DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2021-3468", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-3468", "description": "A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.", "published": "2021-06-02T16:15:00", "modified": "2022-06-07T21:15:00", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1}, "severity": "LOW", "exploitabilityScore": 3.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 1.8, "impactScore": 3.6}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3468", "reporter": "secalert@redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1939614", "https://lists.debian.org/debian-lts-announce/2022/06/msg00009.html"], "cvelist": ["CVE-2021-3468"], "immutableFields": [], "lastseen": "2022-06-07T23:04:50", "viewCount": 182, "enchantments": {"dependencies": {"references": [{"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-3468"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-3468"]}, {"type": "nessus", "idList": ["EULEROS_SA-2021-2352.NASL", "EULEROS_SA-2021-2454.NASL", "EULEROS_SA-2021-2492.NASL", "EULEROS_SA-2021-2757.NASL", "EULEROS_SA-2021-2789.NASL", "EULEROS_SA-2021-2835.NASL", "EULEROS_SA-2021-2885.NASL", "EULEROS_SA-2022-1055.NASL", "EULEROS_SA-2022-1108.NASL", "OPENSUSE-2021-1845.NASL", "OPENSUSE-2021-694.NASL", "SUSE_SU-2021-1493-1.NASL", "SUSE_SU-2021-1493-2.NASL", "SUSE_SU-2021-1494-1.NASL", "SUSE_SU-2021-1494-2.NASL", "SUSE_SU-2021-1845-1.NASL", "UBUNTU_USN-5008-1.NASL", "UBUNTU_USN-5008-2.NASL"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-3468"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:0694-1", "OPENSUSE-SU-2021:1845-1"]}, {"type": "ubuntu", "idList": ["USN-5008-1", "USN-5008-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-3468"]}], "rev": 4}, "score": {"value": 3.8, "vector": "NONE"}, "twitter": {"counter": 4, "tweets": [{"link": "https://twitter.com/kawawa_y/status/1412938585762766848", "text": "avahi 0.6-0.8\u306b\u8106\u5f31\u6027\u304b\u3002\nCVE-2021-3468"}, {"link": "https://twitter.com/threatintelctr/status/1534289916099698689", "text": " NEW: CVE-2021-3468 A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work fu... (click for more) Severity: MEDIUM https://t.co/3NeXRvD1Bj", "author": "threatintelctr", "author_photo": "https://pbs.twimg.com/profile_images/904224973987840000/dMy1x9Ho_400x400.jpg"}, {"link": "https://twitter.com/LinInfoSec/status/1534309453767577601", "text": "Debian - CVE-2021-3468: https://t.co/6fctMRBY3q", "author": "LinInfoSec", "author_photo": "https://pbs.twimg.com/profile_images/806629896705507328/nxrtXOrp_400x400.jpg"}]}, "backreferences": {"references": [{"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-3468"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-3468"]}, {"type": "nessus", "idList": ["OPENSUSE-2021-1845.NASL", "SUSE_SU-2021-1493-1.NASL", "SUSE_SU-2021-1494-1.NASL", "UBUNTU_USN-5008-1.NASL", "UBUNTU_USN-5008-2.NASL"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-3468"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:0694-1", "OPENSUSE-SU-2021:1845-1"]}, {"type": "ubuntu", "idList": ["USN-5008-1", "USN-5008-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-3468"]}]}, "exploitation": null, "vulnersScore": 3.8}, "_state": {"dependencies": 0, "twitter": 1654647993}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/a:avahi:avahi:0.8"], "cpe23": ["cpe:2.3:a:avahi:avahi:0.8:*:*:*:*:*:*:*"], "cwe": ["CWE-835"], "affectedSoftware": [{"cpeName": "avahi:avahi", "version": "0.8", "operator": "le", "name": "avahi"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:avahi:avahi:0.8:*:*:*:*:*:*:*", "versionStartIncluding": "0.6", "versionEndIncluding": "0.8", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939614", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1939614", "refsource": "MISC", "tags": ["Issue Tracking"]}, {"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00009.html", "name": "[debian-lts-announce] 20220607 [SECURITY] [DLA 3047-1] avahi security update", "refsource": "MLIST", "tags": []}]}

{"nessus": [{"lastseen": "2021-12-30T12:16:24", "description": "According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.0 : avahi (EulerOS-SA-2021-2835)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2021-12-29T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:avahi", "p-cpe:/a:huawei:euleros:avahi-autoipd", "p-cpe:/a:huawei:euleros:avahi-glib", "p-cpe:/a:huawei:euleros:avahi-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2021-2835.NASL", "href": "https://www.tenable.com/plugins/nessus/156371", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156371);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/29\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.0 : avahi (EulerOS-SA-2021-2835)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2835\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?06eac4dc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected avahi packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"avahi-0.6.31-19.h4\",\n \"avahi-autoipd-0.6.31-19.h4\",\n \"avahi-glib-0.6.31-19.h4\",\n \"avahi-libs-0.6.31-19.h4\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:02:40", "description": "This update for avahi fixes the following issues :\n\n - CVE-2021-3468: avoid infinite loop by handling HUP event in client_work (bsc#1184521).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-05-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : avahi (openSUSE-2021-694)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2021-06-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:avahi", "p-cpe:/a:novell:opensuse:avahi-32bit-debuginfo", "p-cpe:/a:novell:opensuse:avahi-autoipd", "p-cpe:/a:novell:opensuse:avahi-autoipd-debuginfo", "p-cpe:/a:novell:opensuse:avahi-compat-howl-devel", "p-cpe:/a:novell:opensuse:avahi-compat-mDNSResponder-devel", "p-cpe:/a:novell:opensuse:avahi-debuginfo", "p-cpe:/a:novell:opensuse:avahi-debugsource", "p-cpe:/a:novell:opensuse:avahi-glib2-debugsource", "p-cpe:/a:novell:opensuse:avahi-lang", "p-cpe:/a:novell:opensuse:avahi-mono", "p-cpe:/a:novell:opensuse:avahi-qt4-debugsource", "p-cpe:/a:novell:opensuse:avahi-utils", "p-cpe:/a:novell:opensuse:avahi-utils-debuginfo", "p-cpe:/a:novell:opensuse:avahi-utils-gtk", "p-cpe:/a:novell:opensuse:avahi-utils-gtk-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-client3", "p-cpe:/a:novell:opensuse:libavahi-client3-32bit", "p-cpe:/a:novell:opensuse:libavahi-client3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-client3-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-common3", "p-cpe:/a:novell:opensuse:libavahi-common3-32bit", "p-cpe:/a:novell:opensuse:libavahi-common3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-common3-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-core7", "p-cpe:/a:novell:opensuse:libavahi-core7-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-devel", "p-cpe:/a:novell:opensuse:libavahi-glib-devel", "p-cpe:/a:novell:opensuse:libavahi-glib1", "p-cpe:/a:novell:opensuse:libavahi-glib1-32bit", "p-cpe:/a:novell:opensuse:libavahi-glib1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-glib1-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-gobject-devel", "p-cpe:/a:novell:opensuse:libavahi-gobject0", "p-cpe:/a:novell:opensuse:libavahi-gobject0-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-qt4-1", "p-cpe:/a:novell:opensuse:libavahi-qt4-1-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-qt4-devel", "p-cpe:/a:novell:opensuse:libavahi-ui-gtk3-0", "p-cpe:/a:novell:opensuse:libavahi-ui-gtk3-0-debuginfo", "p-cpe:/a:novell:opensuse:libavahi-ui0", "p-cpe:/a:novell:opensuse:libavahi-ui0-debuginfo", "p-cpe:/a:novell:opensuse:libdns_sd", "p-cpe:/a:novell:opensuse:libdns_sd-32bit", "p-cpe:/a:novell:opensuse:libdns_sd-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdns_sd-debuginfo", "p-cpe:/a:novell:opensuse:libhowl0", "p-cpe:/a:novell:opensuse:libhowl0-debuginfo", "p-cpe:/a:novell:opensuse:python3-avahi", "p-cpe:/a:novell:opensuse:python3-avahi-gtk", "p-cpe:/a:novell:opensuse:typelib-1_0-Avahi-0_6", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-694.NASL", "href": "https://www.tenable.com/plugins/nessus/149612", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-694.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(149612);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/14\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"openSUSE Security Update : avahi (openSUSE-2021-694)\");\n script_summary(english:\"Check for the openSUSE-2021-694 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for avahi fixes the following issues :\n\n - CVE-2021-3468: avoid infinite loop by handling HUP event\n in client_work (bsc#1184521).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1184521\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected avahi packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-autoipd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-compat-howl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-compat-mDNSResponder-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-glib2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-qt4-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-utils-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-utils-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-client3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-client3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-client3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-common3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-common3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-common3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-core7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-core7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-glib1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-glib1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-glib1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-gobject0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-gobject0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-qt4-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-qt4-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-qt4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-ui-gtk3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-ui-gtk3-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-ui0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libavahi-ui0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdns_sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdns_sd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdns_sd-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdns_sd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libhowl0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libhowl0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-avahi-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-Avahi-0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-autoipd-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-autoipd-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-compat-howl-devel-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-compat-mDNSResponder-devel-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-debugsource-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-glib2-debugsource-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-lang-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-utils-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-utils-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-utils-gtk-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"avahi-utils-gtk-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-client3-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-client3-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-common3-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-common3-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-core7-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-core7-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-devel-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-glib-devel-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-glib1-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-glib1-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-gobject-devel-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-gobject0-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-gobject0-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-ui-gtk3-0-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-ui-gtk3-0-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-ui0-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libavahi-ui0-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdns_sd-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdns_sd-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libhowl0-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libhowl0-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-avahi-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-avahi-gtk-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"typelib-1_0-Avahi-0_6-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"avahi-32bit-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"avahi-mono-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"avahi-qt4-debugsource-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libavahi-glib1-32bit-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libavahi-glib1-32bit-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libavahi-qt4-1-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libavahi-qt4-1-debuginfo-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libavahi-qt4-devel-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdns_sd-32bit-0.7-lp152.