ID SOL17331 Type f5 Reporter f5 Modified 2015-09-29T00:00:00
Description
Recommended Action
If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.
F5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.
To mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network, and limit access to only trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system.
Supplemental Information
SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
SOL4918: Overview of the F5 critical issue hotfix policy
{"reporter": "f5", "published": "2015-09-29T00:00:00", "cvelist": ["CVE-2015-5073"], "title": "SOL17331 - PCRE library vulnerability CVE-2015-5073", "objectVersion": "1.2", "type": "f5", "hash": "11dde033a7a550f2f2a6769c1d968fe0aa71cc9ce1cb65f389c9abf297df5582", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/300/sol17331.html", "bulletinFamily": "software", "hashmap": [{"hash": "e2331c42c0783a4eadff85a8b28dd7d4", "key": "affectedSoftware"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "0c8da25764e5f17ac6437313f821ff5c", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "f1cd1cb9b70a35b40991606931649167", "key": "description"}, {"hash": "99511b7578d8801b962e1002d5d088eb", "key": "href"}, {"hash": "311fe06b3cf4192127ad9986f2239f2a", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "311fe06b3cf4192127ad9986f2239f2a", "key": "published"}, {"hash": "d708145dea38455a229de4cb2bf9c70e", "key": "references"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "reporter"}, {"hash": "fab8045e3e3497096af685ff69c7c6a6", "key": "title"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "type"}, {"hash": "cfcd208495d565ef66e7dff9f98764da", "key": "viewCount"}], "history": [], "enchantments": {"vulnersScore": 5.0}, "modified": "2015-09-29T00:00:00", "viewCount": 0, "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 1, "affectedSoftware": [{"operator": "le", "name": "BIG-IP PSM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP AAM", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP AFM", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP APM", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP Link Controller", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IQ Device", "version": "4.5.0"}, {"operator": "le", "name": "BIG-IP GTM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP PEM", "version": "11.6.0"}, {"operator": "le", "name": "Enterprise Manager", "version": "3.1.1"}, {"operator": "le", "name": "BIG-IP APM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP DNS\n", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP Analytics", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP WebAccelerator", "version": "11.3.0"}, {"operator": "le", "name": "BIG-IP Analytics", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP ASM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP Edge Gateway\n", "version": "11.3.0"}, {"operator": "le", "name": "Traffix SDC", "version": "4.4.0"}, {"operator": "le", "name": "BIG-IP LTM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP PSM", "version": "11.4.1"}, {"operator": "le", "name": "BIG-IP LTM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP AAM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP ASM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP WebAccelerator", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP PEM", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP Link Controller", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP AFM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IQ Cloud", "version": "4.5.0"}, {"operator": "le", "name": "BIG-IP APM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP Link Controller", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IP WOM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IQ Security", "version": "4.5.0"}, {"operator": "le", "name": "BIG-IP GTM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP LTM", "version": "12.0.0"}, {"operator": "le", "name": "BIG-IQ ADC", "version": "4.5.0"}, {"operator": "le", "name": "BIG-IP WOM", "version": "11.3.0"}, {"operator": "le", "name": "ARX", "version": "6.4.0"}, {"operator": "le", "name": "Traffix SDC", "version": "3.5.1"}, {"operator": "le", "name": "BIG-IP Edge Gateway\n", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP ASM", "version": "12.0.0"}], "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "id": "SOL17331", "lastseen": "2016-09-26T17:22:56", "description": "Recommended Action\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network, and limit access to only trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system. \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n"}
