ID SOL17331 Type f5 Reporter f5 Modified 2015-09-29T00:00:00
Description
Recommended Action
If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.
F5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.
To mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network, and limit access to only trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system.
Supplemental Information
SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
SOL4918: Overview of the F5 critical issue hotfix policy
{"reporter": "f5", "published": "2015-09-29T00:00:00", "cvelist": ["CVE-2015-5073"], "title": "SOL17331 - PCRE library vulnerability CVE-2015-5073", "objectVersion": "1.2", "type": "f5", "hash": "11dde033a7a550f2f2a6769c1d968fe0aa71cc9ce1cb65f389c9abf297df5582", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/300/sol17331.html", "bulletinFamily": "software", "hashmap": [{"hash": "e2331c42c0783a4eadff85a8b28dd7d4", "key": "affectedSoftware"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "0c8da25764e5f17ac6437313f821ff5c", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "f1cd1cb9b70a35b40991606931649167", "key": "description"}, {"hash": "99511b7578d8801b962e1002d5d088eb", "key": "href"}, {"hash": "311fe06b3cf4192127ad9986f2239f2a", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "311fe06b3cf4192127ad9986f2239f2a", "key": "published"}, {"hash": "d708145dea38455a229de4cb2bf9c70e", "key": "references"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "reporter"}, {"hash": "fab8045e3e3497096af685ff69c7c6a6", "key": "title"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "type"}, {"hash": "cfcd208495d565ef66e7dff9f98764da", "key": "viewCount"}], "history": [], "enchantments": {"score": {"value": 4.6, "vector": "NONE", "modified": "2016-09-26T17:22:56", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-5073"]}, {"type": "f5", "idList": ["F5:K17331"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105322", "OPENVAS:1361412562310871620", "OPENVAS:1361412562310869768", "OPENVAS:1361412562310842393", "OPENVAS:1361412562310140179", "OPENVAS:1361412562310869869", "OPENVAS:1361412562310130110", "OPENVAS:1361412562310882492", "OPENVAS:1361412562310869746", "OPENVAS:1361412562311220201654"]}, {"type": "nessus", "idList": ["FEDORA_2015-11019.NASL", "EULEROS_SA-2020-1654.NASL", "SL_20160511_PCRE_ON_SL7_X.NASL", "FEDORA_2015-11027.NASL", "F5_BIGIP_SOL17331.NASL", "REDHAT-RHSA-2016-1025.NASL", "UBUNTU_USN-2694-1.NASL", "OPENSUSE-2016-1303.NASL", "FREEBSD_PKG_8A1D0E631E0711E5B43D002590263BF5.NASL", "EULEROS_SA-2016-1023.NASL"]}, {"type": "freebsd", "idList": ["8A1D0E63-1E07-11E5-B43D-002590263BF5"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14615", "SECURITYVULNS:DOC:32379"]}, {"type": "ubuntu", "idList": ["USN-2943-1", "USN-2694-1"]}, {"type": "redhat", "idList": ["RHSA-2016:1132", "RHSA-2016:2750", "RHSA-2016:1025"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-1025"]}, {"type": "centos", "idList": ["CESA-2016:1025"]}, {"type": "gentoo", "idList": ["GLSA-201607-02"]}, {"type": "suse", "idList": ["SUSE-SU-2017:2699-1", "SUSE-SU-2017:2700-1"]}], "modified": "2016-09-26T17:22:56", "rev": 2}, "vulnersScore": 4.6}, "modified": "2015-09-29T00:00:00", "viewCount": 0, "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 1, "affectedSoftware": [{"operator": "le", "name": "BIG-IP PSM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP AAM", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP AFM", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP APM", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP Link Controller", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IQ Device", "version": "4.5.0"}, {"operator": "le", "name": "BIG-IP GTM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP PEM", "version": "11.6.0"}, {"operator": "le", "name": "Enterprise Manager", "version": "3.1.1"}, {"operator": "le", "name": "BIG-IP APM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP DNS\n", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP Analytics", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP WebAccelerator", "version": "11.3.0"}, {"operator": "le", "name": "BIG-IP Analytics", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP ASM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP Edge Gateway\n", "version": "11.3.0"}, {"operator": "le", "name": "Traffix SDC", "version": "4.4.0"}, {"operator": "le", "name": "BIG-IP LTM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP PSM", "version": "11.4.1"}, {"operator": "le", "name": "BIG-IP LTM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP AAM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP ASM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP WebAccelerator", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP PEM", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP Link Controller", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP AFM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IQ Cloud", "version": "4.5.0"}, {"operator": "le", "name": "BIG-IP APM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP Link Controller", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP WOM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IQ Security", "version": "4.5.0"}, {"operator": "le", "name": "BIG-IP GTM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP LTM", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IQ ADC", "version": "4.5.0"}, {"operator": "le", "name": "BIG-IP WOM", "version": "11.3.0"}, {"operator": "le", "name": "ARX", "version": "6.4.0"}, {"operator": "le", "name": "Traffix SDC", "version": "3.5.1"}, {"operator": "le", "name": "BIG-IP Edge Gateway\n", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP ASM", "version": "12.0.0"}], "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "id": "SOL17331", "lastseen": "2016-09-26T17:22:56", "description": "Recommended Action\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network, and limit access to only trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system. \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n"}
{"cve": [{"lastseen": "2019-05-29T18:14:42", "bulletinFamily": "NVD", "description": "Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.", "modified": "2018-05-18T01:29:00", "id": "CVE-2015-5073", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5073", "published": "2016-12-13T16:59:00", "title": "CVE-2015-5073", "type": "cve", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}], "f5": [{"lastseen": "2020-04-06T22:40:50", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 548295 (BIG-IP), ID 548541 (BIG-IQ), ID548542 (Enterprise Manager), and ID 541509 (ARX) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H548643 on the **Diagnostics** >** Identified** > **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.0.0 \n11.6.0 - 11.6.1 \n11.0.0 - 11.5.4 \n10.1.0 - 10.2.4 | 13.0.0 \n12.1.0 \n11.6.2 \n11.5.5 | Medium | PCRE library \nBIG-IP AAM | 12.0.0 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.4 | 13.0.0 \n12.1.0 \n11.6.2 \n11.5.5 | Medium | PCRE library \nBIG-IP AFM | 12.0.0 \n11.6.0 - 11.6.1 \n11.3.0 - 11.5.4 | 13.0.0 \n12.1.0 \n11.6.2 \n11.5.5 | Medium | PCRE library \nBIG-IP Analytics | 12.0.0 \n11.6.0 - 11.6.1 \n11.0.0 - 11.5.4 | 13.0.0 \n12.1.0 \n11.6.2 \n11.5.5 | Medium | PCRE library \nBIG-IP APM | 12.0.0 \n11.6.0 - 11.6.1 \n11.0.0 - 11.5.4 \n10.1.0 - 10.2.4 | 13.0.0 \n12.1.0 \n11.6.2 \n11.5.5 | Medium | PCRE library \nBIG-IP ASM | 12.0.0 \n11.6.0 - 11.6.1 \n11.0.0 - 11.5.4 \n10.1.0 - 10.2.4 | 13.0.0 \n12.1.0 \n11.6.2 \n11.5.5 | Medium | PCRE library \nBIG-IP DNS | 12.0.0 | 13.0.0 \n12.1.0 | Medium | PCRE library \nBIG-IP Edge Gateway | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None | Medium | PCRE library \nBIG-IP GTM | 11.0.0 - 11.6.1 \n10.1.0 - 10.2.4 | None | Medium | PCRE library \nBIG-IP Link Controller | 12.0.0 \n11.6.0 - 11.6.1 \n11.0.0 - 11.5.4 \n10.1.0 - 10.2.4 | 13.0.0 \n12.1.0 \n11.6.2 \n11.5.5 | Medium | PCRE library \nBIG-IP PEM | 12.0.0 \n11.6.0 - 11.6.1 \n11.3.0 - 11.5.4 | 13.0.0 \n12.1.0 \n11.6.2 \n11.5.5 | Medium | PCRE library \nBIG-IP PSM | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | None | Medium | PCRE library \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None | Medium | PCRE library \nBIG-IP WOM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None | Medium | PCRE library \nARX | 6.0.0 - 6.4.0 | None | Low | PCRE library \nEnterprise Manager | 3.0.0 - 3.1.1 | None | Medium | PCRE library \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Medium | PCRE library \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Medium | PCRE library \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Medium | PCRE library \nBIG-IQ ADC | 4.5.0 | None | Medium | PCRE library \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nBIG-IP WebSafe | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 | 13.0.0 | Medium | PCRE library \nTraffix SDC | 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 | None | Low | PCRE library\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network, and limit access to only trusted users. For more information, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2019-02-14T20:27:00", "published": "2015-09-29T10:24:00", "id": "F5:K17331", "href": "https://support.f5.com/csp/article/K17331", "title": "PCRE library vulnerability CVE-2015-5073", "type": "f5", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}], "openvas": [{"lastseen": "2020-04-07T18:25:32", "bulletinFamily": "scanner", "description": "Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.", "modified": "2020-04-03T00:00:00", "published": "2017-03-07T00:00:00", "id": "OPENVAS:1361412562310140179", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310140179", "title": "F5 BIG-IP - PCRE library vulnerability CVE-2015-5073", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# F5 BIG-IP - PCRE library vulnerability CVE-2015-5073\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/h:f5:big-ip\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.140179\");\n script_cve_id(\"CVE-2015-5073\", \"CVE-2016-9244\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_version(\"2020-04-03T06:15:47+0000\");\n\n script_name(\"F5 BIG-IP - PCRE library vulnerability CVE-2015-5073\");\n\n script_xref(name:\"URL\", value:\"https://support.f5.com/csp/article/K17331\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n\n script_tag(name:\"summary\", value:\"Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.