DATABASE RESOURCES PRICING ABOUT US

{"id": "FEDORA:37F8D10F892", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 12 Update: nginx-0.7.64-1.fc12", "description": "Nginx [engine x] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server written by Igor Sysoev. ", "published": "2009-12-07T07:23:18", "modified": "2009-12-07T07:23:18", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UHSVUSRBUTANVMYX2TBV3MZJDXIORNWW/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896"], "immutableFields": [], "lastseen": "2020-12-21T08:17:49", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "canvas", "idList": ["NGINX"]}, {"type": "centos", "idList": ["CESA-2009:1579", "CESA-2009:1580", "CESA-2010:0162", "CESA-2010:0163", "CESA-2010:0164", "CESA-2010:0165", "CESA-2010:0166", "CESA-2010:0167", "CESA-2010:0339", "CESA-2010:0768"]}, {"type": "cert", "idList": ["VU:120541", "VU:180065"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2009-0308", "CPAI-2009-425", "CPAI-2010-020", "SBP-2009-23"]}, {"type": "cisco", "idList": ["CISCO-SA-20091105-CVE-2009-3555", "CISCO-SA-20091109-TLS"]}, {"type": "cve", "idList": ["CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896", "CVE-2009-3936"]}, {"type": "debian", "idList": ["DEBIAN:DLA-400-1:76CCE", "DEBIAN:DSA-1884-1:95A85", "DEBIAN:DSA-1934-1:46132", "DEBIAN:DSA-1934-1:699DB", "DEBIAN:DSA-2141-1:1F9CB", "DEBIAN:DSA-2141-1:49345", "DEBIAN:DSA-2141-1:4DDA2", "DEBIAN:DSA-2141-1:7D2D7", "DEBIAN:DSA-2141-2:2C2CF", "DEBIAN:DSA-2141-2:D493B", "DEBIAN:DSA-2141-4:01EC7", "DEBIAN:DSA-2141-4:2215A", "DEBIAN:DSA-2161-2:41E9C", "DEBIAN:DSA-2626-1:B9AE9", "DEBIAN:DSA-3253-1:0C444"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-2629", "DEBIANCVE:CVE-2009-3555", "DEBIANCVE:CVE-2009-3896"]}, {"type": "exploitdb", "idList": ["EDB-ID:10579"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:8B4E7E8DAE5A13C8250C6C33307CD66C"]}, {"type": "f5", "idList": ["F5:K10737", "SOL10737"]}, {"type": "fedora", "idList": ["FEDORA:051C71116F9", "FEDORA:071841106DB", "FEDORA:09491110673", "FEDORA:0C0C510F85F", "FEDORA:0FD0F10F8DA", "FEDORA:1B80628EDC8", "FEDORA:300D410F886", "FEDORA:38DF511115F", "FEDORA:3BA3010F892", "FEDORA:4C4E710F878", "FEDORA:4C502110FE5", "FEDORA:5429A1108EB", "FEDORA:5502F10F89D", "FEDORA:58E1828ED7E", "FEDORA:59B0310F861", "FEDORA:611D110F917", "FEDORA:61A8C10FC13", "FEDORA:6A214110D58", "FEDORA:6DE61110C21", "FEDORA:776A61D72B0", "FEDORA:7B89910F87D", "FEDORA:8385C29043", "FEDORA:8A43D110815", "FEDORA:8D2D811080B", "FEDORA:BA663110F8E", "FEDORA:BA97628855", "FEDORA:BBBCA110998", "FEDORA:D3A711119A1", "FEDORA:DB226111816", "FEDORA:E042E10F89C", "FEDORA:E36CC10FA25", "FEDORA:E3F6C10FD89", "FEDORA:E880C1107B8", "FEDORA:F1AD728EDBF"]}, {"type": "fortinet", "idList": ["FG-IR-17-137"]}, {"type": "freebsd", "idList": ["152B27F0-A158-11DE-990C-E5B1D4C882E0", "9CCFEE39-3C3B-11DF-9EDC-000F20797EDE"]}, {"type": "gentoo", "idList": ["GLSA-200909-18", "GLSA-200912-01", "GLSA-201006-18", "GLSA-201110-05", "GLSA-201203-22", "GLSA-201206-18", "GLSA-201301-01", "GLSA-201309-15", "GLSA-201311-13", "GLSA-201406-32"]}, {"type": "githubexploit", "idList": ["ECC3E825-EE29-59D3-BE28-1B30DB15940E"]}, {"type": "hackerone", "idList": ["H1:5617"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2010-0119/", "MSF:ILITIES/LINUXRPM-RHSA-2010-0162/", "MSF:ILITIES/LINUXRPM-RHSA-2010-0339/", "MSF:ILITIES/LINUXRPM-RHSA-2010-0440/"]}, {"type": "mozilla", "idList": ["MFSA2010-22"]}, {"type": "mskb", "idList": ["KB980436"]}, {"type": "nessus", "idList": ["5174.PRM", "5216.PRM", "5349.PRM", "5356.PRM", "5358.PRM", "5494.PRM", "5495.PRM", "5496.PRM", "5556.PRM", "5564.PRM", "5667.PRM", "800554.PRM", "800857.PRM", "801276.PRM", "801278.PRM", "AIX_SSL_ADVISORY.NASL", "APACHE_2_0_64.NASL", "APACHE_2_2_15.NASL", "CENTOS_RHSA-2009-1579.NASL", "CENTOS_RHSA-2009-1580.NASL", "CENTOS_RHSA-2010-0162.NASL", "CENTOS_RHSA-2010-0163.NASL", "CENTOS_RHSA-2010-0164.NASL", "CENTOS_RHSA-2010-0165.NASL", "CENTOS_RHSA-2010-0166.NASL", "CENTOS_RHSA-2010-0167.NASL", "CENTOS_RHSA-2010-0333.NASL", "CENTOS_RHSA-2010-0339.NASL", "CENTOS_RHSA-2010-0768.NASL", "DB2_95FP6.NASL", "DB2_97FP2.NASL", "DB2_9FP9.NASL", "DEBIAN_DLA-400.NASL", "DEBIAN_DSA-1884.NASL", "DEBIAN_DSA-1934.NASL", "DEBIAN_DSA-2141.NASL", "DEBIAN_DSA-2626.NASL", "DEBIAN_DSA-3253.NASL", "EULEROS_SA-2019-1547.NASL", "F5_BIGIP_SOL10737.NASL", "FEDORA_2009-12229.NASL", "FEDORA_2009-12305.NASL", "FEDORA_2009-12604.NASL", "FEDORA_2009-12606.NASL", "FEDORA_2009-12750.NASL", "FEDORA_2009-12775.NASL", "FEDORA_2009-12782.NASL", "FEDORA_2009-12968.NASL", "FEDORA_2009-13236.NASL", "FEDORA_2009-13250.NASL", "FEDORA_2009-9630.NASL", "FEDORA_2009-9652.NASL", "FEDORA_2010-1127.NASL", "FEDORA_2010-16240.NASL", "FEDORA_2010-16294.NASL", "FEDORA_2010-16312.NASL", "FEDORA_2010-3905.NASL", "FEDORA_2010-3929.NASL", "FEDORA_2010-3956.NASL", "FEDORA_2010-5357.NASL", "FEDORA_2010-5942.NASL", "FEDORA_2010-6025.NASL", "FEDORA_2010-6039.NASL", "FEDORA_2010-6131.NASL", "FEDORA_2010-6279.NASL", "FEDORA_2010-8742.NASL", "FEDORA_2010-9487.NASL", "FEDORA_2010-9518.NASL", "FORTIOS_FG-IR-17-137.NASL", "FREEBSD_PKG_152B27F0A15811DE990CE5B1D4C882E0.NASL", "FREEBSD_PKG_9CCFEE393C3B11DF9EDC000F20797EDE.NASL", "GENTOO_GLSA-200909-18.NASL", "GENTOO_GLSA-200912-01.NASL", "GENTOO_GLSA-201006-18.NASL", "GENTOO_GLSA-201110-05.NASL", "GENTOO_GLSA-201203-22.NASL", "GENTOO_GLSA-201206-18.NASL", "GENTOO_GLSA-201301-01.NASL", "GENTOO_GLSA-201309-15.NASL", "GENTOO_GLSA-201311-13.NASL", "GENTOO_GLSA-201406-32.NASL", "HPSMH_6_1_0_102.NASL", "HPSMH_6_2_0_12.NASL", "HP_SYSTEMS_INSIGHT_MANAGER_700_MULTIPLE_VULNS.NASL", "IIS_7_PCI.NASL", "MACOSX_JAVA_10_5_UPDATE7.NASL", "MACOSX_JAVA_10_5_UPDATE8.NASL", "MACOSX_JAVA_10_6_UPDATE2.NASL", "MACOSX_JAVA_10_6_UPDATE3.NASL", "MACOSX_SECUPD2010-001.NASL", "MANDRIVA_MDVSA-2009-295.NASL", "MANDRIVA_MDVSA-2009-323.NASL", "MANDRIVA_MDVSA-2009-337.NASL", "MANDRIVA_MDVSA-2010-069.NASL", "MANDRIVA_MDVSA-2010-076.NASL", "MANDRIVA_MDVSA-2010-084.NASL", "MOZILLA_FIREFOX_359.NASL", "MOZILLA_FIREFOX_362.NASL", "MOZILLA_THUNDERBIRD_304.NASL", "NEWSTART_CGSL_NS-SA-2019-0020_OPENSSL098E.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0118_HTTPD.NASL", "NGINX_0_7_64.NASL", "NGINX_HTTP_REQUEST_BUFFER_OVERFLOW.NASL", "OPENOFFICE_321.NASL", "OPENSSL_0_9_8M.NASL", "OPERA_1050.NASL", "ORACLELINUX_ELSA-2009-1579.NASL", "ORACLELINUX_ELSA-2009-1580.NASL", "ORACLELINUX_ELSA-2010-0162.NASL", "ORACLELINUX_ELSA-2010-0163.NASL", "ORACLELINUX_ELSA-2010-0164.NASL", "ORACLELINUX_ELSA-2010-0165.NASL", "ORACLELINUX_ELSA-2010-0166.NASL", "ORACLELINUX_ELSA-2010-0167.NASL", "ORACLELINUX_ELSA-2010-0333.NASL", "ORACLELINUX_ELSA-2010-0339.NASL", "ORACLELINUX_ELSA-2010-0768.NASL", "ORACLEVM_OVMSA-2014-0007.NASL", "ORACLEVM_OVMSA-2014-0008.NASL", "ORACLE_JAVA_CPU_MAR_2010.NASL", "ORACLE_JAVA_CPU_MAR_2010_UNIX.NASL", "ORACLE_JAVA_CPU_OCT_2010.NASL", "ORACLE_JAVA_CPU_OCT_2010_UNIX.NASL", "ORACLE_RDBMS_CPU_APR_2011.NASL", "REDHAT-RHSA-2009-1579.NASL", "REDHAT-RHSA-2009-1580.NASL", "REDHAT-RHSA-2009-1694.NASL", "REDHAT-RHSA-2010-0130.NASL", "REDHAT-RHSA-2010-0155.NASL", "REDHAT-RHSA-2010-0162.NASL", "REDHAT-RHSA-2010-0163.NASL", "REDHAT-RHSA-2010-0164.NASL", "REDHAT-RHSA-2010-0165.NASL", "REDHAT-RHSA-2010-0166.NASL", "REDHAT-RHSA-2010-0167.NASL", "REDHAT-RHSA-2010-0333.NASL", "REDHAT-RHSA-2010-0337.NASL", "REDHAT-RHSA-2010-0338.NASL", "REDHAT-RHSA-2010-0339.NASL", "REDHAT-RHSA-2010-0768.NASL", "REDHAT-RHSA-2010-0770.NASL", "REDHAT-RHSA-2010-0786.NASL", "REDHAT-RHSA-2010-0807.NASL", "REDHAT-RHSA-2010-0865.NASL", "REDHAT-RHSA-2010-0987.NASL", "REDHAT-RHSA-2011-0880.NASL", "SEAMONKEY_204.NASL", "SLACKWARE_SSA_2009-320-01.NASL", "SLACKWARE_SSA_2010-067-01.NASL", "SL_20091111_HTTPD_ON_SL3_X.NASL", "SL_20100325_GNUTLS_ON_SL4_X.NASL", "SL_20100325_NSS_ON_SL4_X.NASL", "SL_20100325_OPENSSL097A_ON_SL5_X.NASL", "SL_20100325_OPENSSL_ON_SL3_X.NASL", "SL_20100325_OPENSSL_ON_SL5_X.NASL", "SL_20100331_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "SL_20100331_JAVA__JDK_1_6_0__ON_SL4_X.NASL", "SL_20101013_