{"result": {"cve": [{"id": "CVE-2015-5073", "type": "cve", "title": "CVE-2015-5073", "description": "Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.", "published": "2016-12-13T11:59:06", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5073", "cvelist": ["CVE-2015-5073"], "lastseen": "2018-01-05T11:51:44"}], "f5": [{"id": "F5:K17331", "type": "f5", "title": "PCRE library vulnerability CVE-2015-5073", "description": "\nF5 Product Development has assigned ID 548295 (BIG-IP), ID 548541 (BIG-IQ), ID548542 (Enterprise Manager), and ID 541509 (ARX) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H548643 on the **Diagnostics** >** Identified** > **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 - 12.1.2 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| 13.0.0| Medium| PCRE library \nBIG-IP AAM| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| 13.0.0| Medium| PCRE library \nBIG-IP AFM| 12.0.0 - 12.1.2 \n11.3.0 - 11.6.1| 13.0.0| Medium| PCRE library \nBIG-IP Analytics| 12.0.0 - 12.1.2 \n11.0.0 - 11.6.1| 13.0.0| Medium| PCRE library \nBIG-IP APM| 12.0.0 - 12.1.2 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| 13.0.0| Medium| PCRE library \nBIG-IP ASM| 12.0.0 - 12.1.2 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| 13.0.0| Medium| PCRE library \nBIG-IP DNS| 12.0.0 -12.1.2| 13.0.0| Medium| PCRE library \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| PCRE library \nBIG-IP GTM| 11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| None| Medium| PCRE library \nBIG-IP Link Controller| 12.0.0 -12.1.2 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| 13.0.0| Medium| PCRE library \nBIG-IP PEM| 12.0.0 - 12.1.2 \n11.3.0 - 11.6.1| 13.0.0| Medium| PCRE library \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| None| Medium| PCRE library \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| PCRE library \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| PCRE library \nARX| 6.0.0 - 6.4.0| None| Low| PCRE library \nEnterprise Manager| 3.0.0 - 3.1.1| None| Medium| PCRE library \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Medium| PCRE library \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Medium| PCRE library \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Medium| PCRE library \nBIG-IQ ADC| 4.5.0| None| Medium| PCRE library \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nBIG-IP WebSafe| 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1| 13.0.0| Medium| PCRE library \nTraffix SDC| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| None| Low| PCRE library\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network, and limit access to only trusted users. For more information, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "published": "2015-09-29T10:24:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://support.f5.com/csp/article/K17331", "cvelist": ["CVE-2015-5073"], "lastseen": "2017-06-08T00:16:03"}], "openvas": [{"id": "OPENVAS:1361412562310140179", "type": "openvas", "title": "F5 BIG-IP - PCRE library vulnerability CVE-2015-5073", "description": "Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.", "published": "2017-03-07T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310140179", "cvelist": ["CVE-2015-5073", "CVE-2016-9244"], "lastseen": "2017-07-02T21:14:35"}, {"id": "OPENVAS:1361412562310130110", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0267", "description": "Mageia Linux Local Security Checks mgasa-2015-0267", "published": "2015-10-15T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130110", "cvelist": ["CVE-2015-5073"], "lastseen": "2017-07-24T12:53:44"}, {"id": "OPENVAS:1361412562310105322", "type": "openvas", "title": "IPFire 2.17 - Core Update 93", "description": "IPFire 2.17 - Core Update 93 fixes multiple security vulnerabilities.", "published": "2015-08-18T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105322", "cvelist": ["CVE-2015-5073"], "lastseen": "2017-07-07T10:51:44"}, {"id": "OPENVAS:1361412562310869869", "type": "openvas", "title": "Fedora Update for pcre FEDORA-2015-12921", "description": "Check the version of pcre", "published": "2015-08-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869869", "cvelist": ["CVE-2015-3210", "CVE-2015-5073"], "lastseen": "2017-07-25T10:52:28"}, {"id": "OPENVAS:1361412562310869746", "type": "openvas", "title": "Fedora Update for pcre FEDORA-2015-11027", "description": "Check the version of pcre", "published": "2015-07-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869746", "cvelist": ["CVE-2015-3210", "CVE-2015-5073"], "lastseen": "2017-07-25T10:53:19"}, {"id": "OPENVAS:1361412562310869768", "type": "openvas", "title": "Fedora Update for pcre FEDORA-2015-11019", "description": "Check the version of pcre", "published": "2015-07-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869768", "cvelist": ["CVE-2015-3210", "CVE-2014-8964", "CVE-2015-5073"], "lastseen": "2017-07-25T10:53:39"}, {"id": "OPENVAS:1361412562310842393", "type": "openvas", "title": "Ubuntu Update for pcre3 USN-2694-1", "description": "Check the version of pcre3", "published": "2015-07-30T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842393", "cvelist": ["CVE-2015-3210", "CVE-2015-2325", "CVE-2014-8964", "CVE-2015-5073", "CVE-2015-2326"], "lastseen": "2017-12-04T11:24:47"}, {"id": "OPENVAS:1361412562310871620", "type": "openvas", "title": "RedHat Update for pcre RHSA-2016:1025-01", "description": "Check the version of pcre", "published": "2016-06-03T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871620", "cvelist": ["CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8386", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328"], "lastseen": "2017-07-27T10:54:22"}, {"id": "OPENVAS:1361412562310882492", "type": "openvas", "title": "CentOS Update for pcre CESA-2016:1025 centos7 ", "description": "Check the version of