \"Cannot determine the host's OS with sufficient confidence.\");\n}\nif (!os)\n audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nmatch = eregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (isnull(match)) exit(1, \"Failed to parse the Mac OS X version ('\" + os + \"').\");\n\nversion = match[1];\n\nif (\n version !~ \"^10\\.11([^0-9]|$)\"\n) audit(AUDIT_OS_NOT, \"Mac OS X 10.11 or later\", \"Mac OS X \"+version);\n\nfix = \"10.11.4\";\nif (ver_compare(ver:version, fix:fix, strict:FALSE) == -1)\n{\n items = make_array(\"Installed version\", version,\n \"Fixed version\", fix\n );\n order = make_list(\"Installed version\", \"Fixed version\");\n report = report_items_str(report_items:items, ordered_fields:order);\n\n security_report_v4(port:0, extra:report, severity:SECURITY_HOLE);\n exit(0);\n\n }\nelse\n audit(AUDIT_INST_VER_NOT_VULN, \"Mac OS X\", version);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2021-07-28T14:34:03", "description": "Arch Linux Security Advisory ASA-201810-4\n=========================================\n\nSeverity: Medium\nDate : 2018-10-01\nCVE-ID : CVE-2018-9251\nPackage : lib32-libxml2\nType : denial of service\nRemote : Yes\nLink : https://security.archlinux.org/AVG-673\n\nSummary\n=======\n\nThe package lib32-libxml2 before version 2.9.8-4 is vulnerable to\ndenial of service.\n\nResolution\n==========\n\nUpgrade to 2.9.8-4.\n\n# pacman -Syu \"lib32-libxml2>=2.9.8-4\"\n\nThe problem has been fixed upstream but no release is available yet.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nA security issue has been found in libxml2 <= 2.9.8 compiled with LZMA\nsupport enabled, in the xz_decomp function in xzlib.c. This flaw allows\na remote attacker to cause a denial of service via an infinite loop,\nusing a crafted XML payload that triggers LZMA_MEMLIMIT_ERROR.\n\nImpact\n======\n\nA remote attacker is able to cause a denial of service by parsing a\nspecially crafted XML payload.\n\nReferences\n==========\n\nhttps://bugzilla.gnome.org/show_bug.cgi?id=794914\nhttps://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74\nhttps://security.archlinux.org/CVE-2018-9251", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-01T00:00:00", "type": "archlinux", "title": "[ASA-201810-4] lib32-libxml2: denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9251"], "modified": "2018-10-01T00:00:00", "id": "ASA-201810-4", "href": "https://security.archlinux.org/ASA-201810-4", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:34:03", "description": "Arch Linux Security Advisory ASA-201810-3\n=========================================\n\nSeverity: Medium\nDate : 2018-10-01\nCVE-ID : CVE-2018-9251\nPackage : libxml2\nType : denial of service\nRemote : Yes\nLink : https://security.archlinux.org/AVG-672\n\nSummary\n=======\n\nThe package libxml2 before version 2.9.8-5 is vulnerable to denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 2.9.8-5.\n\n# pacman -Syu \"libxml2>=2.9.8-5\"\n\nThe problem has been fixed upstream but no release is available yet.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nA security issue has been found in libxml2 <= 2.9.8 compiled with LZMA\nsupport enabled, in the xz_decomp function in xzlib.c. This flaw allows\na remote attacker to cause a denial of service via an infinite loop,\nusing a crafted XML payload that triggers LZMA_MEMLIMIT_ERROR.\n\nImpact\n======\n\nA remote attacker is able to cause a denial of service by parsing a\nspecially crafted XML payload.\n\nReferences\n==========\n\nhttps://bugzilla.gnome.org/show_bug.cgi?id=794914\nhttps://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74\nhttps://security.archlinux.org/CVE-2018-9251", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-01T00:00:00", "type": "archlinux", "title": "[ASA-201810-3] libxml2: denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9251"], "modified": "2018-10-01T00:00:00", "id": "ASA-201810-3", "href": "https://security.archlinux.org/ASA-201810-3", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2016-09-02T18:44:43", "description": "- CVE-2015-1819 (denial of service)\n\nA denial of service flaw was found in the way the libxml2 library parsed\ncertain XML files. An attacker could provide a specially crafted XML\nfile that, when parsed by an application using libxml2, could cause that\napplication to use an excessive amount of memory.\n\n- CVE-2015-5312 (denial of service)\n\nA denial of service flaw was found that is leading to CPU exhaustion\nwhen processing specially crafted XML input. The issue was within\ndetecting entities expansions in certain situations.\n\n- CVE-2015-7941 (denial of service)\n\nIt has been discovered that libxml2 does not properly stop parsing\ninvalid input, which allows context-dependent attackers to cause a\ndenial of service (out-of-bounds read and libxml2 crash) via crafted XML\ndata to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections\nfunction in parser.c, as demonstrated by non-terminated entities.\n\n- CVE-2015-7942 (denial of service)\n\nThe xmlParseConditionalSections function in parser.c in libxml2 does not\nproperly skip intermediary entities when it stops parsing invalid input,\nwhich allows context-dependent attackers to cause a denial of service\n(out-of-bounds read and crash) via crafted XML data.\n\n- CVE-2015-7497 (buffer overflow)\n\nA heap-based buffer overflow has been discovered in\nxmlDictComputeFastQKey. It was possible to hit a negative offset in the\nname indexing used to randomize the dictionary key generation.\n\n- CVE-2015-7498 (buffer overflow)\n\nA Heap-based buffer overflow was found in xmlParseXmlDecl. When\nconversion failure happens, parser continues to extract more errors\nwhich may lead to unexpected behavior.\n\n- CVE-2015-7499 (buffer overflow)\n\nA heap-based buffer overflow was found in xmlGROW allowing the attacker\nto read the memory out of bounds.\n\n- CVE-2015-7500 (buffer overflow)\n\nA Heap-based buffer overflow has been discovered in xmlParseMisc when\nnot properly handling the case where the parser popped out of the\ncurrent entity while processing a start tag.\n\n- CVE-2015-8035 (denial of service)\n\nA denial of service vulnerability has been discovered when parsing\nspecially crafted XML document while XZ support is enabled. The\nxz_decomp function in xzlib.c did not properly detect compression\nerrors, which allows context-dependent attackers to cause a denial of\nservice (process hang) via crafted XML data.\n\n- CVE-2015-8242 (buffer overflow)\n\nA stack buffer overflow has been discovered in push mode in\nxmlSAX2TextNode. It is possible to have an input cause out of bounds\nmemory to be returned to userspace through the use of libxml2, which\ncould be used to cause denial of service attacks, or gain sensitive\ninformation.", "edition": 2, "cvss3": {}, "published": "2015-12-09T00:00:00", "type": "archlinux", "title": "libxml2: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7497", "CVE-2015-7941", "CVE-2015-7498", "CVE-2015-5312", "CVE-2015-7500", "CVE-2015-8242", "CVE-2015-1819", "CVE-2015-7499", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2015-12-09T00:00:00", "id": "ASA-201512-6", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "veracode": [{"lastseen": "2022-07-27T10:58:01", "description": "libxml2 is vulnerable to denial of service (DoS). The vulnerability exists through an infinite loop in xz_decomp function in xzlib.c.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-04-29T02:42:19", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9251"], "modified": "2022-04-19T18:33:31", "id": "VERACODE:25098", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-25098/summary", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:34", "description": "[2.9.7-7.0.1]\n- Update doc/redhat.gif in tarball\n- Add libxml2-oracle-enterprise.patch and update logos in tarball\n[2.9.7-7]\n- Fix CVE-2018-14404 (#1595989)\n[2.9.7-6]\n- Fix CVE-2018-9251 (#1565322)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2020-05-05T00:00:00", "type": "oraclelinux", "title": "libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14404", "CVE-2018-9251"], "modified": "2020-05-05T00:00:00", "id": "ELSA-2020-1827", "href": "http://linux.oracle.com/errata/ELSA-2020-1827.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:24:38", "description": "[2.9.1-6.0.1.4]\n- Update doc/redhat.gif in tarball\n- Add libxml2-oracle-enterprise.patch and update logos in tarball\n[2.9.1-6.4]\n- Fix CVE-2015-8035 (#1595697)\n- Fix CVE-2018-14404 (#1602817)\n- Fix CVE-2017-15412 (#1729857)\n- Fix CVE-2016-5131 (#1714050)\n- Fix CVE-2017-18258 (#1579211)\n- Fix CVE-2018-1456 (#1622715)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-04-06T00:00:00", "type": "oraclelinux", "title": "libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-1456", "CVE-2018-14567"], "modified": "2020-04-06T00:00:00", "id": "ELSA-2020-1190", "href": "http://linux.oracle.com/errata/ELSA-2020-1190.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:32:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-07T00:00:00", "type": "openvas", "title": "Fedora Update for libxml2 FEDORA-2018-3b782350ff", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-9251"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874903", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874903", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_3b782350ff_libxml2_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libxml2 FEDORA-2018-3b782350ff\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874903\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-07 06:05:24 +0200 (Tue, 07 Aug 2018)\");\n script_cve_id(\"CVE-2018-14404\", \"CVE-2018-9251\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libxml2 FEDORA-2018-3b782350ff\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxml2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\npresent on the target host.\");\n script_tag(name:\"affected\", value:\"libxml2 on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-3b782350ff\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G5AFZARX7BUSU24J2MJ4AHX5OE47UXQA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.8~4.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-10T00:00:00", "type": "openvas", "title": "Fedora Update for libxml2 FEDORA-2018-e198cf4a64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-9251"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874921", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874921", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_e198cf4a64_libxml2_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libxml2 FEDORA-2018-e198cf4a64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874921\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-10 06:27:09 +0200 (Fri, 10 Aug 2018)\");\n script_cve_id(\"CVE-2018-14404\", \"CVE-2018-9251\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libxml2 FEDORA-2018-e198cf4a64\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxml2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libxml2 on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-e198cf4a64\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5AFXFHKUDFZEHTMUDJLFYGVCUAZKGKC7\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.8~4.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T17:39:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for libxml2 (openSUSE-SU-2018:3110-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852042", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852042", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852042\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-14404\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:37:10 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for libxml2 (openSUSE-SU-2018:3110-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3110-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00029.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxml2'\n package(s) announced via the openSUSE-SU-2018:3110-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libxml2 fixes the following security issues:\n\n - CVE-2018-9251: The xz_decomp function allowed remote attackers to cause\n a denial of service (infinite loop) via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279)\n\n - CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted\n XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n (bsc#1105166)\n\n - CVE-2018-14404: Prevent NULL pointer dereference in the\n xmlXPathCompOpEval() function when parsing an invalid XPath expression\n in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service\n attack (bsc#1102046)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1150=1\");\n\n script_tag(name:\"affected\", value:\"libxml2 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-2\", rpm:\"libxml2-2~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-2-debuginfo\", rpm:\"libxml2-2-debuginfo~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-debugsource\", rpm:\"libxml2-debugsource~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-tools\", rpm:\"libxml2-tools~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-tools-debuginfo\", rpm:\"libxml2-tools-debuginfo~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-libxml2-python-debugsource\", rpm:\"python-libxml2-python-debugsource~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-libxml2-python\", rpm:\"python2-libxml2-python~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-libxml2-python-debuginfo\", rpm:\"python2-libxml2-python-debuginfo~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-libxml2-python\", rpm:\"python3-libxml2-python~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-libxml2-python-debuginfo\", rpm:\"python3-libxml2-python-debuginfo~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-2-32bit\", rpm:\"libxml2-2-32bit~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-2-32bit-debuginfo\", rpm:\"libxml2-2-32bit-debuginfo~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel-32bit\", rpm:\"libxml2-devel-32bit~2.9.7~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:40:37", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-2491)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14567", "CVE-2017-5969", "CVE-2017-8872", "CVE-2018-9251", "CVE-2017-9048", "CVE-2017-0663", "CVE-2017-18258", "CVE-2015-8035"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192491", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192491", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2491\");\n script_version(\"2020-01-23T13:01:26+0000\");\n script_cve_id(\"CVE-2015-8035\", \"CVE-2017-0663\", \"CVE-2017-18258\", \"CVE-2017-5969\", \"CVE-2017-8872\", \"CVE-2017-9048\", \"CVE-2018-14567\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:01:26 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:01:26 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-2491)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2491\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2491\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libxml2' package(s) announced via the EulerOS-SA-2019-2491 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.(CVE-2017-0663)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.(CVE-2018-14567)\n\nThe htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.(CVE-2017-8872)\n\nlibxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 size. This vulnerability causes programs that use libxml2, such as PHP, to crash.(CVE-2017-9048)\n\nThe xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.(CVE-2015-8035)\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.(CVE-2017-18258)\n\n** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states 'I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.'(CVE-2017-5969)\");\n\n script_tag(name:\"affected\", value:\"'libxml2' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.1~6.3.h18\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.9.1~6.3.h18\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-python\", rpm:\"libxml2-python~2.9.1~6.3.h18\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-23T14:57:09", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-19T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2020-1268)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14567", "CVE-2017-9049", "CVE-2017-8872", "CVE-2018-9251", "CVE-2017-9048", "CVE-2016-1839", "CVE-2015-8035", "CVE-2017-9050"], "modified": "2020-03-19T00:00:00", "id": "OPENVAS:1361412562311220201268", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201268", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1268\");\n script_version(\"2020-03-19T13:43:01+0000\");\n script_cve_id(\"CVE-2017-8872\", \"CVE-2017-9048\", \"CVE-2017-9049\", \"CVE-2017-9050\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-19 13:43:01 +0000 (Thu, 19 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-19 13:43:01 +0000 (Thu, 19 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2020-1268)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1268\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1268\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libxml2' package(s) announced via the EulerOS-SA-2020-1268 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.(CVE-2017-9050)\n\nlibxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.(CVE-2017-9049)\n\nlibxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 size. This vulnerability causes programs that use libxml2, such as PHP, to crash.(CVE-2017-9048)\n\nThe htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.(CVE-2017-8872)\n\nThe xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.(CVE-2018-9251)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.(CVE-2018-14567)\");\n\n script_tag(name:\"affected\", value:\"'libxml2' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.1~6.3.h17\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.9.1~6.3.h17\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-python\", rpm:\"libxml2-python~2.9.1~6.3.h17\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-01-31T17:39:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-13T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for libxml2 (openSUSE-SU-2018:3107-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251", "CVE-2017-18258"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851931", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851931", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851931\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-13 06:53:40 +0200 (Sat, 13 Oct 2018)\");\n script_cve_id(\"CVE-2017-18258\", \"CVE-2018-14404\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for libxml2 (openSUSE-SU-2018:3107-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxml2'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libxml2 fixes the following security issues:\n\n - CVE-2018-9251: The xz_decomp function allowed remote attackers to cause\n a denial of service (infinite loop) via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279).\n\n - CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted\n XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n (bsc#1105166).\n\n - CVE-2018-14404: Prevent NULL pointer dereference in the\n xmlXPathCompOpEval() function when parsing an invalid XPath expression\n in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service\n attack (bsc#1102046).\n\n - CVE-2017-18258: The xz_head function allowed remote attackers to cause a\n denial of service (memory consumption) via a crafted LZMA file, because\n the decoder functionality did not restrict memory usage to what is\n required for a legitimate file (bsc#1088601).\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-1149=1\");\n\n script_tag(name:\"affected\", value:\"libxml2 on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3107-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00026.