\");\n\n script_tag(name:\"impact\", value:\"A local, authenticated attacker may be able to provide malicious input in the configuration to exploit this vulnerability. There is no data plane exposure to this issue.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2020-04-03 06:15:47 +0000 (Fri, 03 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-03-07 10:27:32 +0100 (Tue, 07 Mar 2017)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"F5 Local Security Checks\");\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_dependencies(\"gb_f5_big_ip_version.nasl\");\n script_mandatory_keys(\"f5/big_ip/version\", \"f5/big_ip/active_modules\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"list_array_func.inc\");\ninclude(\"f5.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) )\n exit( 0 );\n\ncheck_f5['LTM'] = make_array( 'affected', '12.0.0-12.1.2;11.0.0-11.6.1;10.1.0-10.2.4;',\n 'unaffected', '13.0.0;' );\n\ncheck_f5['AAM'] = make_array( 'affected', '12.0.0-12.1.2;11.4.0-11.6.1;',\n 'unaffected', '13.0.0;' );\n\ncheck_f5['AFM'] = make_array( 'affected', '12.0.0-12.1.2;11.3.0-11.6.1;',\n 'unaffected', '13.0.0;' );\n\ncheck_f5['AVR'] = make_array( 'affected', '12.0.0-12.1.2;11.0.0-11.6.1;',\n 'unaffected', '13.0.0;' );\n\ncheck_f5['APM'] = make_array( 'affected', '12.0.0-12.1.2;11.0.0-11.6.1;10.1.0-10.2.4;',\n 'unaffected', '13.0.0;' );\n\ncheck_f5['ASM'] = make_array( 'affected', '12.0.0-12.1.2;11.0.0-11.6.1;10.1.0-10.2.4;',\n 'unaffected', '13.0.0;' );\n\ncheck_f5['LC'] = make_array( 'affected', '12.0.0;11.0.0-11.6.1;10.1.0-10.2.4;',\n 'unaffected', '13.0.0;' );\n\ncheck_f5['PEM'] = make_array( 'affected', '12.0.0-12.1.2;11.3.0-11.6.1;',\n 'unaffected', '13.0.0;' );\n\nif( report = f5_is_vulnerable( ca:check_f5, version:version ) ) {\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:19", "bulletinFamily": "scanner", "description": "IPFire 2.17 - Core Update 93 fixes multiple security vulnerabilities.", "modified": "2018-10-26T00:00:00", "published": "2015-08-18T00:00:00", "id": "OPENVAS:1361412562310105322", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105322", "title": "IPFire 2.17 - Core Update 93", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ipfire_2_17_core_93.nasl 12106 2018-10-26 06:33:36Z cfischer $\n#\n# IPFire 2.17 - Core Update 93\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105322\");\n script_cve_id(\"CVE-2015-5073\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_version(\"$Revision: 12106 $\");\n\n script_name(\"IPFire 2.17 - Core Update 93\");\n\n script_xref(name:\"URL\", value:\"http://www.ipfire.org/news/ipfire-2-17-core-update-93-released\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"IPFire 2.17 - Core 93 comes with various security fixes in the Squid web proxy, the dnsmasq DNS proxy\nserver and the Perl-compatible regular expressions library.\");\n\n script_tag(name:\"solution\", value:\"Update to IPFire 2.17 - Core Update 93\");\n script_tag(name:\"summary\", value:\"IPFire 2.17 - Core Update 93 fixes multiple security vulnerabilities.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 08:33:36 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 13:36:54 +0200 (Tue, 18 Aug 2015)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ipfire/system-release\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nif( ! rls = get_kb_item( \"ipfire/system-release\" ) ) exit( 0 );\nif( \"IPFire\" >!< rls ) exit( 0 );\n\nvers = eregmatch( pattern:'IPFire ([0-9.]+[^ ]*)', string:rls );\nif( ! isnull( vers[1] ) ) version = vers[1];\n\nif( ! version ) exit( 0 );\n\nc = eregmatch( pattern:'core([0-9]+)', string:rls );\nif( ! isnull( c[1] ) )\n core = c[1];\nelse\n core = 0;\n\nchk_version = version + '.' + core;\n\nif( version_is_less( version:chk_version, test_version: \"2.17.93\" ) )\n{\n report = 'Installed version: ' + version + ' core' + core +'\\n' +\n 'Fixed version: 2.17 core93\\n';\n\n security_message( data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:08", "bulletinFamily": "scanner", "description": "Mageia Linux Local Security Checks mgasa-2015-0267", "modified": "2018-09-28T00:00:00", "published": "2015-10-15T00:00:00", "id": "OPENVAS:1361412562310130110", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130110", "title": "Mageia Linux Local Check: mgasa-2015-0267", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0267.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130110\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 10:42:50 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0267\");\n script_tag(name:\"insight\", value:\"PCRE library is prone to a vulnerability which leads to Heap Overflow. During subpattern calculation of a malformed regular expression, an offset that is used as an array index is fully controlled and can be large enough so that unexpected heap memory regions are accessed (CVE-2015-5073).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0267.html\");\n script_cve_id(\"CVE-2015-5073\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0267\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"pcre\", rpm:\"pcre~8.37~2.1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:52", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-08-14T00:00:00", "id": "OPENVAS:1361412562310869869", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869869", "title": "Fedora Update for pcre FEDORA-2015-12921", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pcre FEDORA-2015-12921\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869869\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-14 05:33:52 +0200 (Fri, 14 Aug 2015)\");\n script_cve_id(\"CVE-2015-3210\", \"CVE-2015-5073\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for pcre FEDORA-2015-12921\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcre'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"pcre on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-12921\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-August/163731.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcre\", rpm:\"pcre~8.37~3.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:54", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-07-14T00:00:00", "id": "OPENVAS:1361412562310869746", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869746", "title": "Fedora Update for pcre FEDORA-2015-11027", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pcre FEDORA-2015-11027\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869746\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-14 06:37:01 +0200 (Tue, 14 Jul 2015)\");\n script_cve_id(\"CVE-2015-3210\", \"CVE-2015-5073\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for pcre FEDORA-2015-11027\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcre'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"pcre on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-11027\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/161753.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcre\", rpm:\"pcre~8.37~2.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:46", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-07-18T00:00:00", "id": "OPENVAS:1361412562310869768", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869768", "title": "Fedora Update for pcre FEDORA-2015-11019", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pcre FEDORA-2015-11019\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869768\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-18 06:25:29 +0200 (Sat, 18 Jul 2015)\");\n script_cve_id(\"CVE-2015-3210\", \"CVE-2015-5073\", \"CVE-2014-8964\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for pcre FEDORA-2015-11019\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcre'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"pcre on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-11019\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/162120.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcre\", rpm:\"pcre~8.35~12.