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdns_sd-32bit-debuginfo-0.7-lp152.3.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi-glib2-debugsource / avahi-utils-gtk / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-19T01:34:07", "description": "According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-11-17T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : avahi (EulerOS-SA-2021-2757)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2022-04-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:avahi-libs", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2021-2757.NASL", "href": "https://www.tenable.com/plugins/nessus/155529", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155529);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/18\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : avahi (EulerOS-SA-2021-2757)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2757\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?49534732\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected avahi packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"avahi-libs-0.7-21.h2.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-13T23:56:59", "description": "According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2022-02-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : avahi (EulerOS-SA-2022-1108)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2022-02-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:avahi", "p-cpe:/a:huawei:euleros:avahi-autoipd", "p-cpe:/a:huawei:euleros:avahi-glib", "p-cpe:/a:huawei:euleros:avahi-gobject", "p-cpe:/a:huawei:euleros:avahi-libs", "p-cpe:/a:huawei:euleros:avahi-ui-gtk3", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2022-1108.NASL", "href": "https://www.tenable.com/plugins/nessus/158027", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158027);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/13\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : avahi (EulerOS-SA-2022-1108)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1108\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5b377116\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected avahi packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-ui-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"avahi-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-autoipd-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-glib-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-gobject-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-libs-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-ui-gtk3-0.6.31-19.h4.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-27T12:52:24", "description": "According to the version of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8.\n The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.(CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-09-14T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : avahi (EulerOS-SA-2021-2352)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:avahi", "p-cpe:/a:huawei:euleros:avahi-autoipd", "p-cpe:/a:huawei:euleros:avahi-glib", "p-cpe:/a:huawei:euleros:avahi-gobject", "p-cpe:/a:huawei:euleros:avahi-libs", "p-cpe:/a:huawei:euleros:avahi-ui-gtk3", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2352.NASL", "href": "https://www.tenable.com/plugins/nessus/153357", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153357);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"EulerOS 2.0 SP2 : avahi (EulerOS-SA-2021-2352)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the avahi packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8.\n The event used to signal the termination of the client\n connection on the avahi Unix socket is not correctly\n handled in the client_work function, allowing a local\n attacker to trigger an infinite loop. The highest\n threat from this vulnerability is to the availability\n of the avahi service, which becomes unresponsive after\n this flaw is triggered.(CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2352\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?184ba923\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected avahi package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-ui-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"avahi-0.6.31-15.1.h2\",\n \"avahi-autoipd-0.6.31-15.1.h2\",\n \"avahi-glib-0.6.31-15.1.h2\",\n \"avahi-gobject-0.6.31-15.1.h2\",\n \"avahi-libs-0.6.31-15.1.h2\",\n \"avahi-ui-gtk3-0.6.31-15.1.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-25T11:43:53", "description": "According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-09-24T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : avahi (EulerOS-SA-2021-2454)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2021-09-24T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:avahi", "p-cpe:/a:huawei:euleros:avahi-autoipd", "p-cpe:/a:huawei:euleros:avahi-devel", "p-cpe:/a:huawei:euleros:avahi-glib", "p-cpe:/a:huawei:euleros:avahi-gobject", "p-cpe:/a:huawei:euleros:avahi-libs", "p-cpe:/a:huawei:euleros:avahi-ui-gtk3", "p-cpe:/a:huawei:euleros:python2-avahi", "p-cpe:/a:huawei:euleros:python3-avahi", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2454.NASL", "href": "https://www.tenable.com/plugins/nessus/153634", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153634);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/24\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"EulerOS 2.0 SP8 : avahi (EulerOS-SA-2021-2454)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2454\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?359c5e9b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected avahi packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-ui-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"avahi-0.7-16.h8.eulerosv2r8\",\n \"avahi-autoipd-0.7-16.h8.eulerosv2r8\",\n \"avahi-devel-0.7-16.h8.eulerosv2r8\",\n \"avahi-glib-0.7-16.h8.eulerosv2r8\",\n \"avahi-gobject-0.7-16.h8.eulerosv2r8\",\n \"avahi-libs-0.7-16.h8.eulerosv2r8\",\n \"avahi-ui-gtk3-0.7-16.h8.eulerosv2r8\",\n \"python2-avahi-0.7-16.h8.eulerosv2r8\",\n \"python3-avahi-0.7-16.h8.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-29T13:09:30", "description": "This update for avahi fixes the following issues :\n\nCVE-2021-3468: avoid infinite loop by handling HUP event in client_work (bsc#1184521).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-05-05T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : avahi (SUSE-SU-2021:1493-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:avahi", "p-cpe:/a:novell:suse_linux:avahi-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:avahi-autoipd", "p-cpe:/a:novell:suse_linux:avahi-autoipd-debuginfo", "p-cpe:/a:novell:suse_linux:avahi-compat-howl-devel", "p-cpe:/a:novell:suse_linux:avahi-compat-mDNSResponder-devel", "p-cpe:/a:novell:suse_linux:avahi-debuginfo", "p-cpe:/a:novell:suse_linux:avahi-debugsource", "p-cpe:/a:novell:suse_linux:avahi-glib2-debugsource", "p-cpe:/a:novell:suse_linux:avahi-utils", "p-cpe:/a:novell:suse_linux:avahi-utils-debuginfo", "p-cpe:/a:novell:suse_linux:avahi-utils-gtk", "p-cpe:/a:novell:suse_linux:avahi-utils-gtk-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-client3", "p-cpe:/a:novell:suse_linux:libavahi-client3-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-client3-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-common3", "p-cpe:/a:novell:suse_linux:libavahi-common3-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-common3-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-core7", "p-cpe:/a:novell:suse_linux:libavahi-core7-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-devel", "p-cpe:/a:novell:suse_linux:libavahi-glib-devel", "p-cpe:/a:novell:suse_linux:libavahi-glib1", "p-cpe:/a:novell:suse_linux:libavahi-glib1-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-gobject-devel", "p-cpe:/a:novell:suse_linux:libavahi-gobject0", "p-cpe:/a:novell:suse_linux:libavahi-gobject0-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-ui-gtk3", "p-cpe:/a:novell:suse_linux:libavahi-ui-gtk3-0-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-ui0", "p-cpe:/a:novell:suse_linux:libavahi-ui0-debuginfo", "p-cpe:/a:novell:suse_linux:libdns_sd", "p-cpe:/a:novell:suse_linux:libdns_sd-debuginfo", "p-cpe:/a:novell:suse_linux:libhowl0", "p-cpe:/a:novell:suse_linux:libhowl0-debuginfo", "p-cpe:/a:novell:suse_linux:python3-avahi", "p-cpe:/a:novell:suse_linux:typelib-1_0-Avahi", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1493-1.NASL", "href": "https://www.tenable.com/plugins/nessus/149268", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1493-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149268);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : avahi (SUSE-SU-2021:1493-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for avahi fixes the following issues :\n\nCVE-2021-3468: avoid infinite loop by handling HUP event in\nclient_work (bsc#1184521).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1184521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3468/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211493-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6b95a038\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 :\n\nzypper in -t patch\nSUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2021-1493=1\n\nSUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2021-1493=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP3 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP3-2021-1493=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP2-2021-1493=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP3 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2021-1493=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2021-1493=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-autoipd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-compat-howl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-compat-mDNSResponder-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-glib2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-core7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-core7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-gobject0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-gobject0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-ui-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-ui-gtk3-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-ui0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-ui0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns_sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns_sd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libhowl0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libhowl0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-Avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"3\", cpu:\"x86_64\", reference:\"avahi-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-autoipd-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-autoipd-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-compat-howl-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-compat-mDNSResponder-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-debugsource-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-glib2-debugsource-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-utils-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-utils-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-utils-gtk-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"avahi-utils-gtk-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-client3-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-client3-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-common3-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-common3-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-core7-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-core7-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-glib-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-glib1-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-glib1-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