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-2\", rpm:\"libxml2-2~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-2-debuginfo\", rpm:\"libxml2-2-debuginfo~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-debugsource\", rpm:\"libxml2-debugsource~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-tools\", rpm:\"libxml2-tools~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-tools-debuginfo\", rpm:\"libxml2-tools-debuginfo~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-libxml2\", rpm:\"python-libxml2~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-libxml2-debuginfo\", rpm:\"python-libxml2-debuginfo~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-libxml2-debugsource\", rpm:\"python-libxml2-debugsource~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-2-32bit\", rpm:\"libxml2-2-32bit~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-2-debuginfo-32bit\", rpm:\"libxml2-2-debuginfo-32bit~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel-32bit\", rpm:\"libxml2-devel-32bit~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.9.4~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T20:06:50", "description": "CVE-2018-14404\nFix of a NULL pointer dereference which might result in a crash and\nthus in a denial of service.\n\nCVE-2018-14567 and CVE-2018-9251\nApproval in LZMA error handling which prevents an infinite loop.\n\nCVE-2017-18258\nLimit available memory to 100MB to avoid exhaustive memory\nconsumption by malicious files.", "cvss3": {}, "published": "2018-09-28T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for libxml2 (DLA-1524-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251", "CVE-2017-18258"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891524", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891524", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891524\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-18258\", \"CVE-2018-14404\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n script_name(\"Debian LTS: Security Advisory for libxml2 (DLA-1524-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-09-28 00:00:00 +0200 (Fri, 28 Sep 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"libxml2 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2.9.1+dfsg1-5+deb8u7.\n\nWe recommend that you upgrade your libxml2 packages.\");\n\n script_tag(name:\"summary\", value:\"CVE-2018-14404\nFix of a NULL pointer dereference which might result in a crash and\nthus in a denial of service.\n\nCVE-2018-14567 and CVE-2018-9251\nApproval in LZMA error handling which prevents an infinite loop.\n\nCVE-2017-18258\nLimit available memory to 100MB to avoid exhaustive memory\nconsumption by malicious files.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libxml2\", ver:\"2.9.1+dfsg1-5+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxml2-dbg\", ver:\"2.9.1+dfsg1-5+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxml2-dev\", ver:\"2.9.1+dfsg1-5+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxml2-doc\", ver:\"2.9.1+dfsg1-5+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxml2-utils\", ver:\"2.9.1+dfsg1-5+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxml2-utils-dbg\", ver:\"2.9.1+dfsg1-5+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-libxml2\", ver:\"2.9.1+dfsg1-5+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-libxml2-dbg\", ver:\"2.9.1+dfsg1-5+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:37:38", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-2626)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2017-5969", "CVE-2017-9049", "CVE-2017-8872", "CVE-2018-9251", "CVE-2017-9048", "CVE-2017-18258", "CVE-2015-8035"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192626", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192626", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2626\");\n script_version(\"2020-01-23T13:10:04+0000\");\n script_cve_id(\"CVE-2015-8035\", \"CVE-2017-18258\", \"CVE-2017-5969\", \"CVE-2017-8872\", \"CVE-2017-9048\", \"CVE-2017-9049\", \"CVE-2018-14404\", \"CVE-2018-14567\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:10:04 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:10:04 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-2626)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2626\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2626\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libxml2' package(s) announced via the EulerOS-SA-2019-2626 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states 'I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.'(CVE-2017-5969)\n\nA NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.(CVE-2018-14404)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.(CVE-2018-14567)\n\nlibxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.(CVE-2017-9049)\n\nlibxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 size. This vulnerability causes programs that use libxml2, such as PHP, to crash.(CVE-2017-9048)\n\nThe htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.(CVE-2017-8872)\n\nThe xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.(CVE-2015-8035)\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.(CVE-2017-18258)\");\n\n script_tag(name:\"affected\", value:\"'libxml2' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.1~6.3.h17\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.9.1~6.3.h17\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-python\", rpm:\"libxml2-python~2.9.1~6.3.h17\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:52", "description": "Mageia Linux Local Security Checks mgasa-2015-0433", "cvss3": {}, "published": "2015-11-08T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0433", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8035"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310131110", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131110", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0433.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131110\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-11-08 13:02:06 +0200 (Sun, 08 Nov 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0433\");\n script_tag(name:\"insight\", value:\"A denial of service in libxml2 when parsing a specially crafted XML file if XZ support is enabled may cause applications to hang as the parsing never terminates (CVE-2015-8035)\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0433.html\");\n script_cve_id(\"CVE-2015-8035\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0433\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.1~11.3.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:35:25", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-2211)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14567", "CVE-2017-5969", "CVE-2017-9049", "CVE-2017-8872", "CVE-2018-9251", "CVE-2017-9048", "CVE-2016-1839", "CVE-2015-8806", "CVE-2015-8035", "CVE-2017-9050"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192211", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192211", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2211\");\n script_version(\"2020-01-23T12:39:57+0000\");\n script_cve_id(\"CVE-2015-8806\", \"CVE-2017-5969\", \"CVE-2017-8872\", \"CVE-2017-9048\", \"CVE-2017-9049\", \"CVE-2017-9050\", \"CVE-2018-14567\", \"CVE-2018-9251\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:39:57 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:39:57 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-2211)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2211\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2211\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libxml2' package(s) announced via the EulerOS-SA-2019-2211 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the '!DOCTYPE html' substring in a crafted HTML document.(CVE-2015-8806)\n\nlibxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states 'I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.'(CVE-2017-5969)\n\nThe htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.(CVE-2017-8872)\n\nlibxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 size. This vulnerability causes programs that use libxml2, such as PHP, to crash.(CVE-2017-9048)\n\nlibxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.(CVE-2017-9049)\n\nlibxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.(CVE-2017-9050)\n\nThe xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.(CVE-2018-9251)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.(CVE-2018-14567)\");\n\n script_tag(name:\"affected\", value:\"'libxml2' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.1~6.3.h20.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.9.1~6.3.h20.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-python\", rpm:\"libxml2-python~2.9.1~6.3.h20.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-libxml2 FEDORA-2016-189", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310807268", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807268", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-libxml2 FEDORA-2016-189\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807268\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-17 06:25:35 +0100 (Wed, 17 Feb 2016)\");\n script_cve_id(\"CVE-2015-8035\", \"CVE-2015-7942\", \"CVE-2015-7941\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-libxml2 FEDORA-2016-189\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-libxml2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-libxml2 on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-189\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-libxml2\", rpm:\"mingw-libxml2~2.9.3~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:50", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-1316)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2017-18258", "CVE-2015-8035"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191316", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191316", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1316\");\n script_version(\"2020-01-23T11:39:12+0000\");\n script_cve_id(\"CVE-2015-8035\", \"CVE-2017-18258\", \"CVE-2018-14404\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:39:12 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:39:12 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-1316)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1316\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1316\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libxml2' package(s) announced via the EulerOS-SA-2019-1316 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A null pointer dereference vulnerability exists in the xpath function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.(CVE-2018-14404)\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.(CVE-2017-18258)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.(CVE-2015-8035)\");\n\n script_tag(name:\"affected\", value:\"'libxml2' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.1~6.3.h15.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.9.1~6.3.h15.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-python\", rpm:\"libxml2-python~2.9.1~6.3.h15.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-11-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for libxml2 USN-2812-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7941", "CVE-2015-1819", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842535", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842535", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for libxml2 USN-2812-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842535\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-17 05:31:05 +0100 (Tue, 17 Nov 2015)\");\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for libxml2 USN-2812-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxml2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Florian Weimer discovered that libxml2\nincorrectly handled certain XML data. If a user or automated system were tricked\ninto opening a specially crafted document, an attacker could possibly cause resource\nconsumption, resulting in a denial of service. This issue only affected\nUbuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-1819)\n\nMichal Zalewski discovered that libxml2 incorrectly handled certain XML\ndata. If a user or automated system were tricked into opening a specially\ncrafted document, an attacker could possibly cause libxml2 to crash,\nresulting in a denial of service. This issue only affected\nUbuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-7941)\n\nKostya Serebryany discovered that libxml2 incorrectly handled certain XML\ndata. If a user or automated system were tricked into opening a specially\ncrafted document, an attacker could possibly cause libxml2 to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-7942)\n\nGustavo Grieco discovered that libxml2 incorrectly handled certain XML\ndata. If a user or automated system were tricked into opening a specially\ncrafted document, an attacker could possibly cause libxml2 to crash,\nresulting in a denial of service. This issue only affected\nUbuntu 14.04 LTS. (CVE-2015-8035)\");\n script_tag(name:\"affected\", value:\"libxml2 on Ubuntu 15.10,\n Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2812-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2812-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.9.2+dfsg1-3ubuntu0.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.9.2+dfsg1-3ubuntu0.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.9.1+dfsg1-3ubuntu4.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.9.1+dfsg1-3ubuntu4.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxml2\", ver:\"2.7.8.dfsg-5.1ubuntu4.12\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.9.2+zdfsg1-4ubuntu0.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.9.2+zdfsg1-4ubuntu0.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:25", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-1559)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2017-18258", "CVE-2012-2807", "CVE-2015-8035"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191559", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1559\");\n script_version(\"2020-01-23T12:15:01+0000\");\n script_cve_id(\"CVE-2012-2807\", \"CVE-2015-8035\", \"CVE-2017-18258\", \"CVE-2018-14404\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:15:01 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:15:01 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-1559)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1559\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1559\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libxml2' package(s) announced via the EulerOS-SA-2019-1559 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.CVE-2012-2807\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.CVE-2015-8035\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.CVE-2017-18258\n\nA NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.CVE-2018-14404\");\n\n script_tag(name:\"affected\", value:\"'libxml2' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.1~6.3.h14\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.9.1~6.3.h14\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-python\", rpm:\"libxml2-python~2.9.1~6.3.h14\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "openvas", "title": "Fedora Update for libxml2 FEDORA-2015-037", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7497", "CVE-2015-7941", "CVE-2015-7498", "CVE-2015-5312", "CVE-2015-7500", "CVE-2015-8242", "CVE-2015-1819", "CVE-2015-7499", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310806792", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806792", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libxml2 FEDORA-2015-037\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806792\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-01 06:12:35 +0100 (Tue, 01 Dec 2015)\");\n script_cve_id(\"CVE-2015-8242\", \"CVE-2015-7500\", \"CVE-2015-7499\", \"CVE-2015-5312\",\n \"CVE-2015-7498\", \"CVE-2015-7497\", \"CVE-2015-1819\", \"CVE-2015-7941\",\n \"CVE-2015-7942\", \"CVE-2015-8035\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libxml2 FEDORA-2015-037\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxml2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libxml2 on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-037\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.3~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:55", "description": "The host is installed with HP System\n Management Homepage (SMH) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-05-19T00:00:00", "type": "openvas", "title": "HP System Management Homepage Multiple Vulnerabilities(may-2016)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4969", "CVE-2016-0705", "CVE-2016-2015", "CVE-2015-3195", "CVE-2016-0799", "CVE-2015-3194", "CVE-2016-2842", "CVE-2015-3237", "CVE-2007-6750", "CVE-2015-7995", "CVE-2015-8035"], "modified": "2018-10-18T00:00:00", "id": "OPENVAS:1361412562310807598", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807598", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_smh_mult_vuln_may16.nasl 11961 2018-10-18 10:49:40Z asteins $\n#\n# HP System Management Homepage Multiple Vulnerabilities(may-2016)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:hp:system_management_homepage\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807598\");\n script_version(\"$Revision: 11961 $\");\n script_cve_id(\"CVE-2011-4969\", \"CVE-2015-3194\", \"CVE-2015-3195\", \"CVE-2016-0705\",\n \"CVE-2016-0799\", \"CVE-2016-2842\", \"CVE-2015-3237\", \"CVE-2015-7995\",\n \"CVE-2015-8035\", \"CVE-2007-6750\", \"CVE-2016-2015\");\n script_bugtraq_id(58458, 78623, 78626, 75387, 77325, 77390, 21865);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-18 12:49:40 +0200 (Thu, 18 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-19 15:47:50 +0530 (Thu, 19 May 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"HP System Management Homepage Multiple Vulnerabilities(may-2016)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with HP System\n Management Homepage (SMH) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws are due to multiple\n unspecified errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to obtain and modify sensitive information and also remote attackers to execute\n arbitrary code and to obtain sensitive information.\");\n\n script_tag(name:\"affected\", value:\"HP System Management Homepage before 7.5.5\");\n\n script_tag(name:\"solution\", value:\"Upgrade to HP System Management Homepage\n 7.5.5 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05111017\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_hp_smh_detect.nasl\");\n script_mandatory_keys(\"HP/SMH/installed\");\n script_require_ports(\"Services/www\", 2301, 2381);\n script_xref(name:\"URL\", value:\"http://www8.hp.com/us/en/products/server-software/product-detail.html?oid=344313\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!smhPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!smhVer = get_app_version(cpe:CPE, port:smhPort)){\n exit(0);\n}\n\nif(version_is_less(version:smhVer, test_version:\"7.5.5\"))\n{\n report = report_fixed_ver(installed_version:smhVer, fixed_version:\"7.5.5\");\n security_message(data:report, port:smhPort);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:09", "description": "Several vulnerabilities were discovered in libxml2, a library providing\nsupport to read, modify and write XML and HTML files. A remote attacker\ncould provide a specially crafted XML or HTML file that, when processed\nby an application using libxml2, would cause that application to use an\nexcessive amount of CPU, leak potentially sensitive information, or\ncrash the application.", "cvss3": {}, "published": "2015-12-23T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3430-1 (libxml2 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7497", "CVE-2015-7941", "CVE-2015-8317", "CVE-2015-7498", "CVE-2015-8241", "CVE-2015-5312", "CVE-2015-7500", "CVE-2015-1819", "CVE-2015-7499", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703430", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703430", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3430.