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-28T16:47:23", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-28T00:00:00", "published": "2015-07-30T00:00:00", "id": "OPENVAS:1361412562310842393", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842393", "title": "Ubuntu Update for pcre3 USN-2694-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for pcre3 USN-2694-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842393\");\n script_version(\"2020-01-28T08:10:01+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 08:10:01 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-07-30 05:15:02 +0200 (Thu, 30 Jul 2015)\");\n script_cve_id(\"CVE-2014-8964\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3210\",\n \"CVE-2015-5073\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for pcre3 USN-2694-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcre3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Michele Spagnuolo discovered that PCRE\nincorrectly handled certain regular expressions. A remote attacker could use this\nissue to cause applications using PCRE to crash, resulting in a denial of service,\nor possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.\n(CVE-2014-8964)\n\nKai Lu discovered that PCRE incorrectly handled certain regular\nexpressions. A remote attacker could use this issue to cause applications\nusing PCRE to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04.\n(CVE-2015-2325, CVE-2015-2326)\n\nWen Guanxing discovered that PCRE incorrectly handled certain regular\nexpressions. A remote attacker could use this issue to cause applications\nusing PCRE to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3210)\n\nIt was discovered that PCRE incorrectly handled certain regular\nexpressions. A remote attacker could use this issue to cause applications\nusing PCRE to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 12.04 LTS and 14.04 LTS.\n(CVE-2015-5073)\");\n script_tag(name:\"affected\", value:\"pcre3 on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2694-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2694-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpcre3:amd64\", ver:\"1:8.31-2ubuntu2.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libpcre3:i386\", ver:\"1:8.31-2ubuntu2.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpcre3\", ver:\"8.12-4ubuntu0.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-17T15:53:32", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-06-16T00:00:00", "published": "2020-06-16T00:00:00", "id": "OPENVAS:1361412562311220201654", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201654", "title": "Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2020-1654)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1654\");\n script_version(\"2020-06-16T05:48:25+0000\");\n script_cve_id(\"CVE-2015-3217\", \"CVE-2015-5073\", \"CVE-2019-12450\", \"CVE-2019-13012\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-16 05:48:25 +0000 (Tue, 16 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-16 05:48:25 +0000 (Tue, 16 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2020-1654)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1654\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1654\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'glib2' package(s) announced via the EulerOS-SA-2020-1654 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by /^(?:(?(1)\\\\.<pipe>([^\\\\\\\\W_])?)+)+$/.(CVE-2015-3217)\n\nHeap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.(CVE-2015-5073)\n\nThe keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb-dir, NULL, NULL) and files using g_file_replace_contents (kfsb-file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL). Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories, 0777 permissions are used, for files, default file permissions are used. This is similar to CVE-2019-12450.(CVE-2019-13012)\n\nfile_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.(CVE-2019-12450)\");\n\n script_tag(name:\"affected\", value:\"'glib2' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.50.3~3.h5\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.50.3~3.h5\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:33", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2016-06-03T00:00:00", "id": "OPENVAS:1361412562310871620", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871620", "title": "RedHat Update for pcre RHSA-2016:1025-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for pcre RHSA-2016:1025-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871620\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-03 16:25:10 +0530 (Fri, 03 Jun 2016)\");\n script_cve_id(\"CVE-2015-2328\", \"CVE-2015-3217\", \"CVE-2015-5073\", \"CVE-2015-8385\",\n \"CVE-2015-8386\", \"CVE-2015-8388\", \"CVE-2015-8391\", \"CVE-2016-3191\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for pcre RHSA-2016:1025-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcre'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"PCRE is a Perl-compatible regular expression\nlibrary.\n\nSecurity Fix(es):\n\n * Multiple flaws were found in the way PCRE handled malformed regular\nexpressions. An attacker able to make an application using PCRE process a\nspecially crafted regular expression could use these flaws to cause the\napplication to crash or, possibly, execute arbitrary code. (CVE-2015-8385,\nCVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388,\nCVE-2015-8391, CVE-2015-8386)\");\n script_tag(name:\"affected\", value:\"pcre on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:1025-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-May/msg00025.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcre\", rpm:\"pcre~8.32~15.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcre-debuginfo\", rpm:\"pcre-debuginfo~8.32~15.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcre-devel\", rpm:\"pcre-devel~8.32~15.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2020-01-27T18:33:58", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220161023", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220161023", "title": "Huawei EulerOS: Security Advisory for pcre (EulerOS-SA-2016-1023)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2016.1023\");\n script_version(\"2020-01-23T10:38:33+0000\");\n script_cve_id(\"CVE-2015-2328\", \"CVE-2015-3217\", \"CVE-2015-5073\", \"CVE-2015-8385\", \"CVE-2015-8386\", \"CVE-2015-8388\", \"CVE-2015-8391\", \"CVE-2016-3191\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:38:33 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:38:33 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for pcre (EulerOS-SA-2016-1023)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2016-1023\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1023\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'pcre' package(s) announced via the EulerOS-SA-2016-1023 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)\");\n\n script_tag(name:\"affected\", value:\"'pcre' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"pcre\", rpm:\"pcre~8.32~15.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pcre-devel\", rpm:\"pcre-devel~8.32~15.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "nessus": [{"lastseen": "2020-08-01T01:34:12", "bulletinFamily": "scanner", "description": "Heap-based buffer overflow in the find_fixedlength function in\npcre_compile.c in PCRE before 8.38 allows remote attackers to cause a\ndenial of service (crash) or obtain sensitive information from heap\nmemory and possibly bypass the ASLR protection mechanism via a crafted\nregular expression with an excess closing parenthesis. (CVE-2015-5073)", "modified": "2020-08-02T00:00:00", "id": "F5_BIGIP_SOL17331.NASL", "href": "https://www.tenable.com/plugins/nessus/97531", "published": "2017-03-06T00:00:00", "title": "F5 Networks BIG-IP : PCRE library vulnerability (K17331)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K17331.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97531);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2019/02/15 9:26:24\");\n\n script_cve_id(\"CVE-2015-5073\");\n script_bugtraq_id(75430);\n\n script_name(english:\"F5 Networks BIG-IP : PCRE library vulnerability (K17331)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Heap-based buffer overflow in the find_fixedlength function in\npcre_compile.c in PCRE before 8.38 allows remote attackers to cause a\ndenial of service (crash) or obtain sensitive information from heap\nmemory and possibly bypass the ASLR protection mechanism via a crafted\nregular expression with an excess closing parenthesis. (CVE-2015-5073)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K17331\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K17331.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K17331\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0-11.6.1\",\"11.3.0-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0\",\"11.6.2\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0\",\"11.6.2\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0-11.6.1\",\"11.0.0-11.5.4\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0\",\"11.6.2\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0-11.6.1\",\"11.0.0-11.5.4\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0\",\"11.6.2\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0-11.6.1\",\"11.0.0-11.5.4\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0\",\"11.6.2\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0-11.6.1\",\"11.0.0-11.5.4\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0\",\"11.6.2\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0-11.6.1\",\"11.0.0-11.5.4\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0\",\"11.6.2\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0-11.6.1\",\"11.3.0-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0\",\"11.6.2\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-08-01T02:20:48", "bulletinFamily": "scanner", "description": "Venustech ADLAB reports :\n\nPCRE library is prone to a vulnerability which leads to Heap Overflow.