-gobject-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-gobject0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-gobject0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-ui-gtk3-0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-ui-gtk3-0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-ui0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libavahi-ui0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libdns_sd-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libdns_sd-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libhowl0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libhowl0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"python3-avahi-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"typelib-1_0-Avahi-0_6-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"avahi-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-autoipd-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-autoipd-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-compat-howl-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-compat-mDNSResponder-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-debugsource-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-glib2-debugsource-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-utils-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-utils-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-utils-gtk-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"avahi-utils-gtk-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-client3-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-client3-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-common3-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-common3-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-core7-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-core7-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-glib-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-glib1-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-glib1-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-gobject-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-gobject0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-gobject0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-ui-gtk3-0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-ui-gtk3-0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-ui0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libavahi-ui0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdns_sd-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdns_sd-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libhowl0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libhowl0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"python3-avahi-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"typelib-1_0-Avahi-0_6-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", cpu:\"x86_64\", reference:\"avahi-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-autoipd-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-autoipd-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-compat-howl-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-compat-mDNSResponder-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-debugsource-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-glib2-debugsource-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-utils-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-utils-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-utils-gtk-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"avahi-utils-gtk-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-client3-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-client3-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-common3-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-common3-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-core7-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-core7-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-glib-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-glib1-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-glib1-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-gobject-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-gobject0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-gobject0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-ui-gtk3-0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-ui-gtk3-0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-ui0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libavahi-ui0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libdns_sd-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libdns_sd-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libhowl0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libhowl0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"python3-avahi-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"typelib-1_0-Avahi-0_6-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"avahi-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-autoipd-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-autoipd-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-compat-howl-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-compat-mDNSResponder-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-debugsource-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-glib2-debugsource-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-utils-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-utils-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-utils-gtk-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"avahi-utils-gtk-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-client3-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-client3-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-common3-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-common3-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-core7-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-core7-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-glib-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-glib1-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-glib1-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-gobject-devel-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-gobject0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-gobject0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-ui-gtk3-0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-ui-gtk3-0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-ui0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libavahi-ui0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdns_sd-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdns_sd-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libhowl0-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libhowl0-debuginfo-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"python3-avahi-0.7-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"typelib-1_0-Avahi-0_6-0.7-3.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-19T01:34:55", "description": "According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-11-17T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : avahi (EulerOS-SA-2021-2789)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2022-04-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:avahi-libs", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2021-2789.NASL", "href": "https://www.tenable.com/plugins/nessus/155471", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155471);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/18\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : avahi (EulerOS-SA-2021-2789)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2789\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?38d65a3b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected avahi packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"avahi-libs-0.7-21.h2.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-13T11:43:50", "description": "According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2022-02-12T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : avahi (EulerOS-SA-2022-1055)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2022-02-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:avahi", "p-cpe:/a:huawei:euleros:avahi-autoipd", "p-cpe:/a:huawei:euleros:avahi-devel", "p-cpe:/a:huawei:euleros:avahi-glib", "p-cpe:/a:huawei:euleros:avahi-gobject", "p-cpe:/a:huawei:euleros:avahi-libs", "p-cpe:/a:huawei:euleros:avahi-ui-gtk3", "p-cpe:/a:huawei:euleros:python2-avahi", "p-cpe:/a:huawei:euleros:python3-avahi", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2022-1055.NASL", "href": "https://www.tenable.com/plugins/nessus/157941", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157941);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/12\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : avahi (EulerOS-SA-2022-1055)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1055\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cec45801\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected avahi packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-ui-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"avahi-0.7-16.h8.eulerosv2r8\",\n \"avahi-autoipd-0.7-16.h8.eulerosv2r8\",\n \"avahi-devel-0.7-16.h8.eulerosv2r8\",\n \"avahi-glib-0.7-16.h8.eulerosv2r8\",\n \"avahi-gobject-0.7-16.h8.eulerosv2r8\",\n \"avahi-libs-0.7-16.h8.eulerosv2r8\",\n \"avahi-ui-gtk3-0.7-16.h8.eulerosv2r8\",\n \"python2-avahi-0.7-16.h8.eulerosv2r8\",\n \"python3-avahi-0.7-16.h8.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-28T11:49:11", "description": "According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-09-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : avahi (EulerOS-SA-2021-2492)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2021-09-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:avahi", "p-cpe:/a:huawei:euleros:avahi-autoipd", "p-cpe:/a:huawei:euleros:avahi-glib", "p-cpe:/a:huawei:euleros:avahi-gobject", "p-cpe:/a:huawei:euleros:avahi-libs", "p-cpe:/a:huawei:euleros:avahi-ui-gtk3", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2492.NASL", "href": "https://www.tenable.com/plugins/nessus/153714", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153714);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/27\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"EulerOS 2.0 SP5 : avahi (EulerOS-SA-2021-2492)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2492\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ecb7312f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected avahi packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-ui-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"avahi-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-autoipd-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-glib-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-gobject-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-libs-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-ui-gtk3-0.6.31-19.h4.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-07T11:57:10", "description": "According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2022-01-06T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.6 : avahi (EulerOS-SA-2021-2885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2022-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:avahi", "p-cpe:/a:huawei:euleros:avahi-autoipd", "p-cpe:/a:huawei:euleros:avahi-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.6"], "id": "EULEROS_SA-2021-2885.NASL", "href": "https://www.tenable.com/plugins/nessus/156494", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156494);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/06\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.6 : avahi (EulerOS-SA-2021-2885)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2885\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3be4f61e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected avahi packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:avahi-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.6\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"avahi-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-autoipd-0.6.31-19.h4.eulerosv2r7\",\n \"avahi-libs-0.6.31-19.h4.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-01T00:00:00", "description": "The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5008-2 advisory.