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3430-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703430\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8317\");\n script_name(\"Debian Security Advisory DSA 3430-1 (libxml2 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-23 00:00:00 +0100 (Wed, 23 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3430.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(7|8)\");\n script_tag(name:\"affected\", value:\"libxml2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy), these problems have been fixed\nin version 2.8.0+dfsg1-7+wheezy5.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.9.1+dfsg1-5+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 2.9.3+dfsg1-1 or earlier versions.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.9.3+dfsg1-1 or earlier versions.\n\nWe recommend that you upgrade your libxml2 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered in libxml2, a library providing\nsupport to read, modify and write XML and HTML files. A remote attacker\ncould provide a specially crafted XML or HTML file that, when processed\nby an application using libxml2, would cause that application to use an\nexcessive amount of CPU, leak potentially sensitive information, or\ncrash the application.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libxml2\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-dbg\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-dev\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-doc\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-utils\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-utils-dbg\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libxml2\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libxml2-dbg\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-dbg\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-dev\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-doc\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-utils\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-utils-dbg\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libxml2\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libxml2-dbg\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-24T12:52:44", "description": "Several vulnerabilities were discovered in libxml2, a library providing\nsupport to read, modify and write XML and HTML files. A remote attacker\ncould provide a specially crafted XML or HTML file that, when processed\nby an application using libxml2, would cause that application to use an\nexcessive amount of CPU, leak potentially sensitive information, or\ncrash the application.", "cvss3": {}, "published": "2015-12-23T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3430-1 (libxml2 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7497", "CVE-2015-7941", "CVE-2015-8317", "CVE-2015-7498", "CVE-2015-8241", "CVE-2015-5312", "CVE-2015-7500", "CVE-2015-1819", "CVE-2015-7499", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703430", "href": "http://plugins.openvas.org/nasl.php?oid=703430", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3430.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3430-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703430);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8317\");\n script_name(\"Debian Security Advisory DSA 3430-1 (libxml2 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-12-23 00:00:00 +0100 (Wed, 23 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3430.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"libxml2 on Debian Linux\");\n script_tag(name: \"insight\", value: \"XML is a metalanguage to let you design your own markup language.\nA regular markup language defines a way to describe information in\na certain class of documents (eg HTML). XML lets you define your\nown customized markup languages for many classes of document. It\ncan do this because it's written in SGML, the international standard\nmetalanguage for markup languages.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy), these problems have been fixed\nin version 2.8.0+dfsg1-7+wheezy5.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.9.1+dfsg1-5+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 2.9.3+dfsg1-1 or earlier versions.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.9.3+dfsg1-1 or earlier versions.\n\nWe recommend that you upgrade your libxml2 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered in libxml2, a library providing\nsupport to read, modify and write XML and HTML files. A remote attacker\ncould provide a specially crafted XML or HTML file that, when processed\nby an application using libxml2, would cause that application to use an\nexcessive amount of CPU, leak potentially sensitive information, or\ncrash the application.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxml2\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-dbg\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-dev\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-doc\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-utils\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-utils-dbg\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libxml2\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libxml2-dbg\", ver:\"2.8.0+dfsg1-7+wheezy5\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-dbg\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-dev\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-doc\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-utils\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-utils-dbg\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libxml2\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libxml2-dbg\", ver:\"2.9.1+dfsg1-5+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:32:33", "description": "This host is running Nessus and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2018-06-15T00:00:00", "type": "openvas", "title": "Tenable Nessus Multiple Vulnerabilities(tns-2018-08)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8388", "CVE-2017-16931", "CVE-2017-9233", "CVE-2016-9840", "CVE-2017-7375", "CVE-2017-7244", "CVE-2017-11742", "CVE-2015-8391", "CVE-2018-11214", "CVE-2016-9063", "CVE-2016-5300", "CVE-2015-8395", "CVE-2015-8382", "CVE-2017-5969", "CVE-2016-9318", "CVE-2015-8386", "CVE-2015-2327", "CVE-2017-9049", "CVE-2016-9842", "CVE-2017-8872", "CVE-2012-0876", "CVE-2012-6702", "CVE-2016-0718", "CVE-2015-8392", "CVE-2015-8389", "CVE-2018-9251", "CVE-2015-8380", "CVE-2017-9048", "CVE-2014-8964", "CVE-2016-1283", "CVE-2017-5029", "CVE-2015-8394", "CVE-2012-6139", "CVE-2016-5131", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-8384", "CVE-2016-9843", "CVE-2017-7246", "CVE-2017-7245", "CVE-2017-1000061", "CVE-2017-9047", "CVE-2016-1683", "CVE-2015-8383", "CVE-2016-1684", "CVE-2015-8381", "CVE-2017-7186", "CVE-2015-5073", "CVE-2017-18258", "CVE-2015-8385", "CVE-2016-9841", "CVE-2017-16932", "CVE-2015-9019", "CVE-2015-7995", "CVE-2015-2328", "CVE-2016-4472", "CVE-2014-9769", "CVE-2015-8387", "CVE-2015-8390", "CVE-2017-6004", "CVE-2017-9050"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310813437", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813437", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Tenable Nessus Multiple Vulnerabilities(tns-2018-08)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:tenable:nessus\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813437\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2017-11742\", \"CVE-2017-9233\", \"CVE-2016-9063\", \"CVE-2016-0718\",\n \"CVE-2016-5300\", \"CVE-2012-0876\", \"CVE-2016-4472\", \"CVE-2012-6702\",\n \"CVE-2018-11214\", \"CVE-2017-18258\", \"CVE-2017-16932\", \"CVE-2017-16931\",\n \"CVE-2017-9050\", \"CVE-2017-9049\", \"CVE-2017-9048\", \"CVE-2017-9047\",\n \"CVE-2017-8872\", \"CVE-2017-7375\", \"CVE-2017-5969\", \"CVE-2016-9318\",\n \"CVE-2016-5131\", \"CVE-2018-9251\", \"CVE-2017-1000061\", \"CVE-2012-6139\",\n \"CVE-2015-7995\", \"CVE-2015-9019\", \"CVE-2016-1683\", \"CVE-2016-1684\",\n \"CVE-2017-5029\", \"CVE-2016-9840\", \"CVE-2016-9841\", \"CVE-2016-9842\",\n \"CVE-2016-9843\", \"CVE-2014-8964\", \"CVE-2014-9769\", \"CVE-2015-2327\",\n \"CVE-2015-2328\", \"CVE-2015-3217\", \"CVE-2015-5073\", \"CVE-2015-8380\",\n \"CVE-2015-8381\", \"CVE-2015-8382\", \"CVE-2015-8383\", \"CVE-2015-8384\",\n \"CVE-2015-8385\", \"CVE-2015-8386\", \"CVE-2015-8387\", \"CVE-2015-8388\",\n \"CVE-2015-8389\", \"CVE-2015-8390\", \"CVE-2015-8391\", \"CVE-2015-8392\",\n \"CVE-2015-8394\", \"CVE-2015-8395\", \"CVE-2016-1283\", \"CVE-2016-3191\",\n \"CVE-2017-6004\", \"CVE-2017-7186\", \"CVE-2017-7244\", \"CVE-2017-7245\",\n \"CVE-2017-7246\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-06-15 11:03:08 +0530 (Fri, 15 Jun 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Tenable Nessus Multiple Vulnerabilities(tns-2018-08)\");\n\n script_tag(name:\"summary\", value:\"This host is running Nessus and is prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists as some of the third-party\n components used within Nessus to provide underlying functionality were found to\n contain various vulnerabilities. The components with vulnerabilities include\n expat, libjpeg, libXML2, libXMLSEC, libXSLT, Zlib and libPCRE\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers potentially to gain privileges, execute arbitrary code, bypass\n security restrictions, conduct denial-of-service, gain access to potentially\n sensitive information, conduct XML External Entity (XXE) attacks and unspecified\n other impacts.\");\n\n script_tag(name:\"affected\", value:\"Nessus versions prior to version 7.1.1\");\n\n script_tag(name:\"solution\", value:\"Upgrade to nessus version 7.1.1 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://www.tenable.com\");\n script_xref(name:\"URL\", value:\"https://www.tenable.com/security/tns-2018-08\");\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_nessus_web_server_detect.nasl\");\n script_mandatory_keys(\"nessus/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!nesPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:nesPort, exit_no_version:TRUE)) exit(0);\nnesVer = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:nesVer, test_version:\"7.1.1\"))\n{\n report = report_fixed_ver(installed_version:nesVer, fixed_version:\"7.1.1\", install_path:path);\n security_message(data:report, port:nesPort);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2019-05-29T18:35:43", "description": "This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-04-01T00:00:00", "type": "openvas", "title": "Apple Mac OS X Multiple Vulnerabilities-02 March-2016", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1841", "CVE-2016-1840", "CVE-2016-1836", "CVE-2015-5312", "CVE-2016-1761", "CVE-2016-1762", "CVE-2016-1834", "CVE-2016-1847", "CVE-2016-1791", "CVE-2016-1765", "CVE-2015-5334", "CVE-2016-1835", "CVE-2015-7500", "CVE-2016-1800", "CVE-2015-8242", "CVE-2015-1819", "CVE-2015-7499", "CVE-2016-1837", "CVE-2016-1759", "CVE-2016-1838", "CVE-2016-1754", "CVE-2015-0973", "CVE-2014-9495", "CVE-2016-1839", "CVE-2015-8472", "CVE-2016-0778", "CVE-2016-1755", "CVE-2015-5333", "CVE-2015-7942", "CVE-2015-8035", "CVE-2016-1833", "CVE-2016-0777"], "modified": "2019-05-03T00:00:00", "id": "OPENVAS:1361412562310806695", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Mac OS X Multiple Vulnerabilities-02 March-2016\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806695\");\n script_version(\"2019-05-03T08:55:39+0000\");\n script_cve_id(\"CVE-2016-1754\", \"CVE-2016-1755\", \"CVE-2016-1759\", \"CVE-2016-1761\",\n \"CVE-2016-1765\", \"CVE-2015-8472\", \"CVE-2015-1819\", \"CVE-2015-5312\",\n \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7942\", \"CVE-2015-8035\",\n \"CVE-2015-8242\", \"CVE-2016-1762\", \"CVE-2016-0777\", \"CVE-2016-0778\",\n \"CVE-2015-5333\", \"CVE-2015-5334\", \"CVE-2014-9495\", \"CVE-2015-0973\",\n \"CVE-2016-1791\", \"CVE-2016-1800\", \"CVE-2016-1833\", \"CVE-2016-1834\",\n \"CVE-2016-1835\", \"CVE-2016-1836\", \"CVE-2016-1837\", \"CVE-2016-1838\",\n \"CVE-2016-1839\", \"CVE-2016-1840\", \"CVE-2016-1841\", \"CVE-2016-1847\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 08:55:39 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-04-01 13:19:35 +0530 (Fri, 01 Apr 2016)\");\n script_name(\"Apple Mac OS X Multiple Vulnerabilities-02 March-2016\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For details\n refer the reference links.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker\n to execute arbitrary code or cause a denial of service (memory corruption),\n gain access to potentially sensitive information, trigger a dialing action via a\n tel: URL, bypass a code-signing protection mechanism.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X versions 10.9.x before 10.9.5\n and 10.10.x before 10.10.5\");\n\n script_tag(name:\"solution\", value:\"Apply the appropriate security patch from\n the vendor. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT206567\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.(9|10)\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName || \"Mac OS X\" >!< osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer || osVer !~ \"^10\\.(9|10)\"){\n exit(0);\n}\n\nif((osVer == \"10.9.5\") || (osVer == \"10.10.5\"))\n{\n buildVer = get_kb_item(\"ssh/login/osx_build\");\n if(!buildVer){\n exit(0);\n }\n if(osVer == \"10.9.5\" && version_is_less(version:buildVer, test_version:\"13F1808\"))\n {\n fix = \"Apply patch from vendor\";\n osVer = osVer + \" Build \" + buildVer;\n }\n else if(osVer == \"10.10.5\" && version_is_less(version:buildVer, test_version:\"14F1808\"))\n {\n fix = \"Apply patch from vendor\";\n osVer = osVer + \" Build \" + buildVer;\n }\n}\n\nelse if(version_in_range(version:osVer, test_version:\"10.9\", test_version2:\"10.9.4\")){\n fix = \"10.9.5 build 13F1808\";\n}\nelse if(version_in_range(version:osVer, test_version:\"10.10\", test_version2:\"10.10.4\")){\n fix = \"10.10.5 build 14F1808\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:osVer, fixed_version:fix);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:25:33", "description": "This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-04-01T00:00:00", "type": "openvas", "title": "Apple Mac OS X Multiple Vulnerabilities-01 March-2016", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1746", "CVE-2016-1734", "CVE-2015-8659", "CVE-2016-1773", "CVE-2015-8126", "CVE-2016-1768", "CVE-2016-1758", "CVE-2015-5312", "CVE-2016-1761", "CVE-2015-3195", "CVE-2016-1744", "CVE-2016-1762", "CVE-2016-1737", "CVE-2016-1765", "CVE-2015-7551", "CVE-2016-1738", "CVE-2016-1756", "CVE-2016-1747", "CVE-2016-1752", "CVE-2016-1736", "CVE-2016-1740", "CVE-2016-1743", "CVE-2016-1775", "CVE-2016-1749", "CVE-2015-7500", "CVE-2016-0802", "CVE-2015-8242", "CVE-2016-1770", "CVE-2016-1757", "CVE-2015-1819", "CVE-2015-7499", "CVE-2016-1741", "CVE-2016-1759", "CVE-2016-1745", "CVE-2016-1732", "CVE-2016-1769", "CVE-2016-1754", "CVE-2015-0973", "CVE-2016-1950", "CVE-2016-1750", "CVE-2016-1748", "CVE-2014-9495", "CVE-2016-0801", "CVE-2015-8472", "CVE-2016-1764", "CVE-2016-0778", "CVE-2016-1755", "CVE-2016-1767", "CVE-2016-1753", "CVE-2016-1733", "CVE-2016-1788", "CVE-2016-1735", "CVE-2015-7942", "CVE-2015-8035", "CVE-2016-0777"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310806693", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806693", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Mac OS X Multiple Vulnerabilities-01 March-2016\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806693\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2015-7551\", \"CVE-2016-1733\", \"CVE-2016-1732\", \"CVE-2016-1734\",\n \"CVE-2016-1735\", \"CVE-2016-1736\", \"CVE-2016-1737\", \"CVE-2016-1740\",\n \"CVE-2016-1738\", \"CVE-2016-1741\", \"CVE-2016-1743\", \"CVE-2016-1744\",\n \"CVE-2016-1745\", \"CVE-2016-1746\", \"CVE-2016-1747\", \"CVE-2016-1748\",\n \"CVE-2016-1749\", \"CVE-2016-1752\", \"CVE-2016-1753\", \"CVE-2016-1754\",\n \"CVE-2016-1755\", \"CVE-2016-1756\", \"CVE-2016-1757\", \"CVE-2016-1758\",\n \"CVE-2016-1759\", \"CVE-2016-1761\", \"CVE-2016-1764\", \"CVE-2016-1765\",\n \"CVE-2016-1767\", \"CVE-2016-1768\", \"CVE-2016-1769\", \"CVE-2016-1770\",\n \"CVE-2016-1773\", \"CVE-2016-1775\", \"CVE-2016-1750\", \"CVE-2016-1788\",\n \"CVE-2015-8126\", \"CVE-2015-8472\", \"CVE-2015-8659\", \"CVE-2015-1819\",\n \"CVE-2015-5312\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7942\",\n \"CVE-2015-8035\", \"CVE-2015-8242\", \"CVE-2016-1762\", \"CVE-2016-0777\",\n \"CVE-2016-0778\", \"CVE-2015-3195\", \"CVE-2014-9495\", \"CVE-2015-0973\",\n \"CVE-2016-1950\", \"CVE-2016-0801\", \"CVE-2016-0802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-04-01 13:19:28 +0530 (Fri, 01 Apr 2016)\");\n script_name(\"Apple Mac OS X Multiple Vulnerabilities-01 March-2016\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For details\n refer the reference links.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker\n to execute arbitrary code or cause a denial of service (memory corruption),\n gain access to potentially sensitive information, trigger a dialing action,\n bypass a code-signing protection mechanism.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X versions 10.11.x before\n 10.11.4, 10.9.x through 10.9.5, 10.10.x through 10.10.5\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Mac OS X version\n 10.11.4 or later, or apply aptch from vendor.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT206167\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.(9|1[01])\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName || \"Mac OS X\" >!< osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer || osVer !~ \"^10\\.(9|1[01])\"){\n exit(0);\n}\n\nif(version_in_range(version:osVer, test_version:\"10.9\", test_version2:\"10.9.4\")||\n version_in_range(version:osVer, test_version:\"10.10\", test_version2:\"10.10.4\")){\n fix = \"Upgrade to latest OS release and apply patch from vendor\";\n}\n\nelse if((osVer == \"10.10.5\") || (osVer == \"10.9.5\"))\n{\n buildVer = get_kb_item(\"ssh/login/osx_build\");\n if(!buildVer){\n exit(0);\n }\n if(osVer == \"10.10.5\" && version_is_less(version:buildVer, test_version:\"14F1713\"))\n {\n fix = \"Apply patch from vendor\";\n osVer = osVer + \" Build \" + buildVer;\n }\n else if(osVer == \"10.9.5\" && version_is_less(version:buildVer, test_version:\"13F1712\"))\n {\n fix = \"Apply patch from vendor\";\n osVer = osVer + \" Build \" + buildVer;\n }\n}\n\nelse if(osVer =~ \"^10\\.11\")\n{\n if(version_is_less(version:osVer, test_version:\"10.11.4\")){\n fix = \"10.11.4\";\n }\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:osVer, fixed_version:fix);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2021-07-28T14:46:50", "description": "This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select sub nodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-09T16:53:03", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: libxml2-2.9.8-4.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14404", "CVE-2018-9251"], "modified": "2018-08-09T16:53:03", "id": "FEDORA:94363633518A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5AFXFHKUDFZEHTMUDJLFYGVCUAZKGKC7/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select sub nodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-07T01:20:06", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: libxml2-2.9.8-4.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14404", "CVE-2018-9251"], "modified": "2018-08-07T01:20:06", "id": "FEDORA:DA47C616A923", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/G5AFZARX7BUSU24J2MJ4AHX5OE47UXQA/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "MinGW Windows libxml2 XML processing library. ", "cvss3": {}, "published": "2016-02-17T04:02:04", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: mingw-libxml2-2.9.3-1.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2016-02-17T04:02:04", "id": "FEDORA:473D96090BE2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NR5ECHJOO6QIZMDKOQDQUER6JMRLWGZS/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "MinGW Windows libxml2 XML processing library. ", "cvss3": {}, "published": "2016-02-17T04:26:04", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: mingw-libxml2-2.9.3-1.