\nDuring subpattern calculation of a malformed regular expression, an\noffset that is used as an array index is fully controlled and can be\nlarge enough so that unexpected heap memory regions are accessed.\n\nOne could at least exploit this issue to read objects nearby of the\naffected application", "modified": "2020-08-02T00:00:00", "id": "FREEBSD_PKG_8A1D0E631E0711E5B43D002590263BF5.NASL", "href": "https://www.tenable.com/plugins/nessus/84887", "published": "2015-07-21T00:00:00", "title": "FreeBSD : pcre -- Heap Overflow Vulnerability in find_fixedlength() (8a1d0e63-1e07-11e5-b43d-002590263bf5)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84887);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/12/19 13:21:18\");\n\n script_cve_id(\"CVE-2015-5073\");\n\n script_name(english:\"FreeBSD : pcre -- Heap Overflow Vulnerability in find_fixedlength() (8a1d0e63-1e07-11e5-b43d-002590263bf5)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Venustech ADLAB reports :\n\nPCRE library is prone to a vulnerability which leads to Heap Overflow.\nDuring subpattern calculation of a malformed regular expression, an\noffset that is used as an array index is fully controlled and can be\nlarge enough so that unexpected heap memory regions are accessed.\n\nOne could at least exploit this issue to read objects nearby of the\naffected application's memory.\n\nSuch information disclosure may also be used to bypass memory\nprotection method such as ASLR.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.exim.org/show_bug.cgi?id=1651\"\n );\n # http://vcs.pcre.org/pcre?view=revision&revision=1571\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8add565\"\n );\n # http://www.openwall.com/lists/oss-security/2015/06/26/1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openwall.com/lists/oss-security/2015/06/26/1\"\n );\n # https://vuxml.freebsd.org/freebsd/8a1d0e63-1e07-11e5-b43d-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d2f97696\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:pcre\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"pcre<=8.37_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-06-05T09:27:40", "bulletinFamily": "scanner", "description": "This release fixes two heap buffer overflows when compiling certain\nregular expressions: CVE-2015-3210 and CVE-2015-5073.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2015-07-14T00:00:00", "id": "FEDORA_2015-11027.NASL", "href": "https://www.tenable.com/plugins/nessus/84685", "published": "2015-07-14T00:00:00", "title": "Fedora 22 : pcre-8.37-2.fc22 (2015-11027)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-11027.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84685);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2015-3210\", \"CVE-2015-5073\");\n script_xref(name:\"FEDORA\", value:\"2015-11027\");\n\n script_name(english:\"Fedora 22 : pcre-8.37-2.fc22 (2015-11027)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This release fixes two heap buffer overflows when compiling certain\nregular expressions: CVE-2015-3210 and CVE-2015-5073.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1226918\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1237223\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-July/161753.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f123c76\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pcre package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pcre\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"pcre-8.37-2.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcre\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T09:27:40", "bulletinFamily": "scanner", "description": "This release fixes two heap buffer overflows when compiling certain\nregular expressions: CVE-2015-3210 and CVE-2015-5073.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2015-07-20T00:00:00", "id": "FEDORA_2015-11019.NASL", "href": "https://www.tenable.com/plugins/nessus/84843", "published": "2015-07-20T00:00:00", "title": "Fedora 21 : pcre-8.35-12.fc21 (2015-11019)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-11019.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84843);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2015-3210\", \"CVE-2015-5073\");\n script_xref(name:\"FEDORA\", value:\"2015-11019\");\n\n script_name(english:\"Fedora 21 : pcre-8.35-12.fc21 (2015-11019)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This release fixes two heap buffer overflows when compiling certain\nregular expressions: CVE-2015-3210 and CVE-2015-5073.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1226918\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1237223\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-July/162120.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?822f03b5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pcre package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pcre\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"pcre-8.35-12.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcre\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-24T08:53:46", "bulletinFamily": "scanner", "description": "According to the versions of the glib2 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10\n mishandle group empty matches, which might allow remote\n attackers to cause a denial of service (stack-based\n buffer overflow) via a crafted regular expression, as\n demonstrated by\n /^(?:(?(1)\\\\.|([^\\\\\\\\W_])?)+)+$/.(CVE-2015-3217)\n\n - Heap-based buffer overflow in the find_fixedlength\n function in pcre_compile.c in PCRE before 8.38 allows\n remote attackers to cause a denial of service (crash)\n or obtain sensitive information from heap memory and\n possibly bypass the ASLR protection mechanism via a\n crafted regular expression with an excess closing\n parenthesis.(CVE-2015-5073)\n\n - The keyfile settings backend in GNOME GLib (aka\n glib2.0) before 2.60.0 creates directories using\n g_file_make_directory_with_parents (kfsb->dir, NULL,\n NULL) and files using g_file_replace_contents\n (kfsb->file, contents, length, NULL, FALSE,\n G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL).\n Consequently, it does not properly restrict directory\n (and file) permissions. Instead, for directories, 0777\n permissions are used for files, default file\n permissions are used. This is similar to\n CVE-2019-12450.(CVE-2019-13012)\n\n - file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0\n through 2.61.1 does not properly restrict file\n permissions while a copy operation is in progress.\n Instead, default permissions are used.(CVE-2019-12450)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-06-17T00:00:00", "id": "EULEROS_SA-2020-1654.NASL", "href": "https://www.tenable.com/plugins/nessus/137496", "published": "2020-06-17T00:00:00", "title": "EulerOS 2.0 SP2 : glib2 (EulerOS-SA-2020-1654)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137496);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/22\");\n\n script_cve_id(\n \"CVE-2015-3217\",\n \"CVE-2015-5073\",\n \"CVE-2019-12450\",\n \"CVE-2019-13012\"\n );\n script_bugtraq_id(\n 75018,\n 75430\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : glib2 (EulerOS-SA-2020-1654)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the glib2 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10\n mishandle group empty matches, which might allow remote\n attackers to cause a denial of service (stack-based\n buffer overflow) via a crafted regular expression, as\n demonstrated by\n /^(?:(?(1)\\\\.|([^\\\\\\\\W_])?)+)+$/.(CVE-2015-3217)\n\n - Heap-based buffer overflow in the find_fixedlength\n function in pcre_compile.c in PCRE before 8.38 allows\n remote attackers to cause a denial of service (crash)\n or obtain sensitive information from heap memory and\n possibly bypass the ASLR protection mechanism via a\n crafted regular expression with an excess closing\n parenthesis.(CVE-2015-5073)\n\n - The keyfile settings backend in GNOME GLib (aka\n glib2.0) before 2.60.0 creates directories using\n g_file_make_directory_with_parents (kfsb->dir, NULL,\n NULL) and files using g_file_replace_contents\n (kfsb->file, contents, length, NULL, FALSE,\n G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL).\n Consequently, it does not properly restrict directory\n (and file) permissions. Instead, for directories, 0777\n permissions are used for files, default file\n permissions are used. This is similar to\n CVE-2019-12450.(CVE-2019-13012)\n\n - file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0\n through 2.61.1 does not properly restrict file\n permissions while a copy operation is in progress.\n Instead, default permissions are used.