pcre", "published": "2016-05-17T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882492", "cvelist": ["CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8386", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328"], "lastseen": "2017-07-25T10:55:01"}, {"id": "OPENVAS:1361412562310842704", "type": "openvas", "title": "Ubuntu Update for pcre3 USN-2943-1", "description": "Check the version of pcre3", "published": "2016-04-11T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842704", "cvelist": ["CVE-2015-8388", "CVE-2015-3210", "CVE-2015-2325", "CVE-2015-8391", "CVE-2015-8395", "CVE-2015-8382", "CVE-2015-8386", "CVE-2015-2327", "CVE-2015-8392", "CVE-2015-8389", "CVE-2015-8380", "CVE-2016-1283", "CVE-2015-8393", "CVE-2015-8394", "CVE-2016-3191", "CVE-2015-8384", "CVE-2015-8383", "CVE-2015-8381", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328", "CVE-2014-9769", "CVE-2015-8387", "CVE-2015-8390", "CVE-2015-2326"], "lastseen": "2017-12-04T11:25:04"}], "nessus": [{"id": "F5_BIGIP_SOL17331.NASL", "type": "nessus", "title": "F5 Networks BIG-IP : PCRE library vulnerability (K17331)", "description": "Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis. (CVE-2015-5073)", "published": "2017-03-06T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=97531", "cvelist": ["CVE-2015-5073"], "lastseen": "2017-10-29T13:41:40"}, {"id": "FREEBSD_PKG_8A1D0E631E0711E5B43D002590263BF5.NASL", "type": "nessus", "title": "FreeBSD : pcre -- Heap Overflow Vulnerability in find_fixedlength() (8a1d0e63-1e07-11e5-b43d-002590263bf5)", "description": "Venustech ADLAB reports :\n\nPCRE library is prone to a vulnerability which leads to Heap Overflow.\nDuring subpattern calculation of a malformed regular expression, an offset that is used as an array index is fully controlled and can be large enough so that unexpected heap memory regions are accessed.\n\nOne could at least exploit this issue to read objects nearby of the affected application's memory.\n\nSuch information disclosure may also be used to bypass memory protection method such as ASLR.", "published": "2015-07-21T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=84887", "cvelist": ["CVE-2015-5073"], "lastseen": "2017-10-29T13:44:46"}, {"id": "FEDORA_2015-11019.NASL", "type": "nessus", "title": "Fedora 21 : pcre-8.35-12.fc21 (2015-11019)", "description": "This release fixes two heap buffer overflows when compiling certain regular expressions: CVE-2015-3210 and CVE-2015-5073.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-07-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=84843", "cvelist": ["CVE-2015-3210", "CVE-2015-5073"], "lastseen": "2017-10-29T13:45:37"}, {"id": "FEDORA_2015-11027.NASL", "type": "nessus", "title": "Fedora 22 : pcre-8.37-2.fc22 (2015-11027)", "description": "This release fixes two heap buffer overflows when compiling certain regular expressions: CVE-2015-3210 and CVE-2015-5073.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-07-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=84685", "cvelist": ["CVE-2015-3210", "CVE-2015-5073"], "lastseen": "2017-10-29T13:43:34"}, {"id": "UBUNTU_USN-2694-1.NASL", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : pcre3 vulnerabilities (USN-2694-1)", "description": "Michele Spagnuolo discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-8964)\n\nKai Lu discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-2325, CVE-2015-2326)\n\nWen Guanxing discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3210)\n\nIt was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and 14.04 LTS. (CVE-2015-5073).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-07-30T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85122", "cvelist": ["CVE-2015-3210", "CVE-2015-2325", "CVE-2014-8964", "CVE-2015-5073", "CVE-2015-2326"], "lastseen": "2017-10-29T13:41:40"}, {"id": "OPENSUSE-2016-1303.NASL", "type": "nessus", "title": "openSUSE Security Update : pcre (openSUSE-2016-1303)", "description": "This version fixes a number of vulnerabilities that affect pcre and applications using the libary when accepting untrusted input as regular expressions or as part thereof. Remote attackers could have caused the application to crash, disclose information or potentially execute arbitrary code.\n\n - Update to PCRE 8.39 FATE#320298 boo#972127.\n\n - CVE-2015-3210: heap buffer overflow in pcre_compile2() / compile_regex() (boo#933288)\n\n - CVE-2015-3217: pcre: PCRE Library Call Stack Overflow Vulnerability in match() (boo#933878)\n\n - CVE-2015-5073: pcre: Library Heap Overflow Vulnerability in find_fixedlength() (boo#936227)\n\n - boo#942865: heap overflow in compile_regex()\n\n - CVE-2015-8380: pcre: heap overflow in pcre_exec (boo#957566)\n\n - boo#957598: various security issues fixed in pcre 8.37 and 8.38 release\n\n - CVE-2016-1283: pcre: Heap buffer overflow in pcre_compile2 causes DoS (boo#960837)\n\n - CVE-2016-3191: pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (boo#971741)", "published": "2016-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=94906", "cvelist": ["CVE-2015-3210", "CVE-2015-8380", "CVE-2016-1283", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-5073"], "lastseen": "2017-10-29T13:43:03"}, {"id": "EULEROS_SA-2016-1023.NASL", "type": "nessus", "title": "EulerOS 2.0 SP1 : pcre (EulerOS-SA-2016-1023)", "description": "According to the versions