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "SL_20101014_JAVA__JDK_1_6_0__ON_SL4_X.NASL", "SL_20101110_JAVA_1_6_0_OPENJDK_ON_SL6_X.NASL", "SMB_NT_MS10-049.NASL", "SOLARIS10_125437-22.NASL", "SOLARIS10_125437.NASL", "SOLARIS10_128640-30.NASL", "SOLARIS10_128640.NASL", "SOLARIS10_143140-04.NASL", "SOLARIS10_145102-01.NASL", "SOLARIS10_X86_125438-22.NASL", "SOLARIS10_X86_125438.NASL", "SOLARIS10_X86_128641-30.NASL", "SOLARIS10_X86_128641.NASL", "SOLARIS10_X86_141525-10.NASL", "SOLARIS8_125437.NASL", "SOLARIS9_125437.NASL", "SOLARIS9_128640.NASL", "SOLARIS9_X86_125438.NASL", "SOLARIS9_X86_128641.NASL", "SSL_RENEGOTIATION.NASL", "SUSE9_12550.NASL", "SUSE9_12606.NASL", "SUSE9_12621.NASL", "SUSE9_12623.NASL", "SUSE9_12658.NASL", "SUSE9_12659.NASL", "SUSE9_12705.NASL", "SUSE_11_0_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_0_FIREFOX35UPGRADE-100407.NASL", "SUSE_11_0_JAVA-1_6_0-OPENJDK-100428.NASL", "SUSE_11_0_JAVA-1_6_0-SUN-100331.NASL", "SUSE_11_0_LIBFREEBL3-100407.NASL", "SUSE_11_0_LIBOPENSSL-DEVEL-091112.NASL", "SUSE_11_0_MOZILLA-XULRUNNER190-100407.NASL", "SUSE_11_1_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_1_FIREFOX35UPGRADE-100407.NASL", "SUSE_11_1_GNUTLS-101025.NASL", "SUSE_11_1_GNUTLS-101206.NASL", "SUSE_11_1_JAVA-1_6_0-OPENJDK-100428.NASL", "SUSE_11_1_JAVA-1_6_0-OPENJDK-101103.NASL", "SUSE_11_1_JAVA-1_6_0-SUN-100331.NASL", "SUSE_11_1_JAVA-1_6_0-SUN-101019.NASL", "SUSE_11_1_LIBFREEBL3-100407.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-091112.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-100331.NASL", "SUSE_11_1_MOZILLA-XULRUNNER190-100407.NASL", "SUSE_11_1_MOZILLAFIREFOX-BRANDING-OPENSUSE-100413.NASL", "SUSE_11_2_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_2_GNUTLS-101025.NASL", "SUSE_11_2_GNUTLS-101206.NASL", "SUSE_11_2_JAVA-1_6_0-OPENJDK-100412.NASL", "SUSE_11_2_JAVA-1_6_0-OPENJDK-101103.NASL", "SUSE_11_2_JAVA-1_6_0-SUN-100331.NASL", "SUSE_11_2_JAVA-1_6_0-SUN-101019.NASL", "SUSE_11_2_LIBFREEBL3-100406.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-091113.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-100401.NASL", "SUSE_11_2_MOZILLAFIREFOX-100412.NASL", "SUSE_11_2_MOZILLATHUNDERBIRD-100406.NASL", "SUSE_11_2_SEAMONKEY-100406.NASL", "SUSE_11_3_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_3_GNUTLS-101025.NASL", "SUSE_11_3_GNUTLS-101206.NASL", "SUSE_11_3_JAVA-1_6_0-OPENJDK-101103.NASL", "SUSE_11_3_JAVA-1_6_0-SUN-101019.NASL", "SUSE_11_4_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_GNUTLS-101206.NASL", "SUSE_11_JAVA-1_4_2-IBM-100510.NASL", "SUSE_11_JAVA-1_4_2-IBM-101112.NASL", "SUSE_11_JAVA-1_6_0-IBM-101220.NASL", "SUSE_11_JAVA-1_6_0-SUN-100331.NASL", "SUSE_11_JAVA-1_6_0-SUN-101019.NASL", "SUSE_11_LIBFREEBL3-100406.NASL", "SUSE_11_LIBOPENSSL-DEVEL-091112.NASL", "SUSE_11_LIBOPENSSL-DEVEL-100331.NASL", "SUSE_11_MOZILLA-XULRUNNER190-100406.NASL", "SUSE_11_MOZILLA-XULRUNNER190-100407.NASL", "SUSE_11_MOZILLAFIREFOX-100406.NASL", "SUSE_11_MOZILLAFIREFOX-100407.NASL", "SUSE_COMPAT-OPENSSL097G-6656.NASL", "SUSE_COMPAT-OPENSSL097G-6657.NASL", "SUSE_COMPAT-OPENSSL097G-7644.NASL", "SUSE_COMPAT-OPENSSL097G-7645.NASL", "SUSE_GNUTLS-7299.NASL", "SUSE_JAVA-1_4_2-IBM-7036.NASL", "SUSE_JAVA-1_4_2-IBM-7231.NASL", "SUSE_JAVA-1_5_0-IBM-7077.NASL", "SUSE_JAVA-1_5_0-IBM-7205.NASL", "SUSE_JAVA-1_6_0-IBM-7312.NASL", "SUSE_JAVA-1_6_0-SUN-7204.NASL", "SUSE_MOZILLA-NSPR-6977.NASL", "SUSE_MOZILLA-NSS-6978.NASL", "SUSE_MOZILLA-XULRUNNER190-6971.NASL", "SUSE_MOZILLA-XULRUNNER190-6976.NASL", "SUSE_MOZILLAFIREFOX-6970.NASL", "SUSE_MOZILLAFIREFOX-6979.NASL", "SUSE_OPENSSL-6654.NASL", "SUSE_OPENSSL-6655.NASL", "SUSE_OPENSSL-6943.NASL", "SUSE_OPENSSL-6944.NASL", "UBUNTU_USN-1010-1.NASL", "UBUNTU_USN-860-1.NASL", "UBUNTU_USN-923-1.NASL", "UBUNTU_USN-927-1.NASL", "UBUNTU_USN-927-4.NASL", "UBUNTU_USN-927-6.NASL", "UBUNTU_USN-990-1.NASL", "UBUNTU_USN-990-2.NASL", "VMWARE_VMSA-2010-0015.NASL", "VMWARE_VMSA-2010-0015_REMOTE.NASL", "VMWARE_VMSA-2010-0019.NASL", "VMWARE_VMSA-2010-0019_REMOTE.NASL", "VMWARE_VMSA-2011-0003.NASL", "VMWARE_VMSA-2011-0003_REMOTE.NASL"]}, {"type": "nginx", "idList": ["NGINX:CVE-2009-2629", "NGINX:CVE-2009-3555", "NGINX:CVE-2009-3896"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2009-3555"]}, {"type": "openvas", "idList": ["OPENVAS:100276", "OPENVAS:100321", "OPENVAS:102020", "OPENVAS:102045", "OPENVAS:102047", "OPENVAS:103454", "OPENVAS:1361412562310100276", "OPENVAS:1361412562310100321", "OPENVAS:1361412562310102020", "OPENVAS:1361412562310102045", "OPENVAS:1361412562310102047", "OPENVAS:1361412562310103454", "OPENVAS:1361412562310121000", "OPENVAS:1361412562310121029", "OPENVAS:1361412562310121072", "OPENVAS:1361412562310121235", "OPENVAS:1361412562310122310", "OPENVAS:1361412562310122367", "OPENVAS:1361412562310122380", "OPENVAS:1361412562310122381", "OPENVAS:1361412562310122382", "OPENVAS:1361412562310122383", "OPENVAS:1361412562310122420", "OPENVAS:136141256231064869", "OPENVAS:136141256231064894", "OPENVAS:136141256231064911", "OPENVAS:136141256231064912", "OPENVAS:136141256231064924", "OPENVAS:136141256231066240", "OPENVAS:136141256231066241", "OPENVAS:136141256231066270", "OPENVAS:136141256231066274", "OPENVAS:136141256231066275", "OPENVAS:136141256231066278", "OPENVAS:136141256231066279", "OPENVAS:136141256231066285", "OPENVAS:136141256231066302", "OPENVAS:136141256231066310", "OPENVAS:136141256231066353", "OPENVAS:136141256231066414", "OPENVAS:136141256231066449", "OPENVAS:136141256231066450", "OPENVAS:136141256231066451", "OPENVAS:136141256231066497", "OPENVAS:136141256231066498", "OPENVAS:136141256231066517", "OPENVAS:136141256231066557", "OPENVAS:136141256231066562", "OPENVAS:136141256231066563", "OPENVAS:136141256231066583", "OPENVAS:136141256231066585", "OPENVAS:136141256231067045", "OPENVAS:136141256231067218", "OPENVAS:136141256231068998", "OPENVAS:136141256231069021", "OPENVAS:1361412562310703253", "OPENVAS:136141256231070768", "OPENVAS:136141256231071308", "OPENVAS:136141256231071585", "OPENVAS:1361412562310800466", "OPENVAS:1361412562310800499", "OPENVAS:1361412562310800500", "OPENVAS:1361412562310801636", "OPENVAS:1361412562310830893", "OPENVAS:1361412562310830906", "OPENVAS:1361412562310830920", "OPENVAS:1361412562310830934", "OPENVAS:1361412562310830970", "OPENVAS:1361412562310830981", "OPENVAS:1361412562310830984", "OPENVAS:1361412562310831003", "OPENVAS:1361412562310831006", "OPENVAS:1361412562310831014", "OPENVAS:1361412562310835229", "OPENVAS:1361412562310835234", "OPENVAS:1361412562310835246", "OPENVAS:1361412562310840411", "OPENVAS:1361412562310840416", "OPENVAS:1361412562310840453", "OPENVAS:1361412562310840455", "OPENVAS:1361412562310840468", "OPENVAS:1361412562310840504", "OPENVAS:1361412562310840505", "OPENVAS:1361412562310840527", "OPENVAS:1361412562310850131", "OPENVAS:1361412562310850607", "OPENVAS:1361412562310861695", "OPENVAS:1361412562310861746", "OPENVAS:1361412562310861798", "OPENVAS:1361412562310861861", "OPENVAS:1361412562310861862", "OPENVAS:1361412562310861878", "OPENVAS:1361412562310861929", "OPENVAS:1361412562310861956", "OPENVAS:1361412562310862126", "OPENVAS:1361412562310862152", "OPENVAS:1361412562310862163", "OPENVAS:1361412562310862184", "OPENVAS:1361412562310862207", "OPENVAS:1361412562310862464", "OPENVAS:1361412562310862470", "OPENVAS:1361412562310862519", "OPENVAS:1361412562310862546", "OPENVAS:1361412562310862568", "OPENVAS:1361412562310862628", "OPENVAS:1361412562310870235", "OPENVAS:1361412562310870236", "OPENVAS:1361412562310870237", "OPENVAS:1361412562310870238", "OPENVAS:1361412562310870240", "OPENVAS:1361412562310870243", "OPENVAS:1361412562310870250", "OPENVAS:1361412562310870340", "OPENVAS:1361412562310880380", "OPENVAS:1361412562310880382", "OPENVAS:1361412562310880385", "OPENVAS:1361412562310880386", "OPENVAS:1361412562310880601", "OPENVAS:1361412562310880611", "OPENVAS:1361412562310880612", "OPENVAS:1361412562310880630", "OPENVAS:1361412562310880641", "OPENVAS:1361412562310880658", "OPENVAS:1361412562310880691", "OPENVAS:1361412562310880706", "OPENVAS:1361