\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-07-08T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Avahi vulnerability (USN-5008-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2021-07-08T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:avahi-autoipd", "p-cpe:/a:canonical:ubuntu_linux:avahi-daemon", "p-cpe:/a:canonical:ubuntu_linux:avahi-discover", "p-cpe:/a:canonical:ubuntu_linux:avahi-dnsconfd", "p-cpe:/a:canonical:ubuntu_linux:avahi-ui-utils", "p-cpe:/a:canonical:ubuntu_linux:avahi-utils", "p-cpe:/a:canonical:ubuntu_linux:libavahi-client-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-client3", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common-data", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common3", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common3-udeb", "p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd1", "p-cpe:/a:canonical:ubuntu_linux:libavahi-core-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-core7", "p-cpe:/a:canonical:ubuntu_linux:libavahi-core7-udeb", "p-cpe:/a:canonical:ubuntu_linux:libavahi-glib-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-glib1", "p-cpe:/a:canonical:ubuntu_linux:libavahi-gobject-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-gobject0", "p-cpe:/a:canonical:ubuntu_linux:libavahi-qt4-1", "p-cpe:/a:canonical:ubuntu_linux:libavahi-qt4-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-ui-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-ui-gtk3-0", "p-cpe:/a:canonical:ubuntu_linux:libavahi-ui-gtk3-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-ui0", "p-cpe:/a:canonical:ubuntu_linux:python-avahi"], "id": "UBUNTU_USN-5008-2.NASL", "href": "https://www.tenable.com/plugins/nessus/151451", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5008-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151451);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/08\");\n\n script_cve_id(\"CVE-2021-3468\");\n script_xref(name:\"USN\", value:\"5008-2\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Avahi vulnerability (USN-5008-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the\nUSN-5008-2 advisory.\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5008-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-discover\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-dnsconfd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-ui-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-client-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common3-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-core-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-core7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-core7-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-glib-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-gobject-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-gobject0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-qt4-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-qt4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-ui-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-ui-gtk3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-ui-gtk3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-ui0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-avahi\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '16.04', 'pkgname': 'avahi-autoipd', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'avahi-daemon', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'avahi-discover', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'avahi-dnsconfd', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'avahi-ui-utils', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'avahi-utils', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-client-dev', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-client3', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-common-data', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-common-dev', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-common3', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-common3-udeb', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-compat-libdnssd-dev', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-compat-libdnssd1', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-core-dev', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-core7', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-core7-udeb', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-glib-dev', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-glib1', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-gobject-dev', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-gobject0', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-qt4-1', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-qt4-dev', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-ui-dev', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-ui-gtk3-0', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-ui-gtk3-dev', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'libavahi-ui0', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'},\n {'osver': '16.04', 'pkgname': 'python-avahi', 'pkgver': '0.6.32~rc+dfsg-1ubuntu2.3+esm1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'avahi-autoipd / avahi-daemon / avahi-discover / avahi-dnsconfd / etc');\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-23T12:08:49", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:1493-2 advisory.\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-06-07T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : avahi (SUSE-SU-2021:1493-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2022-01-21T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:avahi", "p-cpe:/a:novell:suse_linux:avahi-autoipd", "p-cpe:/a:novell:suse_linux:avahi-compat-howl-devel", "p-cpe:/a:novell:suse_linux:avahi-compat-mDNSResponder-devel", "p-cpe:/a:novell:suse_linux:avahi-lang", "p-cpe:/a:novell:suse_linux:avahi-utils", "p-cpe:/a:novell:suse_linux:avahi-utils-gtk", "p-cpe:/a:novell:suse_linux:libavahi-client3", "p-cpe:/a:novell:suse_linux:libavahi-client3-32bit", "p-cpe:/a:novell:suse_linux:libavahi-common3", "p-cpe:/a:novell:suse_linux:libavahi-common3-32bit", "p-cpe:/a:novell:suse_linux:libavahi-core7", "p-cpe:/a:novell:suse_linux:libavahi-devel", "p-cpe:/a:novell:suse_linux:libavahi-glib-devel", "p-cpe:/a:novell:suse_linux:libavahi-glib1", "p-cpe:/a:novell:suse_linux:libavahi-gobject-devel", "p-cpe:/a:novell:suse_linux:libavahi-gobject0", "p-cpe:/a:novell:suse_linux:libavahi-ui-gtk3-0", "p-cpe:/a:novell:suse_linux:libavahi-ui0", "p-cpe:/a:novell:suse_linux:libdns_sd", "p-cpe:/a:novell:suse_linux:libhowl0", "p-cpe:/a:novell:suse_linux:typelib-1_0-Avahi-0_6", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1493-2.NASL", "href": "https://www.tenable.com/plugins/nessus/150306", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:1493-2. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150306);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/21\");\n\n script_cve_id(\"CVE-2021-3468\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:1493-2\");\n\n script_name(english:\"SUSE SLES15 Security Update : avahi (SUSE-SU-2021:1493-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-\nSU-2021:1493-2 advisory.\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1184521\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-June/008937.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?119c618e\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3468\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-compat-howl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-compat-mDNSResponder-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-core7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-gobject0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-ui-gtk3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-ui0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns_sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libhowl0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-Avahi-0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'avahi-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'avahi-autoipd-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'avahi-compat-howl-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'avahi-compat-mDNSResponder-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'avahi-lang-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'avahi-utils-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'avahi-utils-gtk-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-client3-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-client3-32bit-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-common3-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-common3-32bit-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-core7-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-glib-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-glib1-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-gobject-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-gobject0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-ui-gtk3-0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libavahi-ui0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libdns_sd-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'libhowl0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'typelib-1_0-Avahi-0_6-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'avahi-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-autoipd-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-autoipd-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-compat-howl-devel-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-compat-howl-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-compat-mDNSResponder-devel-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-compat-mDNSResponder-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-lang-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-utils-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-utils-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-utils-gtk-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-utils-gtk-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-client3-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-client3-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-client3-32bit-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-common3-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-common3-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-common3-32bit-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-core7-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-core7-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-devel-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-glib-devel-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-glib-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-glib1-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-glib1-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-gobject-devel-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-gobject-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-gobject0-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-gobject0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-ui-gtk3-0-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-ui-gtk3-0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-ui0-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libavahi-ui0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libdns_sd-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libdns_sd-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libhowl0-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libhowl0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'typelib-1_0-Avahi-0_6-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'typelib-1_0-Avahi-0_6-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'avahi-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-autoipd-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-autoipd-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-compat-howl-devel-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-compat-howl-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-compat-mDNSResponder-devel-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-compat-mDNSResponder-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-lang-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-utils-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-utils-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-utils-gtk-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-utils-gtk-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-client3-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-client3-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-client3-32bit-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-common3-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-common3-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-common3-32bit-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-core7-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-core7-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-devel-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-glib-devel-