of the pcre packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-05-02T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=99786", "cvelist": ["CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8386", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328"], "lastseen": "2017-10-29T13:46:03"}, {"id": "SL_20160511_PCRE_ON_SL7_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : pcre on SL7.x x86_64", "description": "Security Fix(es) :\n\n - Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)", "published": "2016-05-12T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=91081", "cvelist": ["CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8386", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328"], "lastseen": "2017-10-29T13:34:16"}, {"id": "CENTOS_RHSA-2016-1025.NASL", "type": "nessus", "title": "CentOS 7 : pcre (CESA-2016:1025)", "description": "An update for pcre is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPCRE is a Perl-compatible regular expression library.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)", "published": "2016-05-13T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=91104", "cvelist": ["CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8386", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328"], "lastseen": "2017-10-29T13:39:51"}, {"id": "REDHAT-RHSA-2016-1025.NASL", "type": "nessus", "title": "RHEL 7 : pcre (RHSA-2016:1025)", "description": "An update for pcre is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPCRE is a Perl-compatible regular expression library.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)", "published": "2016-05-12T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=91078", "cvelist": ["CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8386", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328"], "lastseen": "2017-10-29T13:39:27"}], "freebsd": [{"id": "8A1D0E63-1E07-11E5-B43D-002590263BF5", "type": "freebsd", "title": "pcre -- Heap Overflow Vulnerability in find_fixedlength()", "description": "\nVenustech ADLAB reports:\n\nPCRE library is prone to a vulnerability which leads to Heap\n\t Overflow. During subpattern calculation of a malformed regular\n\t expression, an offset that is used as an array index is fully\n\t controlled and can be large enough so that unexpected heap\n\t memory regions are accessed.\nOne could at least exploit this issue to read objects nearby of\n\t the affected application's memory.\nSuch information disclosure may also be used to bypass memory\n\t protection method such as ASLR.\n\n", "published": "2015-06-23T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/8a1d0e63-1e07-11e5-b43d-002590263bf5.html", "cvelist": ["CVE-2015-5073"], "lastseen": "2017-04-18T17:18:12"}], "ubuntu": [{"id": "USN-2694-1", "type": "ubuntu", "title": "PCRE vulnerabilities", "description": "Michele Spagnuolo discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-8964)\n\nKai Lu discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-2325, CVE-2015-2326)\n\nWen Guanxing discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3210)\n\nIt was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and 14.04 LTS. (CVE-2015-5073)", "published": "2015-07-29T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2694-1/", "cvelist": ["CVE-2015-3210", "CVE-2015-2325", "CVE-2014-8964", "CVE-2015-5073", "CVE-2015-2326"], "lastseen": "2018-03-29T18:21:24"}, {"id": "USN-2943-1", "type": "ubuntu", "title": "PCRE vulnerabilities", "description": "It was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code.", "published": "2016-03-29T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/2943-1/", "cvelist": ["CVE-2015-8388", "CVE-2015-3210", "CVE-2015-2325", "CVE-2015-8391", "CVE-2015-8395", "CVE-2015-8382", "CVE-2015-8386", "CVE-2015-2327", "CVE-2015-8392", "CVE-2015-8389", "CVE-2015-8380", "CVE-2016-1283", "CVE-2015-8393", "CVE-2015-8394", "CVE-2016-3191", "CVE-2015-8384", "CVE-2015-8383", "CVE-2015-8381", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328", "CVE-2014-9769", "CVE-2015-8387", "CVE-2015-8390", "CVE-2015-2326"], "lastseen": "2018-03-29T18:19:24"}], "redhat": [{"id": "RHSA-2016:1025", "type": "redhat", "title": "(RHSA-2016:1025) Important: pcre security update", "description": "PCRE is a Perl-compatible regular expression library.\n\nSecurity Fix(es):\n\n* Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)", "published": "2016-05-11T15:17:05", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:1025", "cvelist": ["CVE-2015-2328", "CVE-2015-3217", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-8386", "CVE-2015-8388", "CVE-2015-8391", "CVE-2016-3191"], "lastseen": "2018-04-15T16:22:02"}, {"id": "RHSA-2016:2750", "type": "redhat", "title": "(RHSA-2016:2750) Moderate: rh-php56 security, bug fix, and enhancement update", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. The memcache, mongo, and XDebug extensions are also included.