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2016-02-17T04:26:04", "id": "FEDORA:8FB206094351", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GPNYZHNQFPYH2OW4ZE362WBOSUIBRX7M/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select sub nodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. ", "cvss3": {}, "published": "2015-11-26T21:01:32", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: libxml2-2.9.3-1.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242"], "modified": "2015-11-26T21:01:32", "id": "FEDORA:4959A6092042", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/44TRDU3K2AOKSAODHSOBCELRI2Q4ZRFX/", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select sub nodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. ", "cvss3": {}, "published": "2015-11-30T23:26:43", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: libxml2-2.9.3-1.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242"], "modified": "2015-11-30T23:26:43", "id": "FEDORA:454A0601DA33", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IHLLN7O45V4ZLSKWZKKQOJNMKJOVI6LZ/", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2021-10-19T20:38:22", "description": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n* libxml2: infinite loop in xz_decomp function in xzlib.c (CVE-2018-9251)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2020-04-28T09:20:58", "type": "redhat", "title": "(RHSA-2020:1827) Moderate: libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14404", "CVE-2018-9251"], "modified": "2020-04-28T10:47:02", "id": "RHSA-2020:1827", "href": "https://access.redhat.com/errata/RHSA-2020:1827", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:39:15", "description": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)\n\n* libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)\n\n* libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)\n\n* libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n* libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)\n\n* libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-03-31T09:30:25", "type": "redhat", "title": "(RHSA-2020:1190) Moderate: libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567"], "modified": "2020-03-31T10:09:57", "id": "RHSA-2020:1190", "href": "https://access.redhat.com/errata/RHSA-2020:1190", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:38:01", "description": "OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.\n\nSecurity Fix(es):\n\n* kubevirt: VMIs can be used to access host files (CVE-2020-14316)\n\n* containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nThis update also fixes several bugs and adds various enhancements.\n\nThis advisory contains the following OpenShift Virtualization 2.4.0 images:\n\nRHEL-7-CNV-2.4\n==============\nkubevirt-ssp-operator-container-v2.4.0-71\n\nRHEL-8-CNV-2.4\n==============\nvirt-cdi-controller-container-v2.4.0-29\nvirt-cdi-uploadproxy-container-v2.4.0-29\nhostpath-provisioner-container-v2.4.0-25\nvirt-cdi-operator-container-v2.4.0-29\nkubevirt-metrics-collector-container-v2.4.0-18\ncnv-containernetworking-plugins-container-v2.4.0-36\nkubevirt-kvm-info-nfd-plugin-container-v2.4.0-18\nhostpath-provisioner-operator-container-v2.4.0-31\nvirt-cdi-uploadserver-container-v2.4.0-29\nvirt-cdi-apiserver-container-v2.4.0-29\nvirt-controller-container-v2.4.0-58\nvirt-cdi-cloner-container-v2.4.0-29\nkubevirt-template-validator-container-v2.4.0-21\nvm-import-operator-container-v2.4.0-21\nkubernetes-nmstate-handler-container-v2.4.0-37\nnode-maintenance-operator-container-v2.4.0-27\nvirt-operator-container-v2.4.0-58\nkubevirt-v2v-conversion-container-v2.4.0-23\ncnv-must-gather-container-v2.4.0-73\nvirtio-win-container-v2.4.0-15\nkubevirt-cpu-node-labeller-container-v2.4.0-19\novs-cni-plugin-container-v2.4.0-37\nkubevirt-vmware-container-v2.4.0-21\nhyperconverged-cluster-operator-container-v2.4.0-70\nvirt-handler-container-v2.4.0-58\nvirt-cdi-importer-container-v2.4.0-29\nvirt-launcher-container-v2.4.0-58\nkubevirt-cpu-model-nfd-plugin-container-v2.4.0-17\nvirt-api-container-v2.4.0-58\novs-cni-marker-container-v2.4.0-38\nkubemacpool-container-v2.4.0-39\ncluster-network-addons-operator-container-v2.4.0-38\nbridge-marker-container-v2.4.0-39\nvm-import-controller-container-v2.4.0-21\nhco-bundle-registry-container-v2.3.0-497", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.9, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-07-28T18:02:45", "type": "redhat", "title": "(RHSA-2020:3194) Important: Container-native Virtualization security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14404", "CVE-2018-18074", "CVE-2018-19519", "CVE-2018-20060", "CVE-2018-20337", "CVE-2018-20852", "CVE-2018-7263", "CVE-2018-9251", "CVE-2019-1010180", "CVE-2019-1010204", "CVE-2019-11236", "CVE-2019-11324", "CVE-2019-12447", "CVE-2019-12448", "CVE-2019-12449", "CVE-2019-13232", "CVE-2019-13752", "CVE-2019-13753", "CVE-2019-14563", "CVE-2019-14822", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563", "CVE-2019-15847", "CVE-2019-16056", "CVE-2019-17451", "CVE-2019-19126", "CVE-2019-19232", "CVE-2019-19807", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19959", "CVE-2019-3016", "CVE-2019-3825", "CVE-2019-5094", "CVE-2019-5436", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-8457", "CVE-2020-10749", "CVE-2020-10754", "CVE-2020-10757", "CVE-2020-10766", "CVE-2020-10767", "CVE-2020-10768", "CVE-2020-11008", "CVE-2020-11080", "CVE-2020-12049", "CVE-2020-12653", "CVE-2020-12654", "CVE-2020-12662", "CVE-2020-12663", "CVE-2020-12888", "CVE-2020-13777", "CVE-2020-14316", "CVE-2020-8616", "CVE-2020-8617"], "modified": "2020-07-28T18:06:05", "id": "RHSA-2020:3194", "href": "https://access.redhat.com/errata/RHSA-2020:3194", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:40:41", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)\n\n* grafana: XSS vulnerability via a column style on the \"Dashboard > Table Panel\" screen (CVE-2018-18624)\n\n* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)\n\n* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* grafana: stored XSS (CVE-2020-11110)\n\n* grafana: XSS annotation popup vulnerability (CVE-2020-12052)\n\n* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)\n\n* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)\n\n* openshift/console: text injection on error page via crafted url (CVE-2020-10715)\n\n* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)\n\n* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-10-27T14:57:54", "type": "redhat", "title": "(RHSA-2020:4298) Moderate: OpenShift Container Platform 4.6.1 image security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2016-10739", "CVE-2018-14404", "CVE-2018-14498", "CVE-2018-16890", "CVE-2018-18074", "CVE-2018-18624", "CVE-2018-18751", "CVE-2018-19519", "CVE-2018-20060", "CVE-2018-20337", "CVE-2018-20483", "CVE-2018-20657", "CVE-2018-20852", "CVE-2018-9251", "CVE-2019-1010180", "CVE-2019-1010204", "CVE-2019-11070", "CVE-2019-11236", "CVE-2019-11324", "CVE-2019-11358", "CVE-2019-11459", "CVE-2019-12447", "CVE-2019-12448", "CVE-2019-12449", "CVE-2019-12450", "CVE-2019-12795", "CVE-2019-13232", "CVE-2019-13636", "CVE-2019-13752", "CVE-2019-13753", "CVE-2019-14822", "CVE-2019-14973", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563", "CVE-2019-15718", "CVE-2019-15847", "CVE-2019-16056", "CVE-2019-16769", "CVE-2019-17451", "CVE-2019-18408", "CVE-2019-19126", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19959", "CVE-2019-3822", "CVE-2019-3823", "CVE-2019-3825", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-5094", "CVE-2019-5436", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-5953", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-6454", "CVE-2019-6706", "CVE-2019-7146", "CVE-2019-7149", "CVE-2019-7150", "CVE-2019-7664", "CVE-2019-7665", "CVE-2019-8457", "CVE-2019-8506", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8666", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8675", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8679", "CVE-2019-8681", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8696", "CVE-2019-8726", "CVE-2019-8735", "CVE-2019-8768", "CVE-2020-10531", "CVE-2020-10715", "CVE-2020-10743", "CVE-2020-11008", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11110", "CVE-2020-12049", "CVE-2020-12052", "CVE-2020-12245", "CVE-2020-13822", "CVE-2020-14040", "CVE-2020-14336", "CVE-2020-15366", "CVE-2020-15719", "CVE-2020-1712", "CVE-2020-7013", "CVE-2020-7598", "CVE-2020-7662", "CVE-2020-8203", "CVE-2020-8559", "CVE-2020-9283"], "modified": "2020-10-28T00:36:30", "id": "RHSA-2020:4298", "href": "https://access.redhat.com/errata/RHSA-2020:4298", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2018-10-12T14:30:05", "description": "This update for libxml2 fixes the following security issues:\n\n - CVE-2018-9251: The xz_decomp function allowed remote attackers to cause\n a denial of service (infinite loop) via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279)\n - CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted\n XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n (bsc#1105166)\n - CVE-2018-14404: Prevent NULL pointer dereference in the\n xmlXPathCompOpEval() function when parsing an invalid XPath expression\n in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service\n attack (bsc#1102046)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-10-12T12:12:16", "type": "suse", "title": "Security update for libxml2 (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2018-10-12T12:12:16", "id": "OPENSUSE-SU-2018:3110-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00029.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-12T14:30:05", "description": "This update for libxml2 fixes the following security issues:\n\n - CVE-2018-9251: The xz_decomp function allowed remote attackers to cause\n a denial of service (infinite loop) via a crafted XML file that triggers\n LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279).\n - CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted\n XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint\n (bsc#1105166).\n - CVE-2018-14404: Prevent NULL pointer dereference in the\n xmlXPathCompOpEval() function when parsing an invalid XPath expression\n in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service\n attack (bsc#1102046).\n - CVE-2017-18258: The xz_head function allowed remote attackers to cause a\n denial of service (memory consumption) via a crafted LZMA file, because\n the decoder functionality did not restrict memory usage to what is\n required for a legitimate file (bsc#1088601).\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n", "cvss3": {}, "published": "2018-10-12T12:10:07", "type": "suse", "title": "Security update for libxml2 (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251", "CVE-2017-18258"], "modified": "2018-10-12T12:10:07", "id": "OPENSUSE-SU-2018:3107-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00026.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:47:49", "description": "This update for sles12-docker-image fixes issues with binaries and\n libraries included in the image where security updates have been made\n available in the last weeks.\n\n glibc security issues fixed:\n - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed\n remote attackers to cause a crash or execute arbitrary code via crafted\n and timed DNS responses (bsc#961721)\n - CVE-2015-8777: Insufficient checking of LD_POINTER_GUARD environment\n variable allowed local attackers to bypass the pointer guarding\n protection of the dynamic loader on set-user-ID and set-group-ID\n programs (bsc#950944)\n - CVE-2015-8776: Out-of-range time values passed to the strftime function\n may cause it to crash, leading to a denial of service, or potentially\n disclosure information (bsc#962736)\n - CVE-2015-8778: Integer overflow in hcreate and hcreate_r could have\n caused an out-of-bound memory access. leading to application crashes or,\n potentially, arbitrary code execution (bsc#962737)\n - CVE-2014-9761: A stack overflow (unbounded alloca) could have caused\n applications which process long strings with the nan function to crash\n or, potentially, execute arbitrary code. (bsc#962738)\n - CVE-2015-8779: A stack overflow (unbounded alloca) in the catopen\n function could have caused applications which pass long strings to the\n catopen function to crash or, potentially execute arbitrary code.\n (bsc#962739)\n\n glibc bugs fixed:\n - bsc#955647: Resource leak in resolver\n - bsc#956716: Don't do lock elision on an error checking mutex\n - bsc#958315: Reinitialize dl_load_write_lock on fork\n\n openssl security bugs fixed: Security issues fixed:\n - CVE-2016-0800 aka the &quot;DROWN&quot; attack (bsc#968046): OpenSSL was\n vulnerable to a cross-protocol attack that could lead to decryption of\n TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites\n as a Bleichenbacher RSA padding oracle.\n\n This update changes the openssl library to:\n\n * Disable SSLv2 protocol support by default.\n\n This can be overridden by setting the environment variable\n &quot;OPENSSL_ALLOW_SSL2&quot; or by using SSL_CTX_clear_options using the\n SSL_OP_NO_SSLv2 flag.\n\n Note that various services and clients had already disabled SSL\n protocol 2 by default previously.\n\n * Disable all weak EXPORT ciphers by default. These can be reenabled if\n required by old legacy software using the environment variable\n &quot;OPENSSL_ALLOW_EXPORT&quot;.\n\n - CVE-2016-0702 aka the &quot;CacheBleed&quot; attack. (bsc#968050) Various changes\n in the modular exponentation code were added that make sure that it is\n not possible to recover RSA secret keys by analyzing cache-bank\n conflicts on the Intel Sandy-Bridge microarchitecture.\n\n Note that this was only exploitable if the malicious code was running\n on the same hyper threaded Intel Sandy Bridge processor as the victim\n thread performing decryptions.\n\n - CVE-2016-0705 (bnc#968047): A double free() bug in the DSA ASN1 parser\n code was fixed that could be abused to facilitate a denial-of-service\n attack.\n\n - CVE-2016-0797 (bnc#968048): The BN_hex2bn() and BN_dec2bn() functions\n had a bug that could result in an attempt to de-reference a NULL pointer\n leading to crashes. This could have security consequences if these\n functions were ever called by user applications with large untrusted\n hex/decimal data. Also, internal usage of these functions in OpenSSL\n uses data from config files\n or application command line arguments. If user developed applications\n generated config file data based on untrusted data, then this could\n have had security consequences as well.\n\n - CVE-2016-0798 (bnc#968265) The SRP user database lookup method\n SRP_VBASE_get_by_user() had a memory leak that attackers could abuse to\n facility DoS attacks. To mitigate the issue, the seed handling in\n SRP_VBASE_get_by_user() was disabled even if the user has configured a\n seed. Applications are advised to migrate to SRP_VBASE_get1_by_user().\n\n - CVE-2016-0799 (bnc#968374) On many 64 bit systems, the internal fmtstr()\n and doapr_outch() functions could miscalculate the length of a string\n and attempt to access out-of-bounds memory locations. These problems\n could have enabled attacks where large amounts of untrusted data is\n passed to the BIO_*printf functions. If applications use these functions\n in this way then they could have been vulnerable. OpenSSL itself uses\n these functions when printing out human-readable dumps of ASN.1 data.\n Therefore applications that print this data could have been vulnerable\n if the data is from untrusted sources. OpenSSL command line applications\n could also have been vulnerable when they print out ASN.1 data, or if\n untrusted data is passed as command line arguments. Libssl is not\n considered directly vulnerable.\n\n - CVE-2015-3197 (bsc#963415): The SSLv2 protocol did not block disabled\n ciphers.\n\n Note that the March 1st 2016 release also references following CVEs that\n were fixed by us with CVE-2015-0293 in 2015:\n\n - CVE-2016-0703 (bsc#968051): This issue only affected versions of OpenSSL\n prior to March 19th 2015 at which time the code was refactored to\n address vulnerability CVE-2015-0293. It would have made the above\n &quot;DROWN&quot; attack much easier.\n - CVE-2016-0704 (bsc#968053): &quot;Bleichenbacher oracle in SSLv2&quot; This issue\n only affected versions of OpenSSL prior to March 19th 2015 at which time\n the code was refactored to address vulnerability CVE-2015-0293. It would\n have made the above &quot;DROWN&quot; attack much easier.\n\n - CVE-2015-3194: The signature verification routines will crash with a\n NULL pointer dereference if presented with an ASN.1 signature using the\n RSA PSS algorithm and absent mask generation function parameter. Since\n these routines are used to verify certificate signature algorithms this\n can be used to crash any certificate verification operation and\n exploited in a DoS attack. Any application which performs certificate\n verification is vulnerable including OpenSSL clients and servers which\n enable client authentication. (bsc#957815)\n - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure\n OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS\n routines so any application which reads PKCS#7 or CMS data from\n untrusted sources is affected. SSL/TLS is not affected. (bsc#957812)\n - CVE-2015-3196: If PSK identity hints are received by a multi-threaded\n client then the values were wrongly updated in the parent SSL_CTX\n structure. This could result in a race condition potentially leading to\n a double free of the identify hint data. (bsc#957813)\n\n openssl bugs fixed:\n - Avoid running OPENSSL_config twice. This avoids breaking engine loading.\n (bsc#952871)\n - Ensure that OpenSSL doesn't fall back to the default digest algorithm\n (SHA1) in case a non-FIPS algorithm was negotiated while running in FIPS\n mode. Instead, OpenSSL will refuse the digest. (bnc#958501)\n - Clear the error after setting non-fips mode (bsc#947104)\n - Improve S/390 performance on IBM z196 and z13 (bsc#954256)\n - Add support for &quot;ciphers&quot; providing no encryption (bsc#937085)\n\n libxml2 security issues fixed:\n - CVE-2015-8710: Parsing short unclosed HTML comment could cause\n uninitialized memory access, which allowed remote attackers to read\n contents from previous HTTP requests depending on the application\n [bsc#960674]\n - CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193]\n - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping\n parsing on entities boundaries errors [bnc#951734]\n - CVE-2015-7942 Fix another variation of overflow in Conditional sections\n [bnc#951735]\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018]\n - CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021]\n - CVE-2015-8317 Return if the encoding declaration is broken or encoding\n conversion failed [bnc#956260]\n - CVE-2015-5312 Fix another entity expansion issue [bnc#957105]\n - CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey\n [bnc#957106]\n - CVE-2015-7498 Processes entities after encoding conversion failures\n [bnc#957107]\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect\n incoherency on GROW [bnc#957109]\n - CVE-2015-8317 Multiple out-of-bound read could lead to denial of service\n [bnc#956260]\n - CVE-2015-8035 DoS when parsing specially crafted XML document if XZ\n support is enabled [bnc#954429]\n - CVE-2015-7500 Fix memory access error due to incorrect entities\n boundaries [bnc#957110]\n\n And other security and non-security updates found in the SUSE Linux\n Enterprise 12 GA line.