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-glib-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-glib1-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-glib1-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-gobject-devel-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-gobject-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-gobject0-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-gobject0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-ui-gtk3-0-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-ui-gtk3-0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-ui0-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libavahi-ui0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libdns_sd-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libdns_sd-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libhowl0-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libhowl0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'typelib-1_0-Avahi-0_6-0.7-3.9', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'typelib-1_0-Avahi-0_6-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'avahi-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'avahi-autoipd-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'avahi-compat-howl-devel-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'avahi-compat-mDNSResponder-devel-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'avahi-lang-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'avahi-utils-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'avahi-utils-gtk-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-client3-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-client3-32bit-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-common3-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-common3-32bit-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-core7-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-devel-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-glib-devel-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-glib1-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-gobject-devel-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-gobject0-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-ui-gtk3-0-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libavahi-ui0-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libdns_sd-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'libhowl0-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'typelib-1_0-Avahi-0_6-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'avahi-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'avahi-autoipd-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'avahi-compat-howl-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'avahi-compat-mDNSResponder-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'avahi-lang-0.7-3.9', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'avahi-utils-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'avahi-utils-gtk-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-client3-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-client3-32bit-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-common3-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-common3-32bit-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-core7-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-glib-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-glib1-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-gobject-devel-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-gobject0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-ui-gtk3-0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libavahi-ui0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libdns_sd-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'libhowl0-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'typelib-1_0-Avahi-0_6-0.7-3.9', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'avahi / avahi-autoipd / avahi-compat-howl-devel / etc');\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-29T13:09:31", "description": "This update for avahi fixes the following issues :\n\nCVE-2021-3468: avoid infinite loop by handling HUP event in client_work (bsc#1184521).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-05-05T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : avahi (SUSE-SU-2021:1494-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:avahi", "p-cpe:/a:novell:suse_linux:avahi-debuginfo", "p-cpe:/a:novell:suse_linux:avahi-debugsource", "p-cpe:/a:novell:suse_linux:avahi-glib2-debugsource", "p-cpe:/a:novell:suse_linux:avahi-utils", "p-cpe:/a:novell:suse_linux:avahi-utils-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-client3", "p-cpe:/a:novell:suse_linux:libavahi-client3-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-common3", "p-cpe:/a:novell:suse_linux:libavahi-common3-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-core7", "p-cpe:/a:novell:suse_linux:libavahi-core7-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-glib1", "p-cpe:/a:novell:suse_linux:libavahi-glib1-debuginfo", "p-cpe:/a:novell:suse_linux:libdns_sd", "p-cpe:/a:novell:suse_linux:libdns_sd-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1494-1.NASL", "href": "https://www.tenable.com/plugins/nessus/149273", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1494-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149273);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"SUSE SLES12 Security Update : avahi (SUSE-SU-2021:1494-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for avahi fixes the following issues :\n\nCVE-2021-3468: avoid infinite loop by handling HUP event in\nclient_work (bsc#1184521).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1184521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3468/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211494-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4c475923\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP5 :\n\nzypper in -t patch SUSE-SLE-WE-12-SP5-2021-1494=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2021-1494=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-1494=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-glib2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-core7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-core7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns_sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns_sd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"avahi-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"avahi-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"avahi-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"avahi-debugsource-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"avahi-glib2-debugsource-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"avahi-utils-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"avahi-utils-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-client3-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-client3-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-client3-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-client3-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-common3-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-common3-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-common3-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-common3-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-core7-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-core7-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-glib1-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-glib1-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-glib1-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libavahi-glib1-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libdns_sd-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libdns_sd-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libdns_sd-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libdns_sd-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-27T13:13:19", "description": "This update for avahi fixes the following issues :\n\nCVE-2021-3468: avoid infinite loop by handling HUP event in client_work (bsc#1184521).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-06-04T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : avahi (SUSE-SU-2021:1494-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:avahi", "p-cpe:/a:novell:suse_linux:avahi-debuginfo", "p-cpe:/a:novell:suse_linux:avahi-debugsource", "p-cpe:/a:novell:suse_linux:avahi-glib2-debugsource", "p-cpe:/a:novell:suse_linux:avahi-utils", "p-cpe:/a:novell:suse_linux:avahi-utils-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-client3", "p-cpe:/a:novell:suse_linux:libavahi-client3-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-common3", "p-cpe:/a:novell:suse_linux:libavahi-common3-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-core7", "p-cpe:/a:novell:suse_linux:libavahi-core7-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-glib1", "p-cpe:/a:novell:suse_linux:libavahi-glib1-debuginfo", "p-cpe:/a:novell:suse_linux:libdns_sd", "p-cpe:/a:novell:suse_linux:libdns_sd-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1494-2.NASL", "href": "https://www.tenable.com/plugins/nessus/150274", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1494-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150274);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2021-3468\");\n\n script_name(english:\"SUSE SLES12 Security Update : avahi (SUSE-SU-2021:1494-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for avahi fixes the following issues :\n\nCVE-2021-3468: avoid infinite loop by handling HUP event in\nclient_work (bsc#1184521).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1184521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3468/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211494-2\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?20405f71\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2021-1494=1\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2021-1494=1\n\nSUSE OpenStack Cloud 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-9-2021-1494=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2021-1494=1\n\nSUSE Linux Enterprise Server for SAP 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP4-2021-1494=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2021-1494=1\n\nSUSE Linux Enterprise Server 12-SP4-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2021-1494=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2021-1494=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2021-1494=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2021-1494=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2021-1494=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-glib2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-core7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-core7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns_sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns_sd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"avahi-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"avahi-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"avahi-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"avahi-debugsource-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"avahi-glib2-debugsource-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"avahi-utils-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"avahi-utils-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-client3-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-client3-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-client3-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-client3-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-common3-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-common3-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-common3-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-common3-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-core7-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-core7-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-glib1-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-glib1-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-glib1-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libavahi-glib1-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libdns_sd-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libdns_sd-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libdns_sd-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libdns_sd-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"avahi-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"avahi-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"avahi-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"avahi-debugsource-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