\n\nThe rh-php56 Software Collection has been upgraded to version 5.6.25, which provides a number of bug fixes and enhancements over the previous version. (BZ#1356157, BZ#1365401)\n\nSecurity Fixes in the rh-php56-php component:\n\n* Several Moderate and Low impact security issues were found in PHP. Under certain circumstances, these issues could cause PHP to crash, disclose portions of its memory, execute arbitrary code, or impact PHP application integrity. Space precludes documenting each of these issues in this advisory. Refer to the CVE links in the References section for a description of each of these vulnerabilities. (CVE-2013-7456, CVE-2014-9767, CVE-2015-8835, CVE-2015-8865, CVE-2015-8866, CVE-2015-8867, CVE-2015-8873, CVE-2015-8874, CVE-2015-8876, CVE-2015-8877, CVE-2015-8879, CVE-2016-1903, CVE-2016-2554, CVE-2016-3074, CVE-2016-3141, CVE-2016-3142, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073, CVE-2016-4342, CVE-2016-4343, CVE-2016-4473, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-5093, CVE-2016-5094, CVE-2016-5096, CVE-2016-5114, CVE-2016-5399, CVE-2016-5766, CVE-2016-5767, CVE-2016-5768, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6128, CVE-2016-6207, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132)\n\n* Multiple flaws were found in the PCRE library included with the rh-php56-php packages for Red Hat Enterprise Linux 6. A specially crafted regular expression could cause PHP to crash or, possibly, execute arbitrary code. (CVE-2015-2325, CVE-2015-2326, CVE-2015-2327, CVE-2015-2328, CVE-2015-3210, CVE-2015-3217, CVE-2015-5073, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2015-8391, CVE-2015-8392, CVE-2015-8395)\n\nRed Hat would like to thank Hans Jerry Illikainen for reporting CVE-2016-3074, CVE-2016-4473, and CVE-2016-5399.", "published": "2016-11-15T16:13:31", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:2750", "cvelist": ["CVE-2013-7456", "CVE-2014-9767", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-2327", "CVE-2015-2328", "CVE-2015-3210", "CVE-2015-3217", "CVE-2015-5073", "CVE-2015-8381", "CVE-2015-8383", "CVE-2015-8384", "CVE-2015-8385", "CVE-2015-8386", "CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8392", "CVE-2015-8395", "CVE-2015-8835", "CVE-2015-8865", "CVE-2015-8866", "CVE-2015-8867", "CVE-2015-8873", "CVE-2015-8874", "CVE-2015-8876", "CVE-2015-8877", "CVE-2015-8879", "CVE-2015-8935", "CVE-2016-1903", "CVE-2016-2554", "CVE-2016-3074", "CVE-2016-3141", "CVE-2016-3142", "CVE-2016-4070", "CVE-2016-4071", "CVE-2016-4072", "CVE-2016-4073", "CVE-2016-4342", "CVE-2016-4343", "CVE-2016-4473", "CVE-2016-4537", "CVE-2016-4538", "CVE-2016-4539", "CVE-2016-4540", "CVE-2016-4541", "CVE-2016-4542", "CVE-2016-4543", "CVE-2016-4544", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-5096", "CVE-2016-5114", "CVE-2016-5399", "CVE-2016-5766", "CVE-2016-5767", "CVE-2016-5768", "CVE-2016-5770", "CVE-2016-5771", "CVE-2016-5772", "CVE-2016-5773", "CVE-2016-6128", "CVE-2016-6207", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6292", "CVE-2016-6294", "CVE-2016-6295", "CVE-2016-6296", "CVE-2016-6297", "CVE-2016-7124", "CVE-2016-7125", "CVE-2016-7126", "CVE-2016-7127", "CVE-2016-7128", "CVE-2016-7129", "CVE-2016-7130", "CVE-2016-7131", "CVE-2016-7132"], "lastseen": "2018-04-25T22:46:05"}, {"id": "RHSA-2016:1132", "type": "redhat", "title": "(RHSA-2016:1132) Important: rh-mariadb100-mariadb security update", "description": "MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaDB uses PCRE, a Perl-compatible regular expression library, to implement regular expression support in SQL queries.\n\nSecurity Fix(es):\n\n* It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client. (CVE-2016-2047)\n\n* This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2015-4792, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4879, CVE-2015-4895, CVE-2015-4913, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608, CVE-2016-0609, CVE-2016-0610, CVE-2016-0616, CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0643, CVE-2016-0644, CVE-2016-0646, CVE-2016-0647, CVE-2016-0648, CVE-2016-0649, CVE-2016-0650, CVE-2016-0651, CVE-2016-0655, CVE-2016-0666, CVE-2016-0668)\n\n* Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make MariaDB execute an SQL query with a specially crafted regular expression could use these flaws to cause it to crash or, possibly, execute arbitrary code. (CVE-2015-3210, CVE-2015-3217, CVE-2015-5073, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2015-8391, CVE-2015-8392, CVE-2015-8395, CVE-2016-1283, CVE-2016-3191)", "published": "2016-05-26T12:10:09", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:1132", "cvelist": ["CVE-2015-3210", "CVE-2015-3217", "CVE-2015-4792", "CVE-2015-4802", "CVE-2015-4815", "CVE-2015-4816", "CVE-2015-4819", "CVE-2015-4826", "CVE-2015-4830", "CVE-2015-4836", "CVE-2015-4858", "CVE-2015-4861", "CVE-2015-4870", "CVE-2015-4879", "CVE-2015-4895", "CVE-2015-4913", "CVE-2015-5073", "CVE-2015-8381", "CVE-2015-8383", "CVE-2015-8384", "CVE-2015-8385", "CVE-2015-8386", "CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8392", "CVE-2015-8395", "CVE-2016-0505", "CVE-2016-0546", "CVE-2016-0596", "CVE-2016-0597", "CVE-2016-0598", "CVE-2016-0600", "CVE-2016-0606", "CVE-2016-0608", "CVE-2016-0609", "CVE-2016-0610", "CVE-2016-0616", "CVE-2016-0640", "CVE-2016-0641", "CVE-2016-0642", "CVE-2016-0643", "CVE-2016-0644", "CVE-2016-0646", "CVE-2016-0647", "CVE-2016-0648", "CVE-2016-0649", "CVE-2016-0650", "CVE-2016-0651", "CVE-2016-0655", "CVE-2016-0666", "CVE-2016-0668", "CVE-2016-1283", "CVE-2016-2047", "CVE-2016-3191", "CVE-2016-3452", "CVE-2016-3459", "CVE-2016-3471", "CVE-2016-5444"], "lastseen": "2018-04-23T08:34:52"}], "centos": [{"id": "CESA-2016:1025", "type": "centos", "title": "pcre security update", "description": "**CentOS Errata and Security Advisory** CESA-2016:1025\n\n\nPCRE is a Perl-compatible regular expression library.