\n\n", "cvss3": {}, "published": "2016-03-16T15:28:52", "type": "suse", "title": "Security update for sles12-docker-image (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-7497", "CVE-2015-7941", "CVE-2015-8776", "CVE-2015-3197", "CVE-2015-8317", "CVE-2015-7498", "CVE-2015-8241", "CVE-2016-0705", "CVE-2015-5312", "CVE-2015-3195", "CVE-2016-0798", "CVE-2016-0799", "CVE-2015-3194", "CVE-2016-0797", "CVE-2016-0702", "CVE-2015-8777", "CVE-2015-3196", "CVE-2015-8779", "CVE-2015-7500", "CVE-2015-8242", "CVE-2015-1819", "CVE-2015-7499", "CVE-2015-0293", "CVE-2015-8778", "CVE-2015-8710", "CVE-2016-0800", "CVE-2016-0704", "CVE-2014-9761", "CVE-2016-0703", "CVE-2015-7942", "CVE-2015-7547", "CVE-2015-8035"], "modified": "2016-03-16T15:28:52", "id": "SUSE-SU-2016:0786-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00055.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "A flaw was found in libxml2 2.9.8. The xz_decomp function in xzlib.c, if \\--with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (CVE-2018-9251, CVE-2018-14567). A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application (CVE-2018-14404). The libxml2 package has been updated to version 2.9.9 to fix these issues and other bugs. The perl-XML-LibXML package has been rebuilt against the updated libxml2. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-23T15:50:09", "type": "mageia", "title": "Updated libxml2 packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2019-01-23T15:50:09", "id": "MGASA-2019-0047", "href": "https://advisories.mageia.org/MGASA-2019-0047.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-18T11:19:34", "description": "A denial of service in libxml2 when parsing a specially crafted XML file if XZ support is enabled may cause applications to hang as the parsing never terminates (CVE-2015-8035) \n", "cvss3": {}, "published": "2015-11-05T22:46:03", "type": "mageia", "title": "Updated libxml2 packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035"], "modified": "2015-11-05T22:46:03", "id": "MGASA-2015-0433", "href": "https://advisories.mageia.org/MGASA-2015-0433.html", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2021-07-25T19:36:54", "description": "**Issue Overview:**\n\nA NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. (CVE-2018-14404)\n\nUse after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2017-15412)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash. (CVE-2015-8035)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251. (CVE-2018-14567)\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file. (CVE-2017-18258)\n\nUse-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. (CVE-2016-5131) \n\n\n \n**Affected Packages:** \n\n\nlibxml2\n\n \n**Issue Correction:** \nRun _yum update libxml2_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 libxml2-2.9.1-6.amzn2.4.1.aarch64 \n \u00a0\u00a0\u00a0 libxml2-devel-2.9.1-6.amzn2.4.1.aarch64 \n \u00a0\u00a0\u00a0 libxml2-static-2.9.1-6.amzn2.4.1.aarch64 \n \u00a0\u00a0\u00a0 libxml2-python-2.9.1-6.amzn2.4.1.aarch64 \n \u00a0\u00a0\u00a0 libxml2-debuginfo-2.9.1-6.amzn2.4.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 libxml2-2.9.1-6.amzn2.4.1.i686 \n \u00a0\u00a0\u00a0 libxml2-devel-2.9.1-6.amzn2.4.1.i686 \n \u00a0\u00a0\u00a0 libxml2-static-2.9.1-6.amzn2.4.1.i686 \n \u00a0\u00a0\u00a0 libxml2-python-2.9.1-6.amzn2.4.1.i686 \n \u00a0\u00a0\u00a0 libxml2-debuginfo-2.9.1-6.amzn2.4.1.i686 \n \n src: \n \u00a0\u00a0\u00a0 libxml2-2.9.1-6.amzn2.4.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 libxml2-2.9.1-6.amzn2.4.1.x86_64 \n \u00a0\u00a0\u00a0 libxml2-devel-2.9.1-6.amzn2.4.1.x86_64 \n \u00a0\u00a0\u00a0 libxml2-static-2.9.1-6.amzn2.4.1.x86_64 \n \u00a0\u00a0\u00a0 libxml2-python-2.9.1-6.amzn2.4.1.x86_64 \n \u00a0\u00a0\u00a0 libxml2-debuginfo-2.9.1-6.amzn2.4.1.x86_64 \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-07-21T16:34:00", "type": "amazon", "title": "Important: libxml2", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2020-07-21T21:21:00", "id": "ALAS2-2020-1466", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1466.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-25T19:23:00", "description": "**Issue Overview:**\n\nA NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application. (CVE-2018-14404)\n\nUse after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file. (CVE-2017-15412)\n\nThe xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data. A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash. (CVE-2015-8035)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251. (CVE-2018-14567)\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file. (CVE-2017-18258)\n\nUse-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. (CVE-2016-5131) \n\n\n \n**Affected Packages:** \n\n\nlibxml2\n\n \n**Issue Correction:** \nRun _yum update libxml2_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 libxml2-2.9.1-6.4.40.amzn1.i686 \n \u00a0\u00a0\u00a0 libxml2-python26-2.9.1-6.4.40.amzn1.i686 \n \u00a0\u00a0\u00a0 libxml2-devel-2.9.1-6.4.40.amzn1.i686 \n \u00a0\u00a0\u00a0 libxml2-static-2.9.1-6.4.40.amzn1.i686 \n \u00a0\u00a0\u00a0 libxml2-python27-2.9.1-6.4.40.amzn1.i686 \n \u00a0\u00a0\u00a0 libxml2-debuginfo-2.9.1-6.4.40.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 libxml2-2.9.1-6.4.40.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 libxml2-python26-2.9.1-6.4.40.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libxml2-static-2.9.1-6.4.40.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libxml2-debuginfo-2.9.1-6.4.40.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libxml2-2.9.1-6.4.40.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libxml2-devel-2.9.1-6.4.40.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libxml2-python27-2.9.1-6.4.40.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-08-10T22:59:00", "type": "amazon", "title": "Important: libxml2", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2020-08-12T17:52:00", "id": "ALAS-2020-1415", "href": "https://alas.aws.amazon.com/ALAS-2020-1415.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "f5": [{"lastseen": "2022-02-15T19:29:27", "description": " * [CVE-2015-8035](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035>)\n\nThe xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.\n\n * [CVE-2016-5131](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131>)\n\nUse-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.\n\n * [CVE-2017-15412](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412>)\n\nUse after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * [CVE-2017-18258](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258>)\n\nThe xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.\n\n * [CVE-2018-14404](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404>)\n\nA NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.\n\n * [CVE-2018-14567](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567>)\n\nlibxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.\n\nImpact\n\nThere is no impact; F5 products are not affected by this vulnerability.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2022-02-15T13:03:00", "type": "f5", "title": "libxml2 vulnerabilities CVE-2015-8035 CVE-2016-5131 CVE-2017-15412 CVE-2017-18258 CVE-2018-14404 CVE-2018-14567", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2022-02-15T13:03:00", "id": "F5:K76678525", "href": "https://support.f5.com/csp/article/K76678525", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2022-01-22T17:00:16", "description": "Package : libxml2\nVersion : 2.9.1+dfsg1-5+deb8u7\nCVE ID : CVE-2017-18258 CVE-2018-9251 CVE-2018-14404\n CVE-2018-14567\n\n\nCVE-2018-14404\n Fix of a NULL pointer dereference which might result in a crash and\n thus in a denial of service.\n\nCVE-2018-14567 and CVE-2018-9251\n Approvement in LZMA error handling which prevents an infinite loop.\n\nCVE-2017-18258\n Limit available memory to 100MB to avoid exhaustive memory\n consumption by malicious files.\n\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.9.1+dfsg1-5+deb8u7.\n\nWe recommend that you upgrade your libxml2 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-09-27T20:04:03", "type": "debian", "title": "[SECURITY] [DLA 1524-1] libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2018-09-27T20:04:03", "id": "DEBIAN:DLA-1524-1:818AD", "href": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T22:39:05", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3430-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 23, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libxml2\nCVE ID : CVE-2015-1819 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 \n CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942\n CVE-2015-8035 CVE-2015-8241 CVE-2015-8317\nDebian Bug : 782782 782985 783010 802827 803942 806384\n\nSeveral vulnerabilities were discovered in libxml2, a library providing\nsupport to read, modify and write XML and HTML files. A remote attacker\ncould provide a specially crafted XML or HTML file that, when processed\nby an application using libxml2, would cause that application to use an\nexcessive amount of CPU, leak potentially sensitive information, or\ncrash the application.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 2.8.0+dfsg1-7+wheezy5.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.9.1+dfsg1-5+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 2.9.3+dfsg1-1 or earlier versions.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.9.3+dfsg1-1 or earlier versions.\n\nWe recommend that you upgrade your libxml2 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-12-23T13:19:18", "type": "debian", "title": "[SECURITY] [DSA 3430-1] libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8317"], "modified": "2015-12-23T13:19:18", "id": "DEBIAN:DSA-3430-1:21018", "href": "https://lists.debian.org/debian-security-announce/2015/msg00337.html", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-03-26T01:29:47", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3430-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 23, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libxml2\nCVE ID : CVE-2015-1819 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 \n CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942\n CVE-2015-8035 CVE-2015-8241 CVE-2015-8317\nDebian Bug : 782782 782985 783010 802827 803942 806384\n\nSeveral vulnerabilities were discovered in libxml2, a library providing\nsupport to read, modify and write XML and HTML files. A remote attacker\ncould provide a specially crafted XML or HTML file that, when processed\nby an application using libxml2, would cause that application to use an\nexcessive amount of CPU, leak potentially sensitive information, or\ncrash the application.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 2.8.0+dfsg1-7+wheezy5.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.9.1+dfsg1-5+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 2.9.3+dfsg1-1 or earlier versions.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.9.3+dfsg1-1 or earlier versions.\n\nWe recommend that you upgrade your libxml2 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-12-23T13:19:18", "type": "debian", "title": "[SECURITY] [DSA 3430-1] libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8317"], "modified": "2015-12-23T13:19:18", "id": "DEBIAN:DSA-3430-1:A974A", "href": "https://lists.debian.org/debian-security-announce/2015/msg00337.html", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "osv": [{"lastseen": "2022-08-05T05:18:18", "description": "\n* [CVE-2018-14404](https://security-tracker.debian.org/tracker/CVE-2018-14404)\nFix of a NULL pointer dereference which might result in a crash and\n thus in a denial of service.\n* [CVE-2018-14567](https://security-tracker.debian.org/tracker/CVE-2018-14567) /\n [CVE-2018-9251](https://security-tracker.debian.org/tracker/CVE-2018-9251)\nApprovement in LZMA error handling which prevents an infinite loop.\n* [CVE-2017-18258](https://security-tracker.debian.org/tracker/CVE-2017-18258)\nLimit available memory to 100MB to avoid exhaustive memory\n consumption by malicious files.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n2.9.1+dfsg1-5+deb8u7.\n\n\nWe recommend that you upgrade your libxml2 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-27T00:00:00", "type": "osv", "title": "libxml2 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-9251"], "modified": "2022-08-05T05:18:16", "id": "OSV:DLA-1524-1", "href": "https://osv.dev/vulnerability/DLA-1524-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:09:30", "description": "\nSeveral vulnerabilities were discovered in libxml2, a library providing\nsupport to read, modify and write XML and HTML files. A remote attacker\ncould provide a specially crafted XML or HTML file that, when processed\nby an application using libxml2, would cause that application to use an\nexcessive amount of CPU, leak potentially sensitive information, or\ncrash the application.\n\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 2.8.0+dfsg1-7+wheezy5.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.9.1+dfsg1-5+deb8u1.\n\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 2.9.3+dfsg1-1 or earlier versions.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.9.3+dfsg1-1 or earlier versions.\n\n\nWe recommend that you upgrade your libxml2 packages.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-23T00:00:00", "type": "osv", "title": "libxml2 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8317", "CVE-2015-8710"], "modified": "2022-08-10T07:09:23", "id": "OSV:DSA-3430-1", "href": "https://osv.dev/vulnerability/DSA-3430-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T12:33:16", "description": "Florian Weimer discovered that libxml2 incorrectly handled certain XML \ndata. If a user or automated system were tricked into opening a specially \ncrafted document, an attacker could possibly cause resource consumption, \nresulting in a denial of service. This issue only affected \nUbuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-1819)\n\nMichal Zalewski discovered that libxml2 incorrectly handled certain XML \ndata. If a user or automated system were tricked into opening a specially \ncrafted document, an attacker could possibly cause libxml2 to crash, \nresulting in a denial of service. This issue only affected \nUbuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-7941)\n\nKostya Serebryany discovered that libxml2 incorrectly handled certain XML \ndata. If a user or automated system were tricked into opening a specially \ncrafted document, an attacker could possibly cause libxml2 to crash, \nresulting in a denial of service, or possibly execute arbitrary code. \n(CVE-2015-7942)\n\nGustavo Grieco discovered that libxml2 incorrectly handled certain XML \ndata. If a user or automated system were tricked into opening a specially \ncrafted document, an attacker could possibly cause libxml2 to crash, \nresulting in a denial of service. This issue only affected \nUbuntu 14.04 LTS. (CVE-2015-8035)\n", "cvss3": {}, "published": "2015-11-16T00:00:00", "type": "ubuntu", "title": "libxml2 vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7942", "CVE-2015-1819", "CVE-2015-7941", "CVE-2015-8035"], "modified": "2015-11-16T00:00:00", "id": "USN-2812-1", "href": "https://ubuntu.com/security/notices/USN-2812-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ibm": [{"lastseen": "2022-08-04T13:07:56", "description": "## Summary\n\nIBM MQ Appliance has addressed multiple libxml2 vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2015-8035](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035>) \n**DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by the failure to properly detect compression errors by the xz_decomp function. By using specially-crafted XML data, a local attacker could exploit this vulnerability to cause the process to hang. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107845](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107845>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2017-15412](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412>) \n**DESCRIPTION: **Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libXML. By persuading a victim to visit a specially-crafted website, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/136046](<https://exchange.xforce.ibmcloud.com/vulnerabilities/136046>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2017-18258](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258>) \n**DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by a flaw in the xz_head function in xzlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/141432](<https://exchange.xforce.ibmcloud.com/vulnerabilities/141432>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2018-14567](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567>) \n**DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by an error in xzlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148541](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148541>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM MQ Appliance | 9.1 LTS \nIBM MQ Appliance | 9.1 CD \n \n## Remediation/Fixes\n\n**IBM MQ Appliance 9.1 LTS**\n\nApply [fixpack 9.1.0.6](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FIBM+MQ+Appliance+M2000&fixids=9.1.0.6-IBM-MQ-Appliance-U0000&function=fixId> \"fixpack 9.1.0.6\" ), or later.\n\n**IBM MQ Appliance 9.1 CD**\n\nApply [IBM MQ Appliance 9.2](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+MQ+Appliance+M2000&release=9.2.0.0&platform=All&function=all>), or later.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n23 Jul 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud &amp; Data Platform\"},\"Product\":{\"code\":\"SS5K6E\",\"label\":\"IBM MQ Appliance\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"9.1.0.0;9.1.0.1;9.1.0.2;9.1.0.3;9.1.0.4;9.1.0.5;9.1.1;9.1.2;9.1.3;9.1.4;9.1.5\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB36\",\"label\":\"IBM Automation\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-07-27T09:24:37", "type": "ibm", "title": "Security Bulletin: IBM MQ Appliance is affected by multiple libxml2 vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8035", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14567"], "modified": "2020-07-27T09:24:37", "id": "244ECED1318E3472926D72334F870E4E52EEBDA4CBF4408680F466AF6B21AED2", "href": "https://www.ibm.com/support/pages/node/6252773", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-28T22:00:04", "description": "## Summary\n\nIBM QRadar Network Security has addressed the following vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-13734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13734>) \n**DESCRIPTION: **Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in SQLite. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172917](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172917>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2020-5208](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5208>) \n**DESCRIPTION: **ipmitool is vulnerable to a buffer overflow, caused by improper bounds checking by multiple functions. By sending a specially crafted data, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175960](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175960>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2015-8035](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035>) \n**DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by the failure to properly detect compression errors by the xz_decomp function. By using specially-crafted XML data, a local attacker could exploit this vulnerability to cause the process to hang. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107845](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107845>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2016-5131](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131>) \n**DESCRIPTION: **Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libxml. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/115396](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115396>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2017-15412](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412>) \n**DESCRIPTION: **Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libXML. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/136046](<https://exchange.xforce.ibmcloud.com/vulnerabilities/136046>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2017-18258](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258>) \n**DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by a flaw in the xz_head function in xzlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/141432](<https://exchange.xforce.ibmcloud.com/vulnerabilities/141432>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2018-14404](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404>) \n**DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference in the xpath.c:xmlXPathCompOpEval() function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/147260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/147260>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2018-14567](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567>) \n**DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by an error in xzlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148541](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148541>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2016-10245](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10245>) \n**DESCRIPTION: **Doxygen is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the templates/html/search_opensearch.php script. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163624](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163624>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2015-2716](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716>) \n**DESCRIPTION: **Expat, as used in Mozilla Firefox and Thunderbird, is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser. By persuading a victim to open a specially crafted XML file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/103214](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103214>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n \n**CVEID: **[CVE-2019-13232](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13232>) \n**DESCRIPTION: **Info-ZIP UnZip is vulnerable to a denial of service, caused by mishandling the overlapping of files inside a ZIP container. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause resource consumption. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166873](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166873>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM QRadar Network Security 5.4.0\n\nIBM QRadar Network Security 5.5.0\n\n## Remediation/Fixes\n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|--- \n \nIBM QRadar Network Security\n\n| \n\n5.4.0\n\n| \n\nInstall Firmware 5.4.0.11 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector. \nOr \nDownload Firmware 5.4.0.11 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \n \nIBM QRadar Network Security\n\n| \n\n5.5.0\n\n| \n\nInstall Firmware 5.5.0.6 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector. \nOr \nDownload Firmware 5.5.0.6 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\nJune 24, 2020: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSFSVP\",\"label\":\"IBM QRadar Network Security\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"5.4.0, 5.5.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-04-09T15:15:36", "type": "ibm", "title": "Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2716", "CVE-2015-8035", "CVE-2016-10245", "CVE-2016-5131", "CVE-2017-15412", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567", "CVE-2019-13232", "CVE-2019-13734", "CVE-2020-5208"], "modified": "2021-04-09T15:15:36", "id": "2C79ED95B1DDF725C67F241D5C01546FA0476ABBA3CE0E75B8B5CD09C4F93D6C", "href": "https://www.ibm.com/support/pages/node/6238168", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-28T22:08:51", "description": "## Summary\n\nA set of Libxml2 vulnerabilities were disclosed by the Libxml2 Project. Libxml2 is used by Rational Systems Tester. Rational Systems Tester has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-7941_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>)** \nDESCRIPTION:** Libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by improper validation when processing XML files. By using a specially-crafted XML file, an attacker could exploit this vulnerability to cause an out of bounds read error allowing the attacker to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108071_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108071>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2015-7942_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>)** \nDESCRIPTION:** Libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by improper validation when processing XML files. By using a specially-crafted XML file, an attacker could exploit this vulnerability to cause an out of bounds read error allowing the attacker to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108073_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108073>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2015-8035_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035>)** \nDESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by an error when xz support is enabled. By using a specially-crafted xml file, an local attacker could exploit this vulnerability to cause the software to crash. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107845_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107845>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8241_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8242_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108170_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108170>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n**CVEID:** [_CVE-2015-8317_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [_CVE-2015-5312_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n\n**CVEID:** [_CVE-2015-7497_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7498_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7499_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7500_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nRational Systems Tester versions 3.3, 3.3.0.1, 3.3.0.2, 3.3.0.3, 3.3.0.4, 3.3.0.5, 3.3.0.6, 3.3.0.7, 3.3.0.7 Interim Fix 1, 3.3.0.7 Interim Fix 2\n\n## Remediation/Fixes\n\nUpgrade to Rational Systems Tester Interim Fix 3 for 3.3.0.7. \n[Rational Systems Tester (3.3.0.7.iFix3, Windows)](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Rational/Rational+Systems+Tester&release=3.3.0.7&platform=Windows&function=all>) \n[Rational Systems Tester (3.3.0.7.iFix3, Linux)](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Rational/Rational+Systems+Tester&release=3.3.0.7&platform=Linux&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n25 December 2015: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Internal Use Only\n\nAdvisory # 4327 Record # 66209\n\n[{\"Product\":{\"code\":\"SSYQJP\",\"label\":\"Rational Systems Tester\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud &amp; Data Platform\"},\"Component\":\"Documentation\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"3.3;3.3.0.1;3.3.0.2;3.3.0.3;3.3.0.4;3.3.0.5;3.3.0.6\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2018-06-17T05:07:59", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Libxml2 affect Rational Systems Tester", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2018-06-17T05:07:59", "id": "DAE66C3F24DC9C9F32A4918C846A8F515A6E526CE6B4F5F2BBF09EFE18B62398", "href": "https://www.ibm.com/support/pages/node/274269", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T22:09:02", "description": "## Summary\n\nIdentity Insight 8.1 product is affected by multiple libXML2 vulnerabilities (CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 CVE-2015-8241 CVE-2015-8242 CVE-2015-1819 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-8317).\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-7941_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using a specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108071_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108071>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2015-7942_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseConditionalSections function. By using a specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108073_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108073>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8035_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035>)** \nDESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by an error when xz support is enabled. By using a specially-crafted xml file, an local attacker could exploit this vulnerability to cause the software to crash. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107845_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107845>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8241_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8242_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108170_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108170>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n**CVEID:** [_CVE-2015-5312_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n\n**CVEID:** [_CVE-2015-7497_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7498_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7499_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7500_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n**CVEID:** [_CVE-2015-8317_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n## Affected Products and Versions\n\nIdentity Insight 8.1\n\n## Remediation/Fixes\n\nDownload and apply isii_8.1.0.4_ifix003 from [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Identity+Insight&release=All&platform=All&function=all>).\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n11 February 2016: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SS2HSB\",\"label\":\"InfoSphere Identity Insight\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"8.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2018-06-16T13:38:33", "type": "ibm", "title": "Security Bulletin: OpenSource libXML2 Vulnerabilities affect Identity Insight 8.1", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2018-06-16T13:38:33", "id": "D4D9239D39380DAAAF0663AA50B7560152F0E3980E2EE27DD40046B16E4D33B3", "href": "https://www.ibm.com/support/pages/node/540751", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T22:09:01", "description": "## Summary\n\nMultiple vulnerabilities in libpng and libxml affect Rational DOORS\n\n## Vulnerability Details\n\n**CVE-ID**: [CVE-2015-1819](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>) \n**Description**: Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \n**CVSS Base Score**: 5.300 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/107272> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVE-ID**: [CVE-2015-7941](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>) \n**Description**: Libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by improper validation when processing XML files. By using a specially-crafted XML file, an attacker could exploit this vulnerability to cause an out of bounds read error allowing the attacker to execute arbitrary code on the system. \n**CVSS Base Score**: 9.800 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/108071> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVE-ID**: [CVE-2015-7942](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>) \n**Description**: Libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by improper validation when processing XML files. By using a specially-crafted XML file, an attacker could exploit this vulnerability to cause an out of bounds read error allowing the attacker to execute arbitrary code on the system. \n**CVSS Base Score**: 9.800 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/108073> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVE-ID**: [CVE-2015-8035](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035>) \nDescription: libxml2 is vulnerable to a denial of service, caused by an error when xz support is enabled. By using a specially-crafted xml file, an local attacker could exploit this vulnerability to cause the software to crash. \n**CVSS Base Score**: 4.000 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/107845> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVE-ID**: [CVE-2015-8241](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>) \nDescription: libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n**CVSS Base Score**: 5.900 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/108169> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVE-ID**: [CVE-2015-8242](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>) \n**Description**: libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n**CVSS Base Score**: 5.900 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/108170> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n** \nCVE-ID**: [CVE-2015-5312](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDescription**: An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)** \n \nCVE-ID**: [CVE-2015-7497](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDescription**: Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)** \n \nCVE-ID**: [CVE-2015-7498](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDescription**: An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)** \n \nCVE-ID**: [CVE-2015-7499](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDescription**: An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)** \n \nCVE-ID**: [CVE-2015-7500](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDescription**: Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n**CVE-ID**: [CVE-2015-8317](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDescription**: libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.** \nCVSS Base Score**: 5.900** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVE-ID**: [CVE-2015-8710](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710>)** \nDescription**: Libxml2 is vulnerable to a denial of service, caused by an out-of-bounds memory access when parsing an unclosed HTML comment. By using the \"\"&lt;!--\"\" HTML comment without close, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/110076_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110076>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [_CVE-2016-2073_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds read in the htmlParseNameComplex() function. By persuading a victim to open a specially crafted XML file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n**CVSS Base Score:** 6.3 \n**CVSS Temporal Score:** See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/110307_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110307>) for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n\n## Affected Products and Versions\n\nRational DOORS: 9.6.0.0 - 9.6.0.3, 9.6.1.0 - 9.6.1.4 \n \nThe following Rational DOORS components are affected: \n\n * Rational DOORS desktop client\n * Rational DOORS database server\n * Rational DOORS interoperation server\n\n## Remediation/Fixes\n\nUpgrade to the fix pack that corresponds to the version of Rational DOORS that you are running, as shown in the following table. Upgrade the Rational DOORS client, the Rational DOORS database server, and the Rational DOORS interoperation server. \nYou should verify applying this fix does not cause any compatibility issues. \n \n\n\n**Rational DOORS version**| **Upgrade to fix pack** \n---|--- \n9.6.0 \n9.6.0.1 - 9.6.0.4| [9.6.0.5](<http://www.ibm.com/support/docview.wss?uid=swg24041347>) \n9.6.1 \n9.6.1.1 - 9.6.1.4| [9.6.1.5](<http://www.ibm.com/support/docview.wss?uid=swg24041346>) \n \n_For Rational DOORS version 9.2.x and earlier, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\nIf you are using Rational DOORS Web Access, after you upgrade _but before you start the Rational DOORS Web Access server_, edit the core configuration file and set the required version of the interoperation server to the version of the fix pack upgrade, as described in this procedure.\n\n**Procedure:**\n\n 1. To edit the Rational DOORS Web Access core configuration file, open the `festival.xml` file, which is in the `server\\festival\\config` directory. \n \n\n 2. Add the following line in the `<f:properties>` section: \n \n`` \n``&lt;**f:property name=\"interop.version\" value=\"9.n.n.n\"** /&gt;` \n`` \n \n`Replace \"`9.n.n.n`\" with the version of the fix pack upgrade: 9.6.0.5 or 9.6.1.5. \n \n\n 3. Save and close the file. \n \n\n\nAfter this revision, only the specified version of the interoperation server can access the Rational DOORS database. \n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nNone\n\n## Change History\n\n* 11 February 2016: Original copy published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSKR2T\",\"label\":\"IBM Engineering Requirements Management DOORS\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Configuration\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"9.6;9.6.0.1;9.6.0.2;9.6.0.3;9.6.1;9.6.1.1;9.6.1.2;9.6.1.3;9.6.1.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-01T08:19:24", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in libpng and libxml affect Rational DOORS", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317", "CVE-2015-8710", "CVE-2016-2073"], "modified": "2020-05-01T08:19:24", "id": "D911317A5AB78973EC0BCDD274D56A8146D89345FD34F13DAEEC08B6503FEAE0", "href": "https://www.ibm.com/support/pages/node/273049", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-30T21:44:48", "description": "## Problem\n\nCognos Analytics and Cognos Business Intelligence Security Bulletins and Alerts.