"avahi-glib2-debugsource-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"avahi-utils-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"avahi-utils-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-client3-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-client3-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-client3-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-client3-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-common3-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-common3-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-common3-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-common3-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-core7-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-core7-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-glib1-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-glib1-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-glib1-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libavahi-glib1-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdns_sd-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdns_sd-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdns_sd-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdns_sd-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"avahi-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"avahi-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"avahi-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"avahi-debugsource-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"avahi-glib2-debugsource-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"avahi-utils-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"avahi-utils-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-client3-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-client3-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-client3-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-client3-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-common3-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-common3-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-common3-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-common3-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-core7-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-core7-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-glib1-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-glib1-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-glib1-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libavahi-glib1-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdns_sd-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdns_sd-32bit-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdns_sd-debuginfo-0.6.32-32.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdns_sd-debuginfo-32bit-0.6.32-32.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-09T18:16:42", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1845-1 advisory.\n\n - avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product. (CVE-2021-26720)\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-07-16T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : avahi (openSUSE-SU-2021:1845-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26720", "CVE-2021-3468"], "modified": "2021-07-16T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:python-avahi", "p-cpe:/a:novell:opensuse:python-avahi-gtk", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-1845.NASL", "href": "https://www.tenable.com/plugins/nessus/151724", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1845-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151724);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/16\");\n\n script_cve_id(\"CVE-2021-3468\", \"CVE-2021-26720\");\n\n script_name(english:\"openSUSE 15 Security Update : avahi (openSUSE-SU-2021:1845-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1845-1 advisory.\n\n - avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via\n /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create\n arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the\n packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product. (CVE-2021-26720)\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180827\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1184521\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YAJ7F7M4LLALLHLSQR7PD7HCTVHGAFMX/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2ee6b944\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-26720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3468\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-avahi and / or python-avahi-gtk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26720\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-avahi-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nos_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\npkgs = [\n {'reference':'python-avahi-0.6.32-5.13.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-avahi-gtk-0.6.32-5.13.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-avahi / python-avahi-gtk');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-31T11:53:25", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5008-1 advisory.\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\n - A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability. (CVE-2021-3502)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-07-08T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : Avahi vulnerabilities (USN-5008-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3468", "CVE-2021-3502"], "modified": "2021-07-08T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "cpe:/o:canonical:ubuntu_linux:21.04", "p-cpe:/a:canonical:ubuntu_linux:avahi-autoipd", "p-cpe:/a:canonical:ubuntu_linux:avahi-daemon", "p-cpe:/a:canonical:ubuntu_linux:avahi-discover", "p-cpe:/a:canonical:ubuntu_linux:avahi-dnsconfd", "p-cpe:/a:canonical:ubuntu_linux:avahi-ui-utils", "p-cpe:/a:canonical:ubuntu_linux:avahi-utils", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-avahi-0.6", "p-cpe:/a:canonical:ubuntu_linux:libavahi-client-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-client3", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common-data", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common3", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common3-udeb", "p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd1", "p-cpe:/a:canonical:ubuntu_linux:libavahi-core-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-core7", "p-cpe:/a:canonical:ubuntu_linux:libavahi-core7-udeb", "p-cpe:/a:canonical:ubuntu_linux:libavahi-glib-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-glib1", "p-cpe:/a:canonical:ubuntu_linux:libavahi-gobject-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-gobject0", "p-cpe:/a:canonical:ubuntu_linux:libavahi-ui-gtk3-0", "p-cpe:/a:canonical:ubuntu_linux:libavahi-ui-gtk3-dev", "p-cpe:/a:canonical:ubuntu_linux:python-avahi", "p-cpe:/a:canonical:ubuntu_linux:python3-avahi"], "id": "UBUNTU_USN-5008-1.NASL", "href": "https://www.tenable.com/plugins/nessus/151452", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5008-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151452);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/08\");\n\n script_cve_id(\"CVE-2021-3468\", \"CVE-2021-3502\");\n script_xref(name:\"USN\", value:\"5008-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : Avahi vulnerabilities (USN-5008-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-5008-1 advisory.\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\n - A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start\n function allowing a local attacker to crash the avahi service by requesting hostname resolutions through\n the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to\n the service availability. (CVE-2021-3502)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5008-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3502\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-discover\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-dnsconfd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-ui-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-avahi-0.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-client-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common3-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-core-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-core7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-core7-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-glib-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-gobject-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-gobject0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-ui-gtk3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-ui-gtk3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-avahi\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04|20\\.10|21\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 20.10 / 21.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'avahi-autoipd', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'avahi-daemon', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'avahi-discover', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'avahi-dnsconfd', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'avahi-ui-utils', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'avahi-utils', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'gir1.2-avahi-0.6', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-client-dev', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-client3', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-common-data', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-common-dev', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-common3', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-common3-udeb', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-compat-libdnssd-dev', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-compat-libdnssd1', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-core-dev', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-core7', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-core7-udeb', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-glib-dev', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-glib1', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-gobject-dev', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-gobject0', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-ui-gtk3-0', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libavahi-ui-gtk3-dev', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'python-avahi', 'pkgver': '0.7-3.1ubuntu1.3'},\n {'osver': '20.04', 'pkgname': 'avahi-autoipd', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'avahi-daemon', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'avahi-discover', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'avahi-dnsconfd', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'avahi-ui-utils', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'avahi-utils', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'gir1.2-avahi-0.6', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-client-dev', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-client3', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-common-data', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-common-dev', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-common3', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-common3-udeb', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-compat-libdnssd-dev', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-compat-libdnssd1', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-core-dev', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-core7', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-core7-udeb', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-glib-dev', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-glib1', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-gobject-dev', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-gobject0', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-ui-gtk3-0', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'libavahi-ui-gtk3-dev', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.04', 'pkgname': 'python-avahi', 'pkgver': '0.7-4ubuntu7.1'},\n {'osver': '20.10', 'pkgname': 