\n\nSecurity Fix(es):\n\n* Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-May/021883.html\n\n**Affected packages:**\npcre\npcre-devel\npcre-static\npcre-tools\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-1025.html", "published": "2016-05-13T00:44:08", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2016-May/021883.html", "cvelist": ["CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8386", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328"], "lastseen": "2017-10-03T18:25:01"}], "oraclelinux": [{"id": "ELSA-2016-1025", "type": "oraclelinux", "title": "pcre security update", "description": "[8.32-15.1]\n- Fix CVE-2015-2328 (infinite recursion compiling pattern with recursive\n reference in a group with indefinite repeat) (bug #1330508)\n- Fix CVE-2015-8385 (buffer overflow caused by named forward reference to\n duplicate group number) (bug #1330508)\n- Fix CVE-2015-8386 (buffer overflow caused by lookbehind assertion)\n (bug #1330508)\n- Fix CVE-2015-3217 (stack overflow caused by mishandled group empty match)\n (bug #1330508)\n- Fix CVE-2015-5073 and CVE-2015-8388 (buffer overflow for forward reference\n within backward assertion with excess closing parenthesis) (bug #1330508)\n- Fix CVE-2015-8391 (inefficient posix character class syntax check)\n (bug #1330508)\n- Fix CVE-2016-3191 (workspace overflow for (*ACCEPT) with deeply nested\n parentheses) (bug #1330508)", "published": "2016-05-11T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-1025.html", "cvelist": ["CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8386", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328"], "lastseen": "2016-09-04T11:16:21"}], "gentoo": [{"id": "GLSA-201607-02", "type": "gentoo", "title": "libpcre: Multiple Vulnerabilities", "description": "### Background\n\nlibpcre is a library providing functions for Perl-compatible regular expressions. \n\n### Description\n\nMultiple vulnerabilities have been discovered in libpcre. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker can possibly execute arbitrary code or create a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll libpcre users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/libpcre-8.38-r1\"", "published": "2016-07-09T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201607-02", "cvelist": ["CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8395", "CVE-2015-8386", "CVE-2015-8392", "CVE-2015-8389", "CVE-2015-8380", "CVE-2014-8964", "CVE-2016-1283", "CVE-2015-8393", "CVE-2015-8394", "CVE-2015-8384", "CVE-2015-8383", "CVE-2015-8381", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-8387", "CVE-2015-8390"], "lastseen": "2016-09-06T19:46:53"}], "suse": [{"id": "SUSE-SU-2017:2699-1", "type": "suse", "title": "Security update for SLES 12 Docker image (important)", "description": "The SUSE Linux Enterprise Server 12 container image has been updated to\n include security and stability fixes.\n\n The following issues related to building of the container images have been\n fixed:\n\n - Included krb5 package to avoid the inclusion of krb5-mini which gets\n selected as a dependency by the Build Service solver. (bsc#1056193)\n - Do not install recommended packages when building container images.\n (bsc#975726)\n\n A number of security issues that have been already fixed by updates\n released for SUSE Linux Enterprise Server 12 are now included in the base\n image. A package/CVE cross-reference is available below.\n\n pam:\n\n - CVE-2015-3238\n\n libtasn1:\n\n - CVE-2015-3622\n - CVE-2016-4008\n\n libidn:\n\n - CVE-2015-2059\n - CVE-2015-8948\n - CVE-2016-6261\n - CVE-2016-6262\n - CVE-2016-6263\n\n zlib:\n\n - CVE-2016-9840\n - CVE-2016-9841\n - CVE-2016-9842\n - CVE-2016-9843\n\n curl:\n\n - CVE-2016-5419\n - CVE-2016-5420\n - CVE-2016-5421\n - CVE-2016-7141\n - CVE-2016-7167\n - CVE-2016-8615\n - CVE-2016-8616\n - CVE-2016-8617\n - CVE-2016-8618\n - CVE-2016-8619\n - CVE-2016-8620\n - CVE-2016-8621\n - CVE-2016-8622\n - CVE-2016-8623\n - CVE-2016-8624\n - CVE-2016-9586\n - CVE-2017-1000100\n - CVE-2017-1000101\n - CVE-2017-7407\n\n openssl:\n\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2177\n - CVE-2016-2178\n - CVE-2016-2179\n - CVE-2016-2180\n - CVE-2016-2181\n - CVE-2016-2182\n - CVE-2016-2183\n - CVE-2016-6302\n - CVE-2016-6303\n - CVE-2016-6304\n - CVE-2016-6306\n\n libxml2:\n\n - CVE-2014-0191\n - CVE-2015-8806\n - CVE-2016-1762\n - CVE-2016-1833\n - CVE-2016-1834\n - CVE-2016-1835\n - CVE-2016-1837\n - CVE-2016-1838\n - CVE-2016-1839\n - CVE-2016-1840\n - CVE-2016-2073\n - CVE-2016-3627\n - CVE-2016-3705\n - CVE-2016-4447\n - CVE-2016-4448\n - CVE-2016-4449\n - CVE-2016-4483\n - CVE-2016-4658\n - CVE-2016-9318\n - CVE-2016-9597\n - CVE-2017-9047\n - CVE-2017-9048\n - CVE-2017-9049\n - CVE-2017-9050\n\n util-linux:\n\n - CVE-2015-5218\n - CVE-2016-5011\n - CVE-2017-2616\n\n cracklib:\n\n - CVE-2016-6318\n\n systemd:\n\n - CVE-2014-9770\n - CVE-2015-8842\n - CVE-2016-7796\n\n pcre:\n\n - CVE-2014-8964\n - CVE-2015-2325\n - CVE-2015-2327\n - CVE-2015-2328\n - CVE-2015-3210\n - CVE-2015-3217\n - CVE-2015-5073\n - CVE-2015-8380\n - CVE-2015-8381\n - CVE-2015-8382\n - CVE-2015-8383\n - CVE-2015-8384\n - CVE-2015-8385\n - CVE-2015-8386\n - CVE-2015-8387\n - CVE-2015-8388\n - CVE-2015-8389\n - CVE-2015-8390\n - CVE-2015-8391\n - CVE-2015-8392\n - CVE-2015-8393\n - CVE-2015-8394\n - CVE-2015-8395\n - CVE-2016-1283\n - CVE-2016-3191\n\n appamor:\n\n - CVE-2017-6507\n\n bash:\n\n - CVE-2014-6277\n - CVE-2014-6278\n - CVE-2016-0634\n - CVE-2016-7543\n\n cpio:\n\n - CVE-2016-2037\n\n glibc:\n\n - CVE-2016-1234\n - CVE-2016-3075\n - CVE-2016-3706\n - CVE-2016-4429\n - CVE-2017-1000366\n\n perl:\n\n - CVE-2015-8853\n - CVE-2016-1238\n - CVE-2016-2381\n - CVE-2016-6185\n\n libssh2_org:\n\n - CVE-2016-0787\n\n expat:\n\n - CVE-2012-6702\n - CVE-2015-1283\n - CVE-2016-0718\n - CVE-2016-5300\n - CVE-2016-9063\n - CVE-2017-9233\n\n ncurses:\n\n - CVE-2017-10684\n - CVE-2017-10685\n - CVE-2017-11112\n - CVE-2017-11113\n\n libksba:\n\n - CVE-2016-4574\n - CVE-2016-4579\n\n libgcrypt:\n\n - CVE-2015-7511\n - CVE-2016-6313\n - CVE-2017-7526\n\n dbus-1:\n\n - CVE-2014-7824\n - CVE-2015-0245\n\n Finally, the following packages received non-security fixes:\n\n - augeas\n - bzip2\n - ca-certificates-mozilla\n - coreutils\n - cryptsetup\n - cyrus-sasl\n - dirmngr\n - e2fsprogs\n - findutils\n - gpg2\n - insserv-compat\n - kmod\n - libcap\n - libsolv\n - libzypp\n - openldap2\n - p11-kit\n - permissions\n - procps\n - rpm\n - sed\n - shadow\n - zypper\n\n", "published": "2017-10-11T03:06:53", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html", "cvelist": ["CVE-2016-6262", "CVE-2017-7407", "CVE-2015-8388", "CVE-2016-8620", "CVE-2016-8623", "CVE-2017-9233", "CVE-2016-5420", "CVE-2016-9840", "CVE-2016-3705", "CVE-2016-1840", "CVE-2014-0191", "CVE-2016-8615", "CVE-2016-8616", "CVE-2015-5276", "CVE-2015-3210", "CVE-2015-2325", "CVE-2016-6261", "CVE-2016-8619", "CVE-2017-10685", "CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2015-8391", "CVE-2016-6263", "CVE-2016-2108", "CVE-2016-9063", "CVE-2016-8618", "CVE-2016-1762", "CVE-2016-6302", "CVE-2016-5300", "CVE-2015-8395", "CVE-2016-7141", "CVE-2016-1834", "CVE-2017-11112", "CVE-2016-2177", "CVE-2014-7169", "CVE-2015-8382", "CVE-2016-3627", "CVE-2015-1283", "CVE-2014-6277", "CVE-2016-2105", "CVE-2016-9318", "CVE-2016-4483", "CVE-2016-2107", "CVE-2015-8386", "CVE-2014-6278", "CVE-2015-2327", "CVE-2017-9049", "CVE-2016-3075", "CVE-2016-8617", "CVE-2016-9842", "CVE-2016-7796", "CVE-2017-2616", "CVE-2016-0634", "CVE-2012-6702", "CVE-2015-3238", "CVE-2016-2180", "CVE-2016-1835", "CVE-2016-0787", "CVE-2016-1234", "CVE-2016-0718", "CVE-2016-6185", "CVE-2015-8392", "CVE-2016-4574", "CVE-2015-8389", "CVE-2016-2109", "CVE-2015-8380", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-4449", "CVE-2017-9048", "CVE-2014-8964", "CVE-2015-2059", "CVE-2017-11113", "CVE-2016-1283", "CVE-2016-6313", "CVE-2016-1837", "CVE-2016-6318", "CVE-2015-3622", "CVE-2016-4448", "CVE-2016-1238", "CVE-2015-8393", "CVE-2016-1838", "CVE-2016-3706", "CVE-2016-4429", "CVE-2016-2381", "CVE-2016-7543", "CVE-2017-1000101", "CVE-2016-8622", "CVE-2015-8853", "CVE-2014-7187", "CVE-2015-8394", "CVE-2016-4008", "CVE-2014-9770", "CVE-2015-3217", "CVE-2014-6271", "CVE-2017-7526", "CVE-2016-3191", "CVE-2017-1000366", "CVE-2016-1839", "CVE-2016-8624", "CVE-2015-8384", "CVE-2016-9843", "CVE-2017-9047", "CVE-2015-8948", "CVE-2014-7824", "CVE-2015-8842", "CVE-2016-9597", "CVE-2015-5218", "CVE-2016-6303", "CVE-2015-8383", "CVE-2017-1000100", "CVE-2015-8381", "CVE-2016-2182", "CVE-2016-5421", "CVE-2016-9586", "CVE-2015-5073", "CVE-2016-4447", "CVE-2016-5011", "CVE-2015-7511", "CVE-2015-8385", "CVE-2015-8806", "CVE-2016-9841", "CVE-2016-4579", "CVE-2015-0245", "CVE-2016-2037", "CVE-2016-2073", "CVE-2016-5419", "CVE-2015-2328", "CVE-2017-6507", "CVE-2016-4658", "CVE-2016-7167", "CVE-2017-10684", "CVE-2016-2179", "CVE-2016-2106", "CVE-2016-1833", "CVE-2015-8387", "CVE-2016-8621", "CVE-2015-8390", "CVE-2017-9050"], "lastseen": "2017-10-11T05:54:19"}, {"id": "SUSE-SU-2017:2700-1", "type": "suse", "title": "Security update for SLES 12-SP1 Docker image (important)", "description": "The SUSE Linux Enterprise Server 12 SP1 container image has been updated\n to include security and stability fixes.\n\n The following issues related to building of the container images have been\n fixed:\n\n - Included krb5 package to avoid the inclusion of krb5-mini which gets\n selected as a dependency by the Build Service solver. (bsc#1056193)\n - Do not install recommended packages when building container images.\n (bsc#975726)\n\n A number of security issues that have been already fixed by updates\n released for SUSE Linux Enterprise Server 12 SP1 are now included in the\n base image. A package/CVE cross-reference is available below.