(CVE-2019-12450)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1654\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dc95cd05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected glib2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:U/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:U/RC:X\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glib2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glib2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"glib2-2.50.3-3.h5\",\n \"glib2-devel-2.50.3-3.h5\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glib2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-01T05:27:48", "bulletinFamily": "scanner", "description": "Michele Spagnuolo discovered that PCRE incorrectly handled certain\nregular expressions. A remote attacker could use this issue to cause\napplications using PCRE to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 14.04\nLTS. (CVE-2014-8964)\n\nKai Lu discovered that PCRE incorrectly handled certain regular\nexpressions. A remote attacker could use this issue to cause\napplications using PCRE to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 14.04\nLTS and Ubuntu 15.04. (CVE-2015-2325, CVE-2015-2326)\n\nWen Guanxing discovered that PCRE incorrectly handled certain regular\nexpressions. A remote attacker could use this issue to cause\napplications using PCRE to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu\n15.04. (CVE-2015-3210)\n\nIt was discovered that PCRE incorrectly handled certain regular\nexpressions. A remote attacker could use this issue to cause\napplications using PCRE to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 12.04\nLTS and 14.04 LTS. (CVE-2015-5073).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-08-02T00:00:00", "id": "UBUNTU_USN-2694-1.NASL", "href": "https://www.tenable.com/plugins/nessus/85122", "published": "2015-07-30T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : pcre3 vulnerabilities (USN-2694-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2694-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85122);\n script_version(\"2.9\");\n script_cvs_date(\"Date: 2019/09/18 12:31:44\");\n\n script_cve_id(\"CVE-2014-8964\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3210\", \"CVE-2015-5073\");\n script_xref(name:\"USN\", value:\"2694-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : pcre3 vulnerabilities (USN-2694-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Michele Spagnuolo discovered that PCRE incorrectly handled certain\nregular expressions. A remote attacker could use this issue to cause\napplications using PCRE to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 14.04\nLTS. (CVE-2014-8964)\n\nKai Lu discovered that PCRE incorrectly handled certain regular\nexpressions. A remote attacker could use this issue to cause\napplications using PCRE to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 14.04\nLTS and Ubuntu 15.04. (CVE-2015-2325, CVE-2015-2326)\n\nWen Guanxing discovered that PCRE incorrectly handled certain regular\nexpressions. A remote attacker could use this issue to cause\napplications using PCRE to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu\n15.04. (CVE-2015-3210)\n\nIt was discovered that PCRE incorrectly handled certain regular\nexpressions. A remote attacker could use this issue to cause\napplications using PCRE to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 12.04\nLTS and 14.04 LTS. (CVE-2015-5073).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2694-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpcre3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpcre3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libpcre3\", pkgver:\"8.12-4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libpcre3\", pkgver:\"1:8.31-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libpcre3\", pkgver:\"2:8.35-3.3ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcre3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T11:12:42", "bulletinFamily": "scanner", "description": "This version fixes a number of vulnerabilities that affect pcre and\napplications using the libary when accepting untrusted input as\nregular expressions or as part thereof. Remote attackers could have\ncaused the application to crash, disclose information or potentially\nexecute arbitrary code.\n\n - Update to PCRE 8.39 FATE#320298 boo#972127.\n\n - CVE-2015-3210: heap buffer overflow in pcre_compile2() /\n compile_regex() (boo#933288)\n\n - CVE-2015-3217: pcre: PCRE Library Call Stack Overflow\n Vulnerability in match() (boo#933878)\n\n - CVE-2015-5073: pcre: Library Heap Overflow Vulnerability\n in find_fixedlength() (boo#936227)\n\n - boo#942865: heap overflow in compile_regex()\n\n - CVE-2015-8380: pcre: heap overflow in pcre_exec\n (boo#957566)\n\n - boo#957598: various security issues fixed in pcre 8.37\n and 8.38 release\n\n - CVE-2016-1283: pcre: Heap buffer overflow in\n pcre_compile2 causes DoS (boo#960837)\n\n - CVE-2016-3191: pcre: workspace overflow for (*ACCEPT)\n with deeply nested parentheses (boo#971741)", "modified": "2016-11-16T00:00:00", "id": "OPENSUSE-2016-1303.NASL", "href": "https://www.tenable.com/plugins/nessus/94906", "published": "2016-11-16T00:00:00", "title": "openSUSE Security Update : pcre (openSUSE-2016-1303)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1303.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94906);\n script_version(\"2.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2015-3210\", \"CVE-2015-3217\", \"CVE-2015-5073\", \"CVE-2015-8380\", \"CVE-2016-1283\", \"CVE-2016-3191\");\n\n script_name(english:\"openSUSE Security Update : pcre (openSUSE-2016-1303)\");\n script_summary(english:\"Check for the openSUSE-2016-1303 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This version fixes a number of vulnerabilities that affect pcre and\napplications using the libary when accepting untrusted input as\nregular expressions or as part thereof. Remote attackers could have\ncaused the application to crash, disclose information or potentially\nexecute arbitrary code.\n\n - Update to PCRE 8.39 FATE#320298 boo#972127.\n\n - CVE-2015-3210: heap buffer overflow in pcre_compile2() /\n compile_regex() (boo#933288)\n\n - CVE-2015-3217: pcre: PCRE Library Call Stack Overflow\n Vulnerability in match() (boo#933878)\n\n - CVE-2015-5073: pcre: Library Heap Overflow Vulnerability\n in find_fixedlength() (boo#936227)\n\n - boo#942865: heap overflow in compile_regex()\n\n - CVE-2015-8380: pcre: heap overflow in pcre_exec\n (boo#957566)\n\n - boo#957598: various security issues fixed in pcre 8.37\n and 8.38 release\n\n - CVE-2016-1283: pcre: Heap buffer overflow in\n pcre_compile2 causes DoS (boo#960837)\n\n - CVE-2016-3191: pcre: workspace overflow for (*ACCEPT)\n with deeply nested parentheses (boo#971741)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=933288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=933878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=936227\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=942865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957566\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=960837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=971741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=972127\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pcre packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcre1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcre1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcre1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcre1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcre16-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcre16-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcre16-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcre16-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcrecpp0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcrecpp0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcrecpp0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcrecpp0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcreposix0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcreposix0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcreposix0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcreposix0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcre-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcre-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcre-devel-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcre-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcre-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libpcre1-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libpcre1-debuginfo-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libpcre16-0-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libpcre16-0-debuginfo-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libpcrecpp0-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libpcrecpp0-debuginfo-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libpcreposix0-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libpcreposix0-debuginfo-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcre-debugsource-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcre-devel-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcre-devel-static-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcre-tools-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcre-tools-debuginfo-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libpcre1-32bit-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libpcre1-debuginfo-32bit-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libpcre16-0-32bit-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libpcre16-0-debuginfo-32bit-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libpcrecpp0-32bit-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libpcrecpp0-debuginfo-32bit-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libpcreposix0-32bit-8.39-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libpcreposix0-debuginfo-32bit-8.39-3.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcre1-32bit / libpcre1 / libpcre1-debuginfo-32bit / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-01T04:11:45", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2016:1025 :\n\nAn update for pcre is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPCRE is a Perl-compatible regular expression library.