'avahi-autoipd', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'avahi-daemon', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'avahi-discover', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'avahi-dnsconfd', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'avahi-ui-utils', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'avahi-utils', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'gir1.2-avahi-0.6', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-client-dev', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-client3', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-common-data', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-common-dev', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-common3', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-compat-libdnssd-dev', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-compat-libdnssd1', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-core-dev', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-core7', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-glib-dev', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-glib1', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-gobject-dev', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-gobject0', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-ui-gtk3-0', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'libavahi-ui-gtk3-dev', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '20.10', 'pkgname': 'python3-avahi', 'pkgver': '0.8-3ubuntu1.1'},\n {'osver': '21.04', 'pkgname': 'avahi-autoipd', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'avahi-daemon', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'avahi-discover', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'avahi-dnsconfd', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'avahi-ui-utils', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'avahi-utils', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'gir1.2-avahi-0.6', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-client-dev', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-client3', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-common-data', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-common-dev', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-common3', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-compat-libdnssd-dev', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-compat-libdnssd1', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-core-dev', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-core7', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-glib-dev', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-glib1', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-gobject-dev', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-gobject0', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-ui-gtk3-0', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'libavahi-ui-gtk3-dev', 'pkgver': '0.8-5ubuntu3.1'},\n {'osver': '21.04', 'pkgname': 'python3-avahi', 'pkgver': '0.8-5ubuntu3.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'avahi-autoipd / avahi-daemon / avahi-discover / avahi-dnsconfd / etc');\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-10T05:08:01", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3047 advisory.\n\n - avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product. (CVE-2021-26720)\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-06-08T00:00:00", "type": "nessus", "title": "Debian DLA-3047-1 : avahi - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26720", "CVE-2021-3468"], "modified": "2022-06-08T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:avahi-autoipd:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:avahi-daemon:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:avahi-discover:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:avahi-dnsconfd:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:avahi-ui-utils:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:avahi-utils:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-client-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-client3:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-common-data:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-common-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-common3:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-compat-libdnssd-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-compat-libdnssd1:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-core-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-core7:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-glib-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-glib1:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-gobject-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-gobject0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-qt4-1:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-qt4-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-ui-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-ui-gtk3-0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-ui-gtk3-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libavahi-ui0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:python-avahi:*:*:*:*:*:*:*"], "id": "DEBIAN_DLA-3047.NASL", "href": "https://www.tenable.com/plugins/nessus/161940", "sourceData": "#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3047. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161940);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/08\");\n\n script_cve_id(\"CVE-2021-3468\", \"CVE-2021-26720\");\n\n script_name(english:\"Debian DLA-3047-1 : avahi - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-3047 advisory.\n\n - avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via\n /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create\n arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the\n packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product. (CVE-2021-26720)\n\n - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the\n client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing\n a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the\n availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n (CVE-2021-3468)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/avahi\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-3047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-26720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3468\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/avahi\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the avahi packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 0.6.32-2+deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26720\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:avahi-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:avahi-discover\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:avahi-dnsconfd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:avahi-ui-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:avahi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-client-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-common-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-common-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-compat-libdnssd-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-compat-libdnssd1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-core-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-core7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-glib-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-gobject-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-gobject0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-qt4-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-qt4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-ui-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-ui-gtk3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-ui-gtk3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavahi-ui0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'avahi-autoipd', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'avahi-daemon', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'avahi-discover', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'avahi-dnsconfd', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'avahi-ui-utils', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'avahi-utils', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-client-dev', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-client3', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-common-data', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-common-dev', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-common3', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-compat-libdnssd-dev', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-compat-libdnssd1', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-core-dev', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-core7', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-glib-dev', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-glib1', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-gobject-dev', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-gobject0', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-qt4-1', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-qt4-dev', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-ui-dev', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-ui-gtk3-0', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-ui-gtk3-dev', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'libavahi-ui0', 'reference': '0.6.32-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-avahi', 'reference': '0.6.32-2+deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'avahi-autoipd / avahi-daemon / avahi-discover / avahi-dnsconfd / etc');\n}\n", "cvss": {"score": 4.6, "vector": "CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-09T19:43:00", "description": "This update for avahi fixes the following issues :\n\nCVE-2021-3468: avoid infinite loop by handling HUP event in client_work (bsc#1184521).\n\nCVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh (bsc#1180827)\n\nUpdate avahi-daemon-check-dns.sh from Debian. Our previous version relied on ifconfig, route, and init.d.\n\nAdd sudo to requires: used to drop privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-06-04T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : avahi (SUSE-SU-2021:1845-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26720", "CVE-2021-3468"], "modified": "2021-06-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:avahi", "p-cpe:/a:novell:suse_linux:avahi-autoipd", "p-cpe:/a:novell:suse_linux:avahi-autoipd-debuginfo", "p-cpe:/a:novell:suse_linux:avahi-compat-howl-devel", "p-cpe:/a:novell:suse_linux:avahi-compat-mDNSResponder-devel", "p-cpe:/a:novell:suse_linux:avahi-debuginfo", "p-cpe:/a:novell:suse_linux:avahi-debugsource", "p-cpe:/a:novell:suse_linux:avahi-glib2-debugsource", "p-cpe:/a:novell:suse_linux:avahi-utils", "p-cpe:/a:novell:suse_linux:avahi-utils-debuginfo", "p-cpe:/a:novell:suse_linux:avahi-utils-gtk", "p-cpe:/a:novell:suse_linux:avahi-utils-gtk-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-client3", "p-cpe:/a:novell:suse_linux:libavahi-client3-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-common3", "p-cpe:/a:novell:suse_linux:libavahi-common3-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-core7", "p-cpe:/a:novell:suse_linux:libavahi-core7-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-devel", "p-cpe:/a:novell:suse_linux:libavahi-glib-devel", "p-cpe:/a:novell:suse_linux:libavahi-glib1", "p-cpe:/a:novell:suse_linux:libavahi-glib1-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-gobject-devel", "p-cpe:/a:novell:suse_linux:libavahi-gobject0", "p-cpe:/a:novell:suse_linux:libavahi-gobject0-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-ui-gtk3", "p-cpe:/a:novell:suse_linux:libavahi-ui-gtk3-0-debuginfo", "p-cpe:/a:novell:suse_linux:libavahi-ui0", "p-cpe:/a:novell:suse_linux:libavahi-ui0-debuginfo", "p-cpe:/a:novell:suse_linux:libdns_sd", "p-cpe:/a:novell:suse_linux:libdns_sd-debuginfo", "p-cpe:/a:novell:suse_linux:libhowl0", "p-cpe:/a:novell:suse_linux:libhowl0-debuginfo", "p-cpe:/a:novell:suse_linux:typelib-1_0-Avahi", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1845-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150267", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1845-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(150267);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/08\");\n\n script_cve_id(\"CVE-2021-26720\", \"CVE-2021-3468\");\n\n script_name(english:\"SUSE SLES15 Security Update : avahi (SUSE-SU-2021:1845-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for avahi fixes the following issues :\n\nCVE-2021-3468: avoid infinite loop by handling HUP event in\nclient_work (bsc#1184521).\n\nCVE-2021-26720: drop privileges when invoking\navahi-daemon-check-dns.sh (bsc#1180827)\n\nUpdate avahi-daemon-check-dns.sh from Debian. Our previous version\nrelied on ifconfig, route, and init.d.