\n\n pam:\n\n - CVE-2015-3238\n\n libtasn1:\n\n - CVE-2015-3622\n - CVE-2016-4008\n\n expat:\n\n expat:\n\n - CVE-2012-6702\n - CVE-2015-1283\n - CVE-2016-0718\n - CVE-2016-5300\n - CVE-2016-9063\n - CVE-2017-9233\n\n libidn:\n\n - CVE-2015-2059\n - CVE-2015-8948\n - CVE-2016-6261\n - CVE-2016-6262\n - CVE-2016-6263\n\n\n zlib:\n\n - CVE-2016-9840\n - CVE-2016-9841\n - CVE-2016-9842\n - CVE-2016-9843\n\n curl:\n\n - CVE-2016-5419\n - CVE-2016-5420\n - CVE-2016-5421\n - CVE-2016-7141\n - CVE-2016-7167\n - CVE-2016-8615\n - CVE-2016-8616\n - CVE-2016-8617\n - CVE-2016-8618\n - CVE-2016-8619\n - CVE-2016-8620\n - CVE-2016-8621\n - CVE-2016-8622\n - CVE-2016-8623\n - CVE-2016-8624\n - CVE-2016-9586\n - CVE-2017-1000100\n - CVE-2017-1000101\n - CVE-2017-7407\n\n openssl:\n\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2177\n - CVE-2016-2178\n - CVE-2016-2179\n - CVE-2016-2180\n - CVE-2016-2181\n - CVE-2016-2182\n - CVE-2016-2183\n - CVE-2016-6302\n - CVE-2016-6303\n - CVE-2016-6304\n - CVE-2016-6306\n - CVE-2016-7056\n - CVE-2016-8610\n - CVE-2017-3731\n\n cracklib:\n\n - CVE-2016-6318\n\n pcre:\n\n - CVE-2014-8964\n - CVE-2015-2325\n - CVE-2015-2327\n - CVE-2015-2328\n - CVE-2015-3210\n - CVE-2015-3217\n - CVE-2015-5073\n - CVE-2015-8380\n - CVE-2015-8381\n - CVE-2015-8382\n - CVE-2015-8383\n - CVE-2015-8384\n - CVE-2015-8385\n - CVE-2015-8386\n - CVE-2015-8387\n - CVE-2015-8388\n - CVE-2015-8389\n - CVE-2015-8390\n - CVE-2015-8391\n - CVE-2015-8392\n - CVE-2015-8393\n - CVE-2015-8394\n - CVE-2015-8395\n - CVE-2016-1283\n - CVE-2016-3191\n\n appamor:\n\n - CVE-2017-6507\n\n bash:\n\n - CVE-2014-6277\n - CVE-2014-6278\n - CVE-2016-0634\n - CVE-2016-7543\n\n cpio:\n\n - CVE-2016-2037\n\n glibc:\n\n - CVE-2016-1234\n - CVE-2016-3075\n - CVE-2016-3706\n - CVE-2016-4429\n - CVE-2017-1000366\n\n perl:\n\n - CVE-2015-8853\n - CVE-2016-1238\n - CVE-2016-2381\n - CVE-2016-6185\n\n libssh2_org:\n\n - CVE-2016-0787\n\n util-linux:\n\n - CVE-2016-5011\n - CVE-2017-2616\n\n ncurses:\n\n - CVE-2017-10684\n - CVE-2017-10685\n - CVE-2017-11112\n - CVE-2017-11113\n\n libksba:\n\n - CVE-2016-4574\n - CVE-2016-4579\n\n libxml2:\n\n - CVE-2014-0191\n - CVE-2015-8806\n - CVE-2016-1762\n - CVE-2016-1833\n - CVE-2016-1834\n - CVE-2016-1835\n - CVE-2016-1837\n - CVE-2016-1838\n - CVE-2016-1839\n - CVE-2016-1840\n - CVE-2016-2073\n - CVE-2016-3627\n - CVE-2016-3705\n - CVE-2016-4447\n - CVE-2016-4448\n - CVE-2016-4449\n - CVE-2016-4483\n - CVE-2016-4658\n - CVE-2016-9318\n - CVE-2016-9597\n - CVE-2017-9047\n - CVE-2017-9048\n - CVE-2017-9049\n - CVE-2017-9050\n\n libgcrypt:\n\n - CVE-2015-7511\n - CVE-2016-6313\n - CVE-2017-7526\n\n update-alternatives:\n\n - CVE-2015-0860\n\n systemd:\n\n - CVE-2014-9770\n - CVE-2015-8842\n - CVE-2016-7796\n\n dbus-1:\n\n - CVE-2014-7824\n - CVE-2015-0245\n\n Finally, the following packages received non-security fixes:\n\n - augeas\n - bzip2\n - ca-certificates-mozilla\n - coreutils\n - cryptsetup\n - cyrus-sasl\n - dirmngr\n - e2fsprogs\n - findutils\n - gpg2\n - insserv-compat\n - kmod\n - libcap\n - libsolv\n - libzypp\n - lua51\n - lvm2\n - netcfg\n - p11-kit\n - permissions\n - procps\n - rpm\n - sed\n - sg3_utils\n - shadow\n - zypper\n\n", "published": "2017-10-11T03:07:32", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html", "cvelist": ["CVE-2016-6262", "CVE-2016-7056", "CVE-2017-7407", "CVE-2015-8388", "CVE-2016-8620", "CVE-2016-8623", "CVE-2017-9233", "CVE-2016-5420", "CVE-2016-9840", "CVE-2016-3705", "CVE-2016-1840", "CVE-2014-0191", "CVE-2016-8615", "CVE-2016-8616", "CVE-2015-5276", "CVE-2015-3210", "CVE-2015-2325", "CVE-2016-6261", "CVE-2016-8619", "CVE-2017-10685", "CVE-2016-6306", "CVE-2016-2183", "CVE-2015-0860", "CVE-2016-2178", "CVE-2015-8391", "CVE-2016-6263", "CVE-2016-2108", "CVE-2016-9063", "CVE-2016-8618", "CVE-2016-1762", "CVE-2016-6302", "CVE-2016-5300", "CVE-2015-8395", "CVE-2016-7141", "CVE-2016-1834", "CVE-2017-11112", "CVE-2016-2177", "CVE-2014-7169", "CVE-2015-8382", "CVE-2016-3627", "CVE-2015-1283", "CVE-2014-6277", "CVE-2016-2105", "CVE-2016-9318", "CVE-2016-4483", "CVE-2016-2107", "CVE-2017-3731", "CVE-2015-8386", "CVE-2014-6278", "CVE-2015-2327", "CVE-2017-9049", "CVE-2016-3075", "CVE-2016-8617", "CVE-2016-9842", "CVE-2016-7796", "CVE-2017-2616", "CVE-2016-0634", "CVE-2012-6702", "CVE-2015-3238", "CVE-2016-2180", "CVE-2016-1835", "CVE-2016-0787", "CVE-2016-8610", "CVE-2016-1234", "CVE-2016-0718", "CVE-2016-6185", "CVE-2015-8392", "CVE-2016-4574", "CVE-2015-8389", "CVE-2016-2109", "CVE-2015-8380", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-4449", "CVE-2017-9048", "CVE-2014-8964", "CVE-2015-2059", "CVE-2017-11113", "CVE-2016-1283", "CVE-2016-6313", "CVE-2016-1837", "CVE-2016-6318", "CVE-2015-3622", "CVE-2016-4448", "CVE-2016-1238", "CVE-2015-8393", "CVE-2016-1838", "CVE-2016-3706", "CVE-2016-4429", "CVE-2016-2381", "CVE-2016-7543", "CVE-2017-1000101", "CVE-2016-8622", "CVE-2015-8853", "CVE-2014-7187", "CVE-2015-8394", "CVE-2016-4008", "CVE-2014-9770", "CVE-2015-3217", "CVE-2014-6271", "CVE-2017-7526", "CVE-2016-3191", "CVE-2017-1000366", "CVE-2016-1839", "CVE-2016-8624", "CVE-2015-8384", "CVE-2016-9843", "CVE-2017-9047", "CVE-2015-8948", "CVE-2014-7824", "CVE-2015-8842", "CVE-2016-9597", "CVE-2016-6303", "CVE-2015-8383", "CVE-2017-1000100", "CVE-2015-8381", "CVE-2016-2182", "CVE-2016-5421", "CVE-2016-9586", "CVE-2015-5073", "CVE-2016-4447", "CVE-2016-5011", "CVE-2015-7511", "CVE-2015-8385", "CVE-2015-8806", "CVE-2016-9841", "CVE-2016-4579", "CVE-2015-0245", "CVE-2016-2037", "CVE-2016-2073", "CVE-2016-5419", "CVE-2015-2328", "CVE-2017-6507", "CVE-2016-4658", "CVE-2016-7167", "CVE-2017-10684", "CVE-2016-2179", "CVE-2016-2106", "CVE-2016-1833", "CVE-2015-8387", "CVE-2016-8621", "CVE-2015-8390", "CVE-2017-9050"], "lastseen": "2017-10-11T05:54:20"}]}}