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the way PCRE handled malformed regular\nexpressions. An attacker able to make an application using PCRE\nprocess a specially crafted regular expression could use these flaws\nto cause the application to crash or, possibly, execute arbitrary\ncode. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217,\nCVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)", "modified": "2020-08-02T00:00:00", "id": "ORACLELINUX_ELSA-2016-1025.NASL", "href": "https://www.tenable.com/plugins/nessus/91072", "published": "2016-05-12T00:00:00", "title": "Oracle Linux 7 : pcre (ELSA-2016-1025)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:1025 and \n# Oracle Linux Security Advisory ELSA-2016-1025 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91072);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2019/09/27 13:00:37\");\n\n script_cve_id(\"CVE-2015-2328\", \"CVE-2015-3217\", \"CVE-2015-5073\", \"CVE-2015-8385\", \"CVE-2015-8386\", \"CVE-2015-8388\", \"CVE-2015-8391\", \"CVE-2016-3191\");\n script_xref(name:\"RHSA\", value:\"2016:1025\");\n\n script_name(english:\"Oracle Linux 7 : pcre (ELSA-2016-1025)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:1025 :\n\nAn update for pcre is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPCRE is a Perl-compatible regular expression library.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the way PCRE handled malformed regular\nexpressions. An attacker able to make an application using PCRE\nprocess a specially crafted regular expression could use these flaws\nto cause the application to crash or, possibly, execute arbitrary\ncode. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217,\nCVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-May/006027.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pcre packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pcre\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pcre-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pcre-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pcre-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"pcre-8.32-15.el7_2.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"pcre-devel-8.32-15.el7_2.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"pcre-static-8.32-15.el7_2.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"pcre-tools-8.32-15.el7_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcre / pcre-devel / pcre-static / pcre-tools\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2020-08-01T01:07:21", "bulletinFamily": "scanner", "description": "An update for pcre is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPCRE is a Perl-compatible regular expression library.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the way PCRE handled malformed regular\nexpressions. An attacker able to make an application using PCRE\nprocess a specially crafted regular expression could use these flaws\nto cause the application to crash or, possibly, execute arbitrary\ncode. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217,\nCVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)", "modified": "2020-08-02T00:00:00", "id": "CENTOS_RHSA-2016-1025.NASL", "href": "https://www.tenable.com/plugins/nessus/91104", "published": "2016-05-13T00:00:00", "title": "CentOS 7 : pcre (CESA-2016:1025)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:1025 and \n# CentOS Errata and Security Advisory 2016:1025 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91104);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2015-2328\", \"CVE-2015-3217\", \"CVE-2015-5073\", \"CVE-2015-8385\", \"CVE-2015-8386\", \"CVE-2015-8388\", \"CVE-2015-8391\", \"CVE-2016-3191\");\n script_xref(name:\"RHSA\", value:\"2016:1025\");\n\n script_name(english:\"CentOS 7 : pcre (CESA-2016:1025)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for pcre is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPCRE is a Perl-compatible regular expression library.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the way PCRE handled malformed regular\nexpressions. An attacker able to make an application using PCRE\nprocess a specially crafted regular expression could use these flaws\nto cause the application to crash or, possibly, execute arbitrary\ncode. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217,\nCVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-May/021883.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?49ea9e39\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pcre packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8391\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pcre\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pcre-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pcre-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pcre-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"pcre-8.32-15.el7_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"pcre-devel-8.32-15.el7_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"pcre-static-8.32-15.el7_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"pcre-tools-8.32-15.el7_2.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcre / pcre-devel / pcre-static / pcre-tools\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2020-05-06T00:41:32", "bulletinFamily": "scanner", "description": "According to the versions of the pcre packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - Multiple flaws were found in the way PCRE handled\n malformed regular expressions. An attacker able to make\n an application using PCRE process a specially crafted\n regular expression could use these flaws to cause the\n application to crash or, possibly, execute arbitrary\n code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328,\n CVE-2015-3217, CVE-2015-5073, CVE-2015-8388,\n CVE-2015-8391, CVE-2015-8386)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2017-05-01T00:00:00", "id": "EULEROS_SA-2016-1023.NASL", "href": "https://www.tenable.com/plugins/nessus/99786", "published": "2017-05-01T00:00:00", "title": "EulerOS 2.0 SP1 : pcre (EulerOS-SA-2016-1023)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99786);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/04\");\n\n script_cve_id(\n \"CVE-2015-2328\",\n \"CVE-2015-3217\",\n \"CVE-2015-5073\",\n \"CVE-2015-8385\",\n \"CVE-2015-8386\",\n \"CVE-2015-8388\",\n \"CVE-2015-8391\",\n \"CVE-2016-3191\"\n );\n script_bugtraq_id(\n 75018,\n 75430\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : pcre (EulerOS-SA-2016-1023)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the pcre packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - Multiple flaws were found in the way PCRE handled\n malformed regular expressions. An attacker able to make\n an application using PCRE process a specially crafted\n regular expression could use these flaws to cause the\n application to crash or, possibly, execute arbitrary\n code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328,\n CVE-2015-3217, CVE-2015-5073, CVE-2015-8388,\n CVE-2015-8391, CVE-2015-8386)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1023\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f95386c8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected pcre packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:U/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:pcre\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:pcre-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"pcre-8.32-15.1\",\n \"pcre-devel-8.32-15.1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcre\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:08", "bulletinFamily": "unix", "description": "\nVenustech ADLAB reports:\n\nPCRE library is prone to a vulnerability which leads to Heap\n\t Overflow. During subpattern calculation of a malformed regular\n\t expression, an offset that is used as an array index is fully\n\t controlled and can be large enough so that unexpected heap\n\t memory regions are accessed.\nOne could at least exploit this issue to read objects nearby of\n\t the affected application's memory.\nSuch information disclosure may also be used to bypass memory\n\t protection method such as ASLR.\n\n", "modified": "2015-06-23T00:00:00", "published": "2015-06-23T00:00:00", "id": "8A1D0E63-1E07-11E5-B43D-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/8a1d0e63-1e07-11e5-b43d-002590263bf5.html", "title": "pcre -- Heap Overflow Vulnerability in find_fixedlength()", "type": "freebsd", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:11:00", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2694-1\r\nJuly 29, 2015\r\n\r\npcre3 vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 15.04\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nPCRE could be made to crash or run programs if it processed a\r\nspecially-crafted regular expression.\r\n\r\nSoftware Description:\r\n- pcre3: Perl 5 Compatible Regular Expression Library\r\n\r\nDetails:\r\n\r\nMichele Spagnuolo discovered that PCRE incorrectly handled certain regular\r\nexpressions. A remote attacker could use this issue to cause applications\r\nusing PCRE to crash, resulting in a denial of service, or possibly execute\r\narbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-8964)\r\n\r\nKai Lu discovered that PCRE incorrectly handled certain regular\r\nexpressions. A remote attacker could use this issue to cause applications\r\nusing PCRE to crash, resulting in a denial of service, or possibly execute\r\narbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04.