\n\nAdd sudo to requires: used to drop privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1180827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1184521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2021-26720/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2021-3468/\"\n );\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211845-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d812da1b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2021-1845=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2021-1845=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2021-1845=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2021-1845=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-autoipd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-autoipd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-compat-howl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-compat-mDNSResponder-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-glib2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:avahi-utils-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-client3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-common3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-core7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-core7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-glib1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-gobject0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-gobject0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-ui-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-ui-gtk3-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-ui0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libavahi-ui0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns_sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns_sd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libhowl0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libhowl0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-Avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"s390x\") audit(AUDIT_ARCH_NOT, \"s390x\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-autoipd-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-autoipd-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-compat-howl-devel-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-compat-mDNSResponder-devel-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-debugsource-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-glib2-debugsource-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-utils-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-utils-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-utils-gtk-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"avahi-utils-gtk-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-client3-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-client3-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-common3-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-common3-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-core7-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-core7-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-devel-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-glib-devel-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-glib1-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-glib1-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-gobject-devel-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-gobject0-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-gobject0-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-ui-gtk3-0-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-ui-gtk3-0-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-ui0-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libavahi-ui0-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libdns_sd-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libdns_sd-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libhowl0-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libhowl0-debuginfo-0.6.32-5.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"typelib-1_0-Avahi-0_6-0.6.32-5.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2022-06-08T11:09:49", "description": "A flaw was found in avahi. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-26T14:06:34", "type": "redhatcve", "title": "CVE-2021-3468", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3468"], "modified": "2022-06-08T08:14:41", "id": "RH:CVE-2021-3468", "href": "https://access.redhat.com/security/cve/cve-2021-3468", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2022-01-31T11:31:19", "description": "A flaw was found in avahi in versions 0.6 up to 0.8. The event used to\nsignal the termination of the client connection on the avahi Unix socket is\nnot correctly handled in the client_work function, allowing a local\nattacker to trigger an infinite loop. The highest threat from this\nvulnerability is to the availability of the avahi service, which becomes\nunresponsive after this flaw is triggered.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1939614#c3>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | as of 2021-07-06, the proposed patch has not been commited upstream\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-06-02T00:00:00", "type": "ubuntucve", "title": "CVE-2021-3468", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3468"], "modified": "2021-06-02T00:00:00", "id": "UB:CVE-2021-3468", "href": "https://ubuntu.com/security/CVE-2021-3468", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2022-02-09T23:43:31", "description": "USN-5008-1 fixed a vulnerability in avahi. This update provides \nthe corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.\n\nOriginal advisory details:\n\nThomas Kremer discovered that Avahi incorrectly handled termination signals \non the Unix socket. A local attacker could possibly use this issue to cause \nAvahi to hang, resulting in a denial of service.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-07-07T00:00:00", "type": "ubuntu", "title": "Avahi vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3468"], "modified": "2021-07-07T00:00:00", "id": "USN-5008-2", "href": "https://ubuntu.com/security/notices/USN-5008-2", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-27T03:42:40", "description": "Thomas Kremer discovered that Avahi incorrectly handled termination signals \non the Unix socket. A local attacker could possibly use this issue to cause \nAvahi to hang, resulting in a denial of service. This issue only affected \nUbuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-3468)\n\nIt was discovered that Avahi incorrectly handled certain hostnames. A local \nattacker could possibly use this issue to cause Avahi to crash, resulting \nin a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu \n21.04. (CVE-2021-3502)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-07-07T00:00:00", "type": "ubuntu", "title": "Avahi vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3502", "CVE-2021-3468"], "modified": "2021-07-07T00:00:00", "id": "USN-5008-1", "href": "https://ubuntu.com/security/notices/USN-5008-1", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "alpinelinux": [{"lastseen": "2022-05-23T19:31:44", "description": "A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-02T16:15:00", "type": "alpinelinux", "title": "CVE-2021-3468", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3468"], "modified": "2021-06-09T20:03:00", "id": "ALPINE:CVE-2021-3468", "href": "https://security.alpinelinux.org/vuln/CVE-2021-3468", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "veracode": [{"lastseen": "2022-06-10T17:05:13", "description": "avahi is vulnerable to denial of service. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-22T16:34:49", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3468"], "modified": "2022-06-07T22:20:15", "id": "VERACODE:31021", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-31021/summary", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2022-06-13T19:59:41", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for avahi fixes the following issues:\n\n - CVE-2021-3468: avoid infinite loop by handling HUP event in client_work\n (bsc#1184521).\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2021-694=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-05-09T00:00:00", "type": "suse", "title": "Security update for avahi (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3468"], "modified": "2021-05-09T00:00:00", "id": "OPENSUSE-SU-2021:0694-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VCPLDL2TVAMUG4CYPGSPUHQ3KJXENCPN/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-18T12:40:19", "description": "An update that fixes two vulnerabilities is now available.\n\nDescription:\n\n This update for avahi fixes the following issues:\n\n - CVE-2021-3468: avoid infinite loop by handling HUP event in client_work\n (bsc#1184521).\n - CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh\n (bsc#1180827)\n - Update avahi-daemon-check-dns.sh from Debian. Our previous version\n relied on ifconfig, route, and init.d.\n - Add sudo to requires: used to drop privileges.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2021-1845=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-11T00:00:00", "type": "suse", "title": "Security update for avahi (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26720", "CVE-2021-3468"], "modified": "2021-07-11T00:00:00", "id": "OPENSUSE-SU-2021:1845-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YAJ7F7M4LLALLHLSQR7PD7HCTVHGAFMX/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "altlinux": [{"lastseen": "2022-06-10T03:05:41", "description": "0.8-alt2 built April 30, 2021 Vitaly Lipatov in task [#270905](<https://git.altlinux.org/tasks/270905/>) \n--- \nApril 28, 2021 Sergey Bolshakov \n \n \n - avoid infinite-loop in avahi-daemon (closes: [#39357](<https://bugzilla.altlinux.org/39357>)) (fixes: CVE-2021-3468)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-04-30T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package avahi version 0.8-alt2", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3468"], "modified": "2021-04-30T00:00:00", "id": "1DAB06E67DE90D1446B923DB5F5E6FE8", "href": "https://packages.altlinux.org/en/p9/srpms/avahi/2661204230655064032", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-06-11T05:58:20", "description": "A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-02T16:15:00", "type": "debiancve", "title": "CVE-2021-3468", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3468"], "modified": "2021-06-02T16:15:00", "id": "DEBIANCVE:CVE-2021-3468", "href": "https://security-tracker.debian.org/tracker/CVE-2021-3468", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:35", "description": "Avoid infinite loop by handling HUP event in client_work. (CVE-2021-3468) \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-05-16T20:54:14", "type": "mageia", "title": "Updated avahi packages fix a security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3468"], "modified": "2021-05-16T20:54:14", "id": "MGASA-2021-0212", "href": "https://advisories.mageia.org/MGASA-2021-0212.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2022-06-08T06:48:20", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-3047-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Markus Koschany\nJune 07, 2022 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : avahi\nVersion : 0.6.32-2+deb9u1\nCVE ID : CVE-2021-3468 CVE-2021-26720\nDebian Bug : 984938\n\nIt was discovered that the Debian package of Avahi, a framework for Multicast\nDNS Service Discovery, executed the script avahi-daemon-check-dns.sh with root\nprivileges which would allow a local attacker to cause a denial of service or\ncreate arbitrary empty files via a symlink attack on files under\n/var/run/avahi-daemon. This script is now executed with the privileges of user\nand group avahi and requires sudo in order to achieve that.\n\nThe aforementioned script has been removed from Debian 10 &quot;Buster&quot; onwards. The\nworkaround could not be implemented for Debian 9 &quot;Stretch&quot; because libnss-mdns\n0.10 does not provide the required functionality to replace it.\n\nFurthermore it was found (CVE-2021-3468) that the event used to signal the\ntermination of the client connection on the avahi Unix socket is not correctly\nhandled in the client_work function, allowing a local attacker to trigger an\ninfinite loop. \n\nFor Debian 9 stretch, these problems have been fixed in version\n0.6.32-2+deb9u1.\n\nWe recommend that you upgrade your avahi packages.\n\nFor the detailed security status of avahi please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/avahi\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-07T18:23:35", "type": "debian", "title": "[SECURITY] [DLA 3047-1] avahi security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26720", "CVE-2021-3468"], "modified": "2022-06-07T18:23:35", "id": "DEBIAN:DLA-3047-1:81DC3", "href": "https://lists.debian.org/debian-lts-announce/2022/06/msg00009.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}]}