\n\n## Resolving The Problem\n\n## Tab navigation\n\n * CA 11.0.x\n * BI 10.2.2\n * BI 10.2.1\n * BI 10.2\n\nSecurity bulletins and Alerts for Cognos Analytics 11.0.x. \n--- \n**Published / Updated** | **Title** \nJanuary 2018 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22011561>) \nJanuary 2018 | [Cognos Analytics\u306eLibxml2\u8106\u5f31\u6027\u306b\u3064\u3044\u3066](<http://www.ibm.com/support/docview.wss?uid=swg22012361>) \nJanuary 2018 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22011810>) \nSeptember 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22007242>) \nAugust 2017 | [Cognos Analytics \u306f\u30af\u30ed\u30b9\u30b5\u30a4\u30c8\u30b9\u30af\u30ea\u30d7\u30c6\u30a3\u30f3\u30b0(XSS)\u306e\u8106\u5f31\u6027\u306e\u5f71\u97ff\u3092\u53d7\u3051\u307e\u3059](<http://www.ibm.com/support/docview.wss?uid=swg22007549>) \nJuly 2017 | [Cognos Analytics is not affected by the Apache Xalan-Java vulnerability (CVE-2014-0107)](<http://www-01.ibm.com/support/docview.wss?uid=swg22005943>) \nJune 2017 | [Cognos Analytics is affected by a Cross-Site Scripting (XSS) vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg22004980>) \nMay 2017 | [Cognos Analytics is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www-01.ibm.com/support/docview.wss?uid=swg22003427>) \nMay 2017 | [Cognos Analytics is affected by CVE-2016-0398](<http://www-01.ibm.com/support/docview.wss?uid=swg21977070>) \nMay 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg22000095>) \nApril 2017 | [Cross Site Scripting (XSS) vulnerability affects Cognos Analytics](<http://www-01.ibm.com/support/docview.wss?uid=swg21999791>) \nMarch 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21998887>) \nMarch 2017 | [Privilege Escalation vulnerability affects Cognos Analytics (CVE-2016-8960)](<http://www-01.ibm.com/support/docview.wss?uid=swg21993720>) \nJanuary 2017 | [A vulnerability in the GSKit component of Cognos Analytics (CVE-2016-0201)](<http://www-01.ibm.com/support/docview.wss?uid=swg21975045>) \nJanuary 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21996417>) \n \nSecurity bulletins and Alerts for Cognos Busines Intelligence 10.2.2. \n--- \n**Published / Updated**| **Title** \nJuly 2018| [IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=ibm10715641>) \nApril 2018| [Cognos Metrics Manager 2018 Q1 Security Update](<http://www.ibm.com/support/docview.wss?uid=swg22014720>) \nDecember 2017| [Multiple vulnerabilities in Libxml2 affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22011764>) \nDecember 2017| [Cognos Business Intelligence Server 2017Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22007952>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009441>) \nOctober 2017| [A vulnerability in the Apache Xerces-C XML Parser affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009438>) \nOctober 2017| [Cognos Business Intelligence Server 2017Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22009259>) \nOctober 2017| [A vulnerability in the libpng library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004076>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004070>) \nJune 2017| [Cognos Business Intelligence Server 2017Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22004036>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004078>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004077>) \nMay 2017| [A vulnerability in the GSKit library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004075>) \nMay 2017| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004074>) \nMay 2017| [Cognos Business Intelligence is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www.ibm.com/support/docview.wss?uid=swg22003426>) \nApril 2017| [Vulnerability in IBM WebSphere Application Server affects Cognos Metrics Manager (CVE-2015-2017)](<http://www.ibm.com/support/docview.wss?uid=swg21976798>) \nApril 2017| [Multiple vulnerabilities in Apache HttpComponents affect Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577)](<http://www.ibm.com/support/docview.wss?uid=swg21970193>) \nMarch 2017| [Multiple vulnerabilities in Apache Tomcat affect Cognos Metrics Manager (CVE-2016-0762, CVE-2016-6816)](<http://www.ibm.com/support/docview.wss?uid=swg21999723>) \nMarch 2017| [A vulnerability in IBM Websphere Application Server affects Cognos Metrics Manager (CVE-2016-5983)](<http://www.ibm.com/support/docview.wss?uid=swg21999722>) \nMarch 2017| [Cognos Business Intelligence Server 2017Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21999671>) \nMarch 2017| [Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960)](<http://www.ibm.com/support/docview.wss?uid=swg21993718>) \nJanuary 2017| [Cognos Business Intelligence is affected by a vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21996809>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21995691>) \nJanuary 2017| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3485)](<http://www.ibm.com/support/docview.wss?uid=swg21995206>) \nJanuary 2017| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2016-3705, CVE-2016-4447, CVE-2016-4448)](<http://www.ibm.com/support/docview.wss?uid=swg21995198>) \nJanuary 2017| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)](<http://www.ibm.com/support/docview.wss?uid=swg21993856>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21984323>) \nOctober 2016| [Cognos Business Intelligence Server 2016Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21979767>) \nJuly 2016| [A vulnerability in the Apache Xerces-C XML parser affects Cognos Metrics Manager (CVE-2016-0729)](<http://www.ibm.com/support/docview.wss?uid=swg21986259>) \nJuly 2016| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3427)](<http://www.ibm.com/support/docview.wss?uid=swg21985522>) \nJuly 2016| [A vulnerability in Apache Tomcat affects Cognos Metrics Manager (CVE-2015-5345)](<http://www.ibm.com/support/docview.wss?uid=swg21982821>) \nJuly 2016| [A vulnerability in OpenSSL affects Cognos Metrics Manager (CVE-2016-2106, CVE-2016-2107, CVE-2016-2108)](<http://www.ibm.com/support/docview.wss?uid=swg21977114>) \nMay 2016| [Cognos Business Intelligence Server is affected by CVE-2016-0398](<http://www.ibm.com/support/docview.wss?uid=swg21983247>) \nMay 2016| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)](<http://www.ibm.com/support/docview.wss?uid=swg21977221>) \nMay 2016| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2016-0448, CVE-2016-0466)](<http://www.ibm.com/support/docview.wss?uid=swg21977134>) \nMarch 2016| [Multiple vulnerabilities in libpng affect Cognos Metrics Manager (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21976924>) \nFebruary 2016| [Several vulnerabilities in the libpng component of Cognos Business Intelligence Server (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21977053>) \nJanuary 2016| [A vulnerability in the GSKit component of Cognos Business Intelligence Server (CVE-2016-0201)](<http://www.ibm.com/support/docview.wss?uid=swg21975044>) \nJanuary 2016| [A vulnerability in the GSKit component of Cognos Metrics Manager (CVE-2016-0201)](<http://www.ibm.com/support/docview.wss?uid=swg21974810>) \nNovember 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-4872)](<http://www.ibm.com/support/docview.wss?uid=swg21971753>) \nNovember 2015| [Vulnerability in Apache Commons affects Cognos Metrics Manager (CVE-2015-7450)](<http://www.ibm.com/support/docview.wss?uid=swg21971382>) \nNovember 2015| [Cognos Business Intelligence Server 2015Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21959874>) \nAugust 2015| [Cognos Business Intelligence Sever 2015Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21963468>) \nAugust 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-2625, CVE-2015-4748, CVE-2015-4749)](<http://www.ibm.com/support/docview.wss?uid=swg21963263>) \nAugust 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0230)](<http://www.ibm.com/support/docview.wss?uid=swg21962903>) \nAugust 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)](<http://www.ibm.com/support/docview.wss?uid=swg21962686>) \nAugust 2015| [Vulnerability in RC4 stream cipher affects Cognos Business Intelligence Server (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21715530>) \nJuly 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Mobile app on Android (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959481>) \nJuly 2015| [Cognos Business Intelligence Sever 2015Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21903752>) \nJuly 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21903565>) \nJuly 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0227)](<http://www.ibm.com/support/docview.wss?uid=swg21903036>) \nJuly 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293)](<http://www.ibm.com/support/docview.wss?uid=swg21902528>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Metrics Manager (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959812>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Business Intelligence (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959671>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Business Intelligence (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21700709>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Metrics Manager (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21697317>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Mobile app on Android (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21883588>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Metrics Manager (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21720187>) \nApril 2015| [Vulnerability exists in GSKit that affects Cognos Metrics Manager (CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701318>) \nApril 2015| [Vulnerability in IBM WebSphere Application Server affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701222>) \nApril 2015| [Vulnerabilities in IBM WebSphere Application Server and GSKit affects Cognos Business Intelligence (CVE-2015-0138, CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701210>) \nApril 2015| [Vulnerability in IBM Runtime Environment Java Technology Edition affects Cognos Business Intelligence Server (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701200>) \nApril 2015| [Vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701192>) \nMarch 2015| [Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg21698818>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0410, CVE-2014-6593)](<http://www.ibm.com/support/docview.wss?uid=swg21698154>) \nMarch 2015| [Multiple vulnerabilities in the Libpng library affect Cognos Metrics Manager (CVE-2015-0973, CVE-2014-9495)](<http://www.ibm.com/support/docview.wss?uid=swg21697296>) \nMarch 2015| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204)](<http://www.ibm.com/support/docview.wss?uid=swg21695694>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2014-3566, CVE-2014-6457)](<http://www.ibm.com/support/docview.wss?uid=swg21691561>) \nFebruary 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2014-4263)](<http://www.ibm.com/support/docview.wss?uid=swg21688596>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Business Intelligence (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693422>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Metrics Manager (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693182>) \nDecember 2014| [Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21692267>) \nDecember 2014| [A vulnerability in the Mozilla Network Security Services (NSS) affects Cognos Metrics Manager (CVE-2014-1568)](<http://www.ibm.com/support/docview.wss?uid=swg21691656>) \nDecember 2014| [A vulnerability in Apache Axis affects Cognos Metrics Manager (CVE-2012-5784)](<http://www.ibm.com/support/docview.wss?uid=swg21691655>) \nDecember 2014| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3567, CVE-2014-3513, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21689333>) \n \nSecurity bulletins and Alerts for Cognos Busines Intelligence 10.2.1. \n--- \n**Published / Updated**| **Title** \nApril 2018| [Cognos Metrics Manager 2018 Q1 Security Update](<http://www.ibm.com/support/docview.wss?uid=swg22014720>) \nDecember 2017| [Multiple vulnerabilities in Libxml2 affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22011764>) \nDecember 2017| [Cognos Business Intelligence Server 2017Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22007952>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009441>) \nOctober 2017| [A vulnerability in the Apache Xerces-C XML Parser affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009438>) \nOctober 2017| [Cognos Business Intelligence Server 2017Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22009259>) \nOctober 2017| [A vulnerability in the libpng library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004076>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004070>) \nJune 2017| [Cognos Business Intelligence Server 2017Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22004036>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004078>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004077>) \nMay 2017| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004074>) \nMay 2017| [Cognos Business Intelligence is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www.ibm.com/support/docview.wss?uid=swg22003426>) \nApril 2017| [Multiple vulnerabilities in Apache HttpComponents affect Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577)](<http://www.ibm.com/support/docview.wss?uid=swg21970193>) \nMarch 2017| [Multiple vulnerabilities in Apache Tomcat affect Cognos Metrics Manager (CVE-2016-0762, CVE-2016-6816)](<http://www.ibm.com/support/docview.wss?uid=swg21999723>) \nMarch 2017| [Cognos Business Intelligence Server 2017Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21999671>) \nMarch 2017| [Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960)](<http://www.ibm.com/support/docview.wss?uid=swg21993718>) \nJanuary 2017| [Cognos Business Intelligence is affected by a vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21996809>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21995691>) \nJanuary 2017| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3485)](<http://www.ibm.com/support/docview.wss?uid=swg21995206>) \nJanuary 2017| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2016-3705, CVE-2016-4447, CVE-2016-4448)](<http://www.ibm.com/support/docview.wss?uid=swg21995198>) \nJanuary 2017| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)](<http://www.ibm.com/support/docview.wss?uid=swg21993856>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21984323>) \nOctober 2016| [Cognos Business Intelligence Server 2016Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21979767>) \nJuly 2016| [A vulnerability in the Apache Xerces-C XML parser affects Cognos Metrics Manager (CVE-2016-0729)](<http://www.ibm.com/support/docview.wss?uid=swg21986259>) \nJuly 2016| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3427)](<http://www.ibm.com/support/docview.wss?uid=swg21985522>) \nJuly 2016| [A vulnerability in Apache Tomcat affects Cognos Metrics Manager (CVE-2015-5345)](<http://www.ibm.com/support/docview.wss?uid=swg21982821>) \nJuly 2016| [A vulnerability in OpenSSL affects Cognos Metrics Manager (CVE-2016-2106, CVE-2016-2107, CVE-2016-2108)](<http://www.ibm.com/support/docview.wss?uid=swg21977114>) \nMay 2016| [Cognos Business Intelligence Server is affected by CVE-2016-0398](<http://www.ibm.com/support/docview.wss?uid=swg21983247>) \nMay 2016| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)](<http://www.ibm.com/support/docview.wss?uid=swg21977221>) \nMay 2016| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2016-0448, CVE-2016-0466)](<http://www.ibm.com/support/docview.wss?uid=swg21977134>) \nMarch 2016| [Multiple vulnerabilities in libpng affect Cognos Metrics Manager (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21976924>) \nFebruary 2016| [Several vulnerabilities in the libpng component of Cognos Business Intelligence Server (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21977053>) \nNovember 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-4872)](<http://www.ibm.com/support/docview.wss?uid=swg21971753>) \nNovember 2015| [Vulnerability in Apache Commons affects Cognos Metrics Manager (CVE-2015-7450)](<http://www.ibm.com/support/docview.wss?uid=swg21971382>) \nNovember 2015| [Cognos Business Intelligence Server 2015Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21959874>) \nAugust 2015| [Cognos Business Intelligence Sever 2015Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21963468>) \nAugust 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-2625, CVE-2015-4748, CVE-2015-4749)](<http://www.ibm.com/support/docview.wss?uid=swg21963263>) \nAugust 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0230)](<http://www.ibm.com/support/docview.wss?uid=swg21962903>) \nAugust 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)](<http://www.ibm.com/support/docview.wss?uid=swg21962686>) \nAugust 2015| [Vulnerability in RC4 stream cipher affects Cognos Business Intelligence Server (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21715530>) \nJuly 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Mobile app on Android (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959481>) \nJuly 2015| [Cognos Business Intelligence Sever 2015Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21903752>) \nJuly 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21903565>) \nJuly 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0227)](<http://www.ibm.com/support/docview.wss?uid=swg21903036>) \nJuly 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293)](<http://www.ibm.com/support/docview.wss?uid=swg21902528>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Metrics Manager (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959812>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Business Intelligence (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959671>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Business Intelligence (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21700709>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Metrics Manager (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21697317>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Mobile app on Android (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21883588>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Metrics Manager (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21720187>) \nApril 2015| [Vulnerabilities in IBM WebSphere Application Server and GSKit affects Cognos Business Intelligence (CVE-2015-0138, CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701210>) \nApril 2015| [Vulnerability in IBM Runtime Environment Java Technology Edition affects Cognos Business Intelligence Server (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701200>) \nApril 2015| [Vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701192>) \nMarch 2015| [Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg21698818>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0410, CVE-2014-6593)](<http://www.ibm.com/support/docview.wss?uid=swg21698154>) \nMarch 2015| [Multiple vulnerabilities in the Libpng library affect Cognos Metrics Manager (CVE-2015-0973, CVE-2014-9495)](<http://www.ibm.com/support/docview.wss?uid=swg21697296>) \nMarch 2015| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204)](<http://www.ibm.com/support/docview.wss?uid=swg21695694>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2014-3566, CVE-2014-6457)](<http://www.ibm.com/support/docview.wss?uid=swg21691561>) \nFebruary 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2014-4263)](<http://www.ibm.com/support/docview.wss?uid=swg21688596>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Business Intelligence (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693422>) \nDecember 2014| [Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21692267>) \nDecember 2014| [A vulnerability in the Mozilla Network Security Services (NSS) affects Cognos Metrics Manager (CVE-2014-1568)](<http://www.ibm.com/support/docview.wss?uid=swg21691656>) \nDecember 2014| [A vulnerability in Apache Axis affects Cognos Metrics Manager (CVE-2012-5784)](<http://www.ibm.com/support/docview.wss?uid=swg21691655>) \nDecember 2014| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3567, CVE-2014-3513, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21689333>) \nNovember 2014| [Cognos BI Server is affected by the following vulnerabilities: CVE-2014-0107, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21682740>) \nSeptember 2014| [Cognos Business Intelligence is not affected by the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)](<http://www.ibm.com/support/docview.wss?uid=swg21685556>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following IBM Java Runtime vulnerabilities: CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21683527>) \nSeptember 2014| [Cognos Metrics Manager is affected by a vulnerability in Apache Xalan-Java (CVE-2014-0107)](<http://www.ibm.com/support/docview.wss?uid=swg21683524>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following Tomcat vulnerabilities: CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119](<http://www.ibm.com/support/docview.wss?uid=swg21683430>) \nSeptember 2014| [OpenSSL Heartbleed Vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21669823>) \nAugust 2014| [Cognos Metrics Manager is affected by the following OpenSSL vulnerabilities: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21677225>) \nJuly 2014| [Cognos BI Server is affected by the following OpenSSL vulnerability: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21680511>) \nJuly 2014| [Security vulnerabilities have been identified in IBM DB2 shipped with Cognos Business Intelligence (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21674489>) \nJuly 2014| [A security vulnerability has been identified in IBM WebSphere Application Server shipped with Cognos Business Intelligence (CVE-2014-0114)](<http://www.ibm.com/support/docview.wss?uid=swg21674099>) \nMay 2014| [Multiple security exposures in Cognos BI Server (CVE-2014- 0416, CVE-2014-0423, CVE-2013-4322)](<http://www.ibm.com/support/docview.wss?uid=swg21671340>) \nMarch 2014| [Multiple security exposures in Cognos BI Server (CVE-2013-6954, CVE-2013-6732, CVE-2013-5802, CVE-2013-5825, CVE-2014-0854, CVE-2014-0861)](<http://www.ibm.com/support/docview.wss?uid=swg21662856>) \nNovember 