\r\n(CVE-2015-2325, CVE-2015-2326)\r\n\r\nWen Guanxing discovered that PCRE incorrectly handled certain regular\r\nexpressions. A remote attacker could use this issue to cause applications\r\nusing PCRE to crash, resulting in a denial of service, or possibly execute\r\narbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3210)\r\n\r\nIt was discovered that PCRE incorrectly handled certain regular\r\nexpressions. A remote attacker could use this issue to cause applications\r\nusing PCRE to crash, resulting in a denial of service, or possibly execute\r\narbitrary code. This issue only affected Ubuntu 12.04 LTS and 14.04 LTS.\r\n(CVE-2015-5073)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 15.04:\r\n libpcre3 2:8.35-3.3ubuntu1.1\r\n\r\nUbuntu 14.04 LTS:\r\n libpcre3 1:8.31-2ubuntu2.1\r\n\r\nUbuntu 12.04 LTS:\r\n libpcre3 8.12-4ubuntu0.1\r\n\r\nAfter a standard system update you need to restart applications using PCRE,\r\nsuch as the Apache HTTP server and Nginx, to make all the necessary\r\nchanges.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2694-1\r\n CVE-2014-8964, CVE-2015-2325, CVE-2015-2326, CVE-2015-3210,\r\n CVE-2015-5073\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/pcre3/2:8.35-3.3ubuntu1.1\r\n https://launchpad.net/ubuntu/+source/pcre3/1:8.31-2ubuntu2.1\r\n https://launchpad.net/ubuntu/+source/pcre3/8.12-4ubuntu0.1\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "modified": "2015-08-02T00:00:00", "published": "2015-08-02T00:00:00", "id": "SECURITYVULNS:DOC:32379", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32379", "title": "[USN-2694-1] PCRE vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:01", "bulletinFamily": "software", "description": "Multiple memory corruptions on PCRE parsing.", "modified": "2015-08-02T00:00:00", "published": "2015-08-02T00:00:00", "id": "SECURITYVULNS:VULN:14615", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14615", "title": "PCRE multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2020-07-02T11:43:48", "bulletinFamily": "unix", "description": "Michele Spagnuolo discovered that PCRE incorrectly handled certain regular \nexpressions. A remote attacker could use this issue to cause applications \nusing PCRE to crash, resulting in a denial of service, or possibly execute \narbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-8964)\n\nKai Lu discovered that PCRE incorrectly handled certain regular \nexpressions. A remote attacker could use this issue to cause applications \nusing PCRE to crash, resulting in a denial of service, or possibly execute \narbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. \n(CVE-2015-2325, CVE-2015-2326)\n\nWen Guanxing discovered that PCRE incorrectly handled certain regular \nexpressions. A remote attacker could use this issue to cause applications \nusing PCRE to crash, resulting in a denial of service, or possibly execute \narbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3210)\n\nIt was discovered that PCRE incorrectly handled certain regular \nexpressions. A remote attacker could use this issue to cause applications \nusing PCRE to crash, resulting in a denial of service, or possibly execute \narbitrary code. This issue only affected Ubuntu 12.04 LTS and 14.04 LTS. \n(CVE-2015-5073)", "modified": "2015-07-29T00:00:00", "published": "2015-07-29T00:00:00", "id": "USN-2694-1", "href": "https://ubuntu.com/security/notices/USN-2694-1", "title": "PCRE vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-02T11:33:42", "bulletinFamily": "unix", "description": "It was discovered that PCRE incorrectly handled certain regular \nexpressions. A remote attacker could use this issue to cause applications \nusing PCRE to crash, resulting in a denial of service, or possibly execute \narbitrary code.", "modified": "2016-03-29T00:00:00", "published": "2016-03-29T00:00:00", "id": "USN-2943-1", "href": "https://ubuntu.com/security/notices/USN-2943-1", "title": "PCRE vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:26:16", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2016:1025\n\n\nPCRE is a Perl-compatible regular expression library.\n\nSecurity Fix(es):\n\n* Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-May/033921.html\n\n**Affected packages:**\npcre\npcre-devel\npcre-static\npcre-tools\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-1025.html", "modified": "2016-05-13T00:44:08", "published": "2016-05-13T00:44:08", "href": "http://lists.centos.org/pipermail/centos-announce/2016-May/033921.html", "id": "CESA-2016:1025", "title": "pcre security update", "type": "centos", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:16", "bulletinFamily": "unix", "description": "[8.32-15.1]\n- Fix CVE-2015-2328 (infinite recursion compiling pattern with recursive\n reference in a group with indefinite repeat) (bug #1330508)\n- Fix CVE-2015-8385 (buffer overflow caused by named forward reference to\n duplicate group number) (bug #1330508)\n- Fix CVE-2015-8386 (buffer overflow caused by lookbehind assertion)\n (bug #1330508)\n- Fix CVE-2015-3217 (stack overflow caused by mishandled group empty match)\n (bug #1330508)\n- Fix CVE-2015-5073 and CVE-2015-8388 (buffer overflow for forward reference\n within backward assertion with excess closing parenthesis) (bug #1330508)\n- Fix CVE-2015-8391 (inefficient posix character class syntax check)\n (bug #1330508)\n- Fix CVE-2016-3191 (workspace overflow for (*ACCEPT) with deeply nested\n parentheses) (bug #1330508)", "modified": "2016-05-11T00:00:00", "published": "2016-05-11T00:00:00", "id": "ELSA-2016-1025", "href": "http://linux.oracle.com/errata/ELSA-2016-1025.html", "title": "pcre security update", "type": "oraclelinux", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:46:50", "bulletinFamily": "unix", "description": "PCRE is a Perl-compatible regular expression library.\n\nSecurity Fix(es):\n\n* Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)", "modified": "2018-04-12T03:33:11", "published": "2016-05-11T15:17:05", "id": "RHSA-2016:1025", "href": "https://access.redhat.com/errata/RHSA-2016:1025", "type": "redhat", "title": "(RHSA-2016:1025) Important: pcre security update", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2019-12-11T13:32:46", "bulletinFamily": "unix", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. The memcache, mongo, and XDebug extensions are also included.\n\nThe rh-php56 Software Collection has been upgraded to version 5.6.25, which provides a number of bug fixes and enhancements over the previous version. (BZ#1356157, BZ#1365401)\n\nSecurity Fixes in the rh-php56-php component:\n\n* Several Moderate and Low impact security issues were found in PHP. Under certain circumstances, these issues could cause PHP to crash, disclose portions of its memory, execute arbitrary code, or impact PHP application integrity. Space precludes documenting each of these issues in this advisory. Refer to the CVE links in the References section for a description of each of these vulnerabilities. (CVE-2013-7456, CVE-2014-9767, CVE-2015-8835, CVE-2015-8865, CVE-2015-8866, CVE-2015-8867, CVE-2015-8873, CVE-2015-8874, CVE-2015-8876, CVE-2015-8877, CVE-2015-8879, CVE-2016-1903, CVE-2016-2554, CVE-2016-3074, CVE-2016-3141, CVE-2016-3142, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073, CVE-2016-4342, CVE-2016-4343, CVE-2016-4473, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-5093, CVE-2016-5094, CVE-2016-5096, CVE-2016-5114, CVE-2016-5399, CVE-2016-5766, CVE-2016-5767, CVE-2016-5768, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6128, CVE-2016-6207, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132)\n\n* Multiple flaws were found in the PCRE library included with the rh-php56-php packages for Red Hat Enterprise Linux 6. A specially crafted regular expression could cause PHP to crash or, possibly, execute arbitrary code. (CVE-2015-2325, CVE-2015-2326, CVE-2015-2327, CVE-2015-2328, CVE-2015-3210, CVE-2015-3217, CVE-2015-5073, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2015-8391, CVE-2015-8392, CVE-2015-8395)\n\nRed Hat would like to thank Hans Jerry Illikainen for reporting CVE-2016-3074, CVE-2016-4473, and CVE-2016-5399.", "modified": "2018-06-13T01:28:23", "published": "2016-11-15T16:13:31", "id": "RHSA-2016:2750", "href": "https://access.redhat.com/errata/RHSA-2016:2750", "type": "redhat", "title": "(RHSA-2016:2750) Moderate: rh-php56 security, bug fix, and enhancement update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:31:06", "bulletinFamily": "unix", "description": "MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaDB uses PCRE, a Perl-compatible regular expression library, to implement regular expression support in SQL queries.\n\nSecurity Fix(es):\n\n* It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client. (CVE-2016-2047)\n\n* This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2015-4792, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4879, CVE-2015-4895, CVE-2015-4913, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608, CVE-2016-0609, CVE-2016-0610, CVE-2016-0616, CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0643, CVE-2016-0644, CVE-2016-0646, CVE-2016-0647, CVE-2016-0648, CVE-2016-0649, CVE-2016-0650, CVE-2016-0651, CVE-2016-0655, CVE-2016-0666, CVE-2016-0668)\n\n* Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make MariaDB execute an SQL query with a specially crafted regular expression could use these flaws to cause it to crash or, possibly, execute arbitrary code. (CVE-2015-3210, CVE-2015-3217, CVE-2015-5073, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2015-8391, CVE-2015-8392, CVE-2015-8395, CVE-2016-1283, CVE-2016-3191)", "modified": "2018-06-13T01:28:20", "published": "2016-05-26T12:10:09", "id": "RHSA-2016:1132", "href": "https://access.redhat.com/errata/RHSA-2016:1132", "type": "redhat", "title": "(RHSA-2016:1132) Important: rh-mariadb100-mariadb security update", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:53", "bulletinFamily": "unix", "description": "### Background\n\nlibpcre is a library providing functions for Perl-compatible regular expressions. \n\n### Description\n\nMultiple vulnerabilities have been discovered in libpcre. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker can possibly execute arbitrary code or create a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll libpcre users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/libpcre-8.38-r1\"", "modified": "2016-07-09T00:00:00", "published": "2016-07-09T00:00:00", "id": "GLSA-201607-02", "href": "https://security.gentoo.org/glsa/201607-02", "type": "gentoo", "title": "libpcre: Multiple Vulnerabilities", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}], "suse": [{"lastseen": "2017-10-11T05:54:20", "bulletinFamily": "unix", "description": "The SUSE Linux Enterprise Server 12 SP1 container image has been updated\n to include security and stability fixes.\n\n The following issues related to building of the container images have been\n fixed:\n\n - Included krb5 package to avoid the inclusion of krb5-mini which gets\n selected as a dependency by the Build Service solver. (bsc#1056193)\n - Do not install recommended packages when building container images.\n (bsc#975726)\n\n A number of security issues that have been already fixed by updates\n released for SUSE Linux Enterprise Server 12 SP1 are now included in the\n base image. A package/CVE cross-reference is available below.\n\n pam:\n\n - CVE-2015-3238\n\n libtasn1:\n\n - CVE-2015-3622\n - CVE-2016-4008\n\n expat:\n\n expat:\n\n - CVE-2012-6702\n - CVE-2015-1283\n - CVE-2016-0718\n - CVE-2016-5300\n - CVE-2016-9063\n - CVE-2017-9233\n\n libidn:\n\n - CVE-2015-2059\n - CVE-2015-8948\n - CVE-2016-6261\n - CVE-2016-6262\n - CVE-2016-6263\n\n\n zlib:\n\n - CVE-2016-9840\n - CVE-2016-9841\n - CVE-2016-9842\n - CVE-2016-9843\n\n curl:\n\n - CVE-2016-5419\n - CVE-2016-5420\n - CVE-2016-5421\n - CVE-2016-7141\n - CVE-2016-7167\n - CVE-2016-8615\n - CVE-2016-8616\n - CVE-2016-8617\n - CVE-2016-8618\n - CVE-2016-8619\n - CVE-2016-8620\n - CVE-2016-8621\n - CVE-2016-8622\n - CVE-2016-8623\n - CVE-2016-8624\n - CVE-2016-9586\n - CVE-2017-1000100\n - CVE-2017-1000101\n - CVE-2017-7407\n\n openssl:\n\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2177\n - CVE-2016-2178\n - CVE-2016-2179\n - CVE-2016-2180\n - CVE-2016-2181\n - CVE-2016-2182\n - CVE-2016-2183\n - CVE-2016-6302\n - CVE-2016-6303\n - CVE-2016-6304\n - CVE-2016-6306\n - CVE-2016-7056\n - CVE-2016-8610\n - CVE-2017-3731\n\n cracklib:\n\n - CVE-2016-6318\n\n pcre:\n\n - CVE-2014-8964\n - CVE-2015-2325\n - CVE-2015-2327\n - CVE-2015-2328\n - CVE-2015-3210\n - CVE-2015-3217\n - CVE-2015-5073\n - CVE-2015-8380\n - CVE-2015-8381\n - CVE-2015-8382\n - CVE-2015-8383\n - CVE-2015-8384\n - CVE-2015-8385\n - CVE-2015-8386\n - CVE-2015-8387\n - CVE-2015-8388\n - CVE-2015-8389\n - CVE-2015-8390\n - CVE-2015-8391\n - CVE-2015-8392\n - CVE-2015-8393\n - CVE-2015-8394\n - CVE-2015-8395\n - CVE-2016-1283\n - CVE-2016-3191\n\n appamor:\n\n - CVE-2017-6507\n\n bash:\n\n - CVE-2014-6277\n - CVE-2014-6278\n - CVE-2016-0634\n - CVE-2016-7543\n\n cpio:\n\n - CVE-2016-2037\n\n glibc:\n\n - CVE-2016-1234\n - CVE-2016-3075\n - CVE-2016-3706\n - CVE-2016-4429\n - CVE-2017-1000366\n\n perl:\n\n - CVE-2015-8853\n - CVE-2016-1238\n - CVE-2016-2381\n - CVE-2016-6185\n\n libssh2_org:\n\n - CVE-2016-0787\n\n util-linux:\n\n - CVE-2016-5011\n - CVE-2017-2616\n\n ncurses:\n\n - CVE-2017-10684\n - CVE-2017-10685\n - CVE-2017-11112\n - CVE-2017-11113\n\n libksba:\n\n - CVE-2016-4574\n - CVE-2016-4579\n\n libxml2:\n\n - CVE-2014-0191\n - CVE-2015-8806\n - CVE-2016-1762\n - CVE-2016-1833\n - CVE-2016-1834\n - CVE-2016-1835\n - CVE-2016-1837\n - CVE-2016-1838\n - CVE-2016-1839\n - CVE-2016-1840\n - CVE-2016-2073\n - CVE-2016-3627\n - CVE-2016-3705\n - CVE-2016-4447\n - CVE-2016-4448\n - CVE-2016-4449\n - CVE-2016-4483\n - CVE-2016-4658\n - CVE-2016-9318\n - CVE-2016-9597\n - CVE-2017-9047\n - CVE-2017-9048\n - CVE-2017-9049\n - CVE-2017-9050\n\n libgcrypt:\n\n - CVE-2015-7511\n - CVE-2016-6313\n - CVE-2017-7526\n\n update-alternatives:\n\n - CVE-2015-0860\n\n systemd:\n\n - CVE-2014-9770\n - CVE-2015-8842\n - CVE-2016-7796\n\n dbus-1:\n\n - CVE-2014-7824\n - CVE-2015-0245\n\n Finally, the following packages received non-security fixes:\n\n - augeas\n - bzip2\n - ca-certificates-mozilla\n - coreutils\n - cryptsetup\n - cyrus-sasl\n - dirmngr\n - e2fsprogs\n - findutils\n - gpg2\n - insserv-compat\n - kmod\n - libcap\n - libsolv\n - libzypp\n - lua51\n - lvm2\n - netcfg\n - p11-kit\n - permissions\n - procps\n - rpm\n - sed\n - sg3_utils\n - shadow\n - zypper\n\n", "modified": "2017-10-11T03:07:32", "published": "2017-10-11T03:07:32", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html", "id": "SUSE-SU-2017:2700-1", "title": "Security update for SLES 12-SP1 Docker image (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-11T05:54:19", "bulletinFamily": "unix", "description": "The SUSE Linux Enterprise Server 12 container image has been updated to\n include security and stability fixes.\n\n The following issues related to building of the container images have been\n fixed:\n\n - Included krb5 package to avoid the inclusion of krb5-mini which gets\n selected as a dependency by the Build Service solver. (bsc#1056193)\n - Do not install recommended packages when building container images.\n (bsc#975726)\n\n A number of security issues that have been already fixed by updates\n released for SUSE Linux Enterprise Server 12 are now included in the base\n image. A package/CVE cross-reference is available below.\n\n pam:\n\n - CVE-2015-3238\n\n libtasn1:\n\n - CVE-2015-3622\n - CVE-2016-4008\n\n libidn:\n\n - CVE-2015-2059\n - CVE-2015-8948\n - CVE-2016-6261\n - CVE-2016-6262\n - CVE-2016-6263\n\n zlib:\n\n - CVE-2016-9840\n - CVE-2016-9841\n - CVE-2016-9842\n - CVE-2016-9843\n\n curl:\n\n - CVE-2016-5419\n - CVE-2016-5420\n - CVE-2016-5421\n - CVE-2016-7141\n - CVE-2016-7167\n - CVE-2016-8615\n - CVE-2016-8616\n - CVE-2016-8617\n - CVE-2016-8618\n - CVE-2016-8619\n - CVE-2016-8620\n - CVE-2016-8621\n - CVE-2016-8622\n - CVE-2016-8623\n - CVE-2016-8624\n - CVE-2016-9586\n - CVE-2017-1000100\n - CVE-2017-1000101\n - CVE-2017-7407\n\n openssl:\n\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2177\n - CVE-2016-2178\n - CVE-2016-2179\n - CVE-2016-2180\n - CVE-2016-2181\n - CVE-2016-2182\n - CVE-2016-2183\n - CVE-2016-6302\n - CVE-2016-6303\n - CVE-2016-6304\n - CVE-2016-6306\n\n libxml2:\n\n - CVE-2014-0191\n - CVE-2015-8806\n - CVE-2016-1762\n - CVE-2016-1833\n - CVE-2016-1834\n - CVE-2016-1835\n - CVE-2016-1837\n - CVE-2016-1838\n - CVE-2016-1839\n - CVE-2016-1840\n - CVE-2016-2073\n - CVE-2016-3627\n - CVE-2016-3705\n - CVE-2016-4447\n - CVE-2016-4448\n - CVE-2016-4449\n - CVE-2016-4483\n - CVE-2016-4658\n - CVE-2016-9318\n - CVE-2016-9597\n - CVE-2017-9047\n - CVE-2017-9048\n - CVE-2017-9049\n - CVE-2017-9050\n\n util-linux:\n\n - CVE-2015-5218\n - CVE-2016-5011\n - CVE-2017-2616\n\n cracklib:\n\n - CVE-2016-6318\n\n systemd:\n\n - CVE-2014-9770\n - CVE-2015-8842\n - CVE-2016-7796\n\n pcre:\n\n - CVE-2014-8964\n - CVE-2015-2325\n - CVE-2015-2327\n - CVE-2015-2328\n - CVE-2015-3210\n - CVE-2015-3217\n - CVE-2015-5073\n - CVE-2015-8380\n - CVE-2015-8381\n - CVE-2015-8382\n - CVE-2015-8383\n - CVE-2015-8384\n - CVE-2015-8385\n - CVE-2015-8386\n - CVE-2015-8387\n - CVE-2015-8388\n - CVE-2015-8389\n - CVE-2015-8390\n - CVE-2015-8391\n - CVE-2015-8392\n - CVE-2015-8393\n - CVE-2015-8394\n - CVE-2015-8395\n - CVE-2016-1283\n - CVE-2016-3191\n\n appamor:\n\n - CVE-2017-6507\n\n bash:\n\n - CVE-2014-6277\n - CVE-2014-6278\n - CVE-2016-0634\n - CVE-2016-7543\n\n cpio:\n\n - CVE-2016-2037\n\n glibc:\n\n - CVE-2016-1234\n - CVE-2016-3075\n - CVE-2016-3706\n - CVE-2016-4429\n - CVE-2017-1000366\n\n perl:\n\n - CVE-2015-8853\n - CVE-2016-1238\n - CVE-2016-2381\n - CVE-2016-6185\n\n libssh2_org:\n\n - CVE-2016-0787\n\n expat:\n\n - CVE-2012-6702\n - CVE-2015-1283\n - CVE-2016-0718\n - CVE-2016-5300\n - CVE-2016-9063\n - CVE-2017-9233\n\n ncurses:\n\n - CVE-2017-10684\n - CVE-2017-10685\n - CVE-2017-11112\n - CVE-2017-11113\n\n libksba:\n\n - CVE-2016-4574\n - CVE-2016-4579\n\n libgcrypt:\n\n - CVE-2015-7511\n - CVE-2016-6313\n - CVE-2017-7526\n\n dbus-1:\n\n - CVE-2014-7824\n - CVE-2015-0245\n\n Finally, the following packages received non-security fixes:\n\n - augeas\n - bzip2\n - ca-certificates-mozilla\n - coreutils\n - cryptsetup\n - cyrus-sasl\n - dirmngr\n - e2fsprogs\n - findutils\n - gpg2\n - insserv-compat\n - kmod\n - libcap\n - libsolv\n - libzypp\n - openldap2\n - p11-kit\n - permissions\n - procps\n - rpm\n - sed\n - shadow\n - zypper\n\n", "modified": "2017-10-11T03:06:53", "published": "2017-10-11T03:06:53", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html", "id": "SUSE-SU-2017:2699-1", "title": "Security update for SLES 12 Docker image (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