2013| [Cognos Business Intelligence (CVE-2013-3030, CVE-2013-4002, CVE-2013-2407, CVE-2013-2450, CVE-2013-4034, CVE-2013-5372)](<http://www.ibm.com/support/docview.wss?uid=swg21652590>) \n \nSecurity bulletins and Alerts for Cognos Busines Intelligence 10.2. \n--- \n**Published / Updated**| **Title** \nApril 2018| [Cognos Metrics Manager 2018 Q1 Security Update](<http://www.ibm.com/support/docview.wss?uid=swg22014720>) \nDecember 2017| [Multiple vulnerabilities in Libxml2 affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22011764>) \nDecember 2017| [Cognos Business Intelligence Server 2017Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22007952>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009441>) \nOctober 2017| [A vulnerability in the Apache Xerces-C XML Parser affects Cognos Metrics Manager.](<http://www.ibm.com/support/docview.wss?uid=swg22009438>) \nOctober 2017| [Cognos Business Intelligence Server 2017Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22009259>) \nOctober 2017| [A vulnerability in the libpng library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004076>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004070>) \nJune 2017| [Cognos Business Intelligence Server 2017Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22004036>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004078>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004077>) \nMay 2017| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004074>) \nMay 2017| [Cognos Business Intelligence is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www.ibm.com/support/docview.wss?uid=swg22003426>) \nApril 2017| [Multiple vulnerabilities in Apache HttpComponents affect Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577)](<http://www.ibm.com/support/docview.wss?uid=swg21970193>) \nMarch 2017| [Multiple vulnerabilities in Apache Tomcat affect Cognos Metrics Manager (CVE-2016-0762, CVE-2016-6816)](<http://www.ibm.com/support/docview.wss?uid=swg21999723>) \nMarch 2017| [Cognos Business Intelligence Server 2017Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21999671>) \nMarch 2017| [Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960)](<http://www.ibm.com/support/docview.wss?uid=swg21993718>) \nJanuary 2017| [Cognos Business Intelligence is affected by a vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21996809>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21995691>) \nJanuary 2017| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3485)](<http://www.ibm.com/support/docview.wss?uid=swg21995206>) \nJanuary 2017| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2016-3705, CVE-2016-4447, CVE-2016-4448)](<http://www.ibm.com/support/docview.wss?uid=swg21995198>) \nJanuary 2017| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)](<http://www.ibm.com/support/docview.wss?uid=swg21993856>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21984323>) \nOctober 2016| [Cognos Business Intelligence Server 2016Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21979767>) \nJuly 2016| [A vulnerability in the Apache Xerces-C XML parser affects Cognos Metrics Manager (CVE-2016-0729)](<http://www.ibm.com/support/docview.wss?uid=swg21986259>) \nJuly 2016| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3427)](<http://www.ibm.com/support/docview.wss?uid=swg21985522>) \nJuly 2016| [A vulnerability in Apache Tomcat affects Cognos Metrics Manager (CVE-2015-5345)](<http://www.ibm.com/support/docview.wss?uid=swg21982821>) \nJuly 2016| [A vulnerability in OpenSSL affects Cognos Metrics Manager (CVE-2016-2106, CVE-2016-2107, CVE-2016-2108)](<http://www.ibm.com/support/docview.wss?uid=swg21977114>) \nMay 2016| [Cognos Business Intelligence Server is affected by CVE-2016-0398](<http://www.ibm.com/support/docview.wss?uid=swg21983247>) \nMay 2016| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)](<http://www.ibm.com/support/docview.wss?uid=swg21977221>) \nMay 2016| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2016-0448, CVE-2016-0466)](<http://www.ibm.com/support/docview.wss?uid=swg21977134>) \nMarch 2016| [Multiple vulnerabilities in libpng affect Cognos Metrics Manager (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21976924>) \nFebruary 2016| [Several vulnerabilities in the libpng component of Cognos Business Intelligence Server (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21977053>) \nNovember 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-4872)](<http://www.ibm.com/support/docview.wss?uid=swg21971753>) \nNovember 2015| [Vulnerability in Apache Commons affects Cognos Metrics Manager (CVE-2015-7450)](<http://www.ibm.com/support/docview.wss?uid=swg21971382>) \nNovember 2015| [Cognos Business Intelligence Server 2015Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21959874>) \nAugust 2015| [Cognos Business Intelligence Sever 2015Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21963468>) \nAugust 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-2625, CVE-2015-4748, CVE-2015-4749)](<http://www.ibm.com/support/docview.wss?uid=swg21963263>) \nAugust 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0230)](<http://www.ibm.com/support/docview.wss?uid=swg21962903>) \nAugust 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)](<http://www.ibm.com/support/docview.wss?uid=swg21962686>) \nAugust 2015| [Vulnerability in RC4 stream cipher affects Cognos Business Intelligence Server (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21715530>) \nJuly 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Mobile app on Android (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959481>) \nJuly 2015| [Cognos Business Intelligence Sever 2015Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21903752>) \nJuly 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21903565>) \nJuly 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0227)](<http://www.ibm.com/support/docview.wss?uid=swg21903036>) \nJuly 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293)](<http://www.ibm.com/support/docview.wss?uid=swg21902528>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Metrics Manager (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959812>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Business Intelligence (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959671>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Business Intelligence (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21700709>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Metrics Manager (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21697317>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Mobile app on Android (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21883588>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Metrics Manager (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21720187>) \nApril 2015| [Vulnerabilities in IBM WebSphere Application Server and GSKit affects Cognos Business Intelligence (CVE-2015-0138, CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701210>) \nApril 2015| [Vulnerability in IBM Runtime Environment Java Technology Edition affects Cognos Business Intelligence Server (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701200>) \nApril 2015| [Vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701192>) \nMarch 2015| [Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg21698818>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0410, CVE-2014-6593)](<http://www.ibm.com/support/docview.wss?uid=swg21698154>) \nMarch 2015| [Multiple vulnerabilities in the Libpng library affect Cognos Metrics Manager (CVE-2015-0973, CVE-2014-9495)](<http://www.ibm.com/support/docview.wss?uid=swg21697296>) \nMarch 2015| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204)](<http://www.ibm.com/support/docview.wss?uid=swg21695694>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2014-3566, CVE-2014-6457)](<http://www.ibm.com/support/docview.wss?uid=swg21691561>) \nFebruary 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2014-4263)](<http://www.ibm.com/support/docview.wss?uid=swg21688596>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Business Intelligence (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693422>) \nDecember 2014| [Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21692267>) \nDecember 2014| [A vulnerability in the Mozilla Network Security Services (NSS) affects Cognos Metrics Manager (CVE-2014-1568)](<http://www.ibm.com/support/docview.wss?uid=swg21691656>) \nDecember 2014| [A vulnerability in Apache Axis affects Cognos Metrics Manager (CVE-2012-5784)](<http://www.ibm.com/support/docview.wss?uid=swg21691655>) \nDecember 2014| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3567, CVE-2014-3513, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21689333>) \nDecember 2014| [Vulnerability in SSLv3 affects Cognos Metrics Manager (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21687710>) \nNovember 2014| [Cognos BI Server is affected by the following vulnerabilities: CVE-2014-0107, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21682740>) \nSeptember 2014| [Cognos Business Intelligence is not affected by the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)](<http://www.ibm.com/support/docview.wss?uid=swg21685556>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following IBM Java Runtime vulnerabilities: CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21683527>) \nSeptember 2014| [Cognos Metrics Manager is affected by a vulnerability in Apache Xalan-Java (CVE-2014-0107)](<http://www.ibm.com/support/docview.wss?uid=swg21683524>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following Tomcat vulnerabilities: CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119](<http://www.ibm.com/support/docview.wss?uid=swg21683430>) \nSeptember 2014| [OpenSSL Heartbleed Vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21669823>) \nAugust 2014| [Cognos Metrics Manager is affected by the following OpenSSL vulnerabilities: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21677225>) \nJuly 2014| [Cognos BI Server is affected by the following OpenSSL vulnerability: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21680511>) \nJuly 2014| [Security vulnerabilities have been identified in IBM DB2 shipped with Cognos Business Intelligence (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21674489>) \nJuly 2014| [A security vulnerability has been identified in IBM WebSphere Application Server shipped with Cognos Business Intelligence (CVE-2014-0114)](<http://www.ibm.com/support/docview.wss?uid=swg21674099>) \nMay 2014| [Multiple security exposures in Cognos BI Server (CVE-2014- 0416, CVE-2014-0423, CVE-2013-4322)](<http://www.ibm.com/support/docview.wss?uid=swg21671340>) \nMarch 2014| [Multiple security exposures in Cognos BI Server (CVE-2013-6954, CVE-2013-6732, CVE-2013-5802, CVE-2013-5825, CVE-2014-0854, CVE-2014-0861)](<http://www.ibm.com/support/docview.wss?uid=swg21662856>) \nNovember 2013| [Cognos Business Intelligence (CVE-2013-3030, CVE-2013-4002, CVE-2013-2407, CVE-2013-2450, CVE-2013-4034, CVE-2013-5372)](<http://www.ibm.com/support/docview.wss?uid=swg21652590>) \n \n\\-->\n\n[{\"Product\":{\"code\":\"SSTSF6\",\"label\":\"IBM Cognos Analytics\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud &amp; Data Platform\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"11.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}},{\"Product\":{\"code\":\"SSEP7J\",\"label\":\"Cognos Business Intelligence\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"10.2;10.2.1;10.2.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-07-19T16:57:09", "type": "ibm", "title": "Security Bulletins - Cognos Analytics and Cognos Business Intelligence", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5784", "CVE-2012-6153", "CVE-2013-2407", "CVE-2013-2450", "CVE-2013-3030", "CVE-2013-4002", "CVE-2013-4034", "CVE-2013-4322", "CVE-2013-5372", "CVE-2013-5802", "CVE-2013-5825", "CVE-2013-6732", "CVE-2013-6747", "CVE-2013-6954", "CVE-2014-0075", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0107", "CVE-2014-0114", "CVE-2014-0119", "CVE-2014-0224", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-0423", "CVE-2014-0460", "CVE-2014-0854", "CVE-2014-0861", "CVE-2014-0878", "CVE-2014-0963", "CVE-2014-1568", "CVE-2014-3513", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3568", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-3577", "CVE-2014-4263", "CVE-2014-6145", "CVE-2014-6271", "CVE-2014-6277", "CVE-2014-6278", "CVE-2014-6457", "CVE-2014-6593", "CVE-2014-7169", "CVE-2014-7186", "CVE-2014-7187", "CVE-2014-8275", "CVE-2014-8730", "CVE-2014-8917", "CVE-2014-9495", "CVE-2015-0138", "CVE-2015-0159", "CVE-2015-0204", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293", "CVE-2015-0410", "CVE-2015-0478", "CVE-2015-0488", "CVE-2015-0973", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1792", "CVE-2015-1819", "CVE-2015-2017", "CVE-2015-2625", "CVE-2015-2808", "CVE-2015-4000", "CVE-2015-4748", "CVE-2015-4749", "CVE-2015-4872", "CVE-2015-5312", "CVE-2015-5345", "CVE-2015-7450", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7940", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8126", "CVE-2015-8241", "CVE-2015-8317", "CVE-2015-8472", "CVE-2015-8540", "CVE-2016-0201", "CVE-2016-0398", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0729", "CVE-2016-0762", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2183", "CVE-2016-3427", "CVE-2016-3485", "CVE-2016-3705", "CVE-2016-4447", "CVE-2016-4448", "CVE-2016-5983", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6816", "CVE-2016-8960"], "modified": "2018-07-19T16:57:09", "id": "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "href": "https://www.ibm.com/support/pages/node/568041", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-28T22:02:53", "description": "## Summary\n\nCloud Pak for Security (CP4S) v1.8.1.0 and earlier uses packages that are vulnerable to several CVEs. These have been remediated in the latest product release. Please see below for CVE details and the Remediation section for upgrade instructions. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-8985](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8985>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by a flaw in the pop_fail_stack function. By using a specially crafted extended regular expression, a remote attacker could cause an assertion failure and application crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126591](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126591>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2015-8984](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8984>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by an out-of-bounds read in the fnmatch function. By using a malformed pattern, a remote attacker could cause the application crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126595](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126595>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3426](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426>) \n** DESCRIPTION: **Python pydoc module could allow a remote attacker from within the local network obtain sensitive information. By starting the pydoc server, an attacker could exploit this vulnerability to extract arbitrary files. \nCVSS Base score: 5.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201171](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201171>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2007-3716](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3716>) \n** DESCRIPTION: **Sun JRE (Java Runtime Environment) and JDK (Java Developer's Kit) could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability in the XML Digital Signature implementation. By sending a specially-crafted XML signature containing a malicious XSLT stylesheet, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the application's permissions. \nCVSS Base score: 5.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/35332](<https://exchange.xforce.ibmcloud.com/vulnerabilities/35332>) for the current score. \nCVSS Vector: \n \n** CVEID: **[CVE-2017-18018](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018>) \n** DESCRIPTION: **GNU Coreutils could allow a local attacker to bypass security restrictions, caused by not preventing replacement of a plain file with a symlink issue in chown-core.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to modify the ownership of arbitrary files. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/137123](<https://exchange.xforce.ibmcloud.com/vulnerabilities/137123>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2018-17101](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101>) \n** DESCRIPTION: **LibTIFF is vulnerable to a denial of service, caused by an out-of-bounds write in cpTags in tools/tiff2bw.c and tools/pal2rgb.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149976](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149976>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-10001](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10001>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to obtain sensitive information, caused by improper input validation by the CUPS component. By persuading a victim to open a specially-crafted application, an attacker could exploit this vulnerability to obtain restricted memory information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199353](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199353>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-35448](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35448>) \n** DESCRIPTION: **GNU Binutils is vulnerable to a denial of service, caused by a heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd). By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-26927](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26927>) \n** DESCRIPTION: **JasPer is vulnerable to a denial of service, caused by a NULL pointer dereference in jp2_decode in jp2_dec.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197351](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197351>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-28153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28153>) \n** DESCRIPTION: **GNOME GLib could allow a remote attacker to bypass security restrictions, caused by a flaw when g_file_replace() function is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink. By persuading a victim to open a specially-crafted ZIP archive, an attacker could exploit this vulnerability to overwrite arbitrary files on the sytem. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198147](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198147>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2017-13728](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13728>) \n** DESCRIPTION: **GNU ncurses is vulnerable to a denial of service, caused by an error in the next_char function in comp_scan.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131172](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131172>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7613](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7613>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory allocation failure in elflint.c . By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124513](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124513>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7612](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7612>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in the check_sysv_hash function in elflint.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124512](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124512>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7611](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7611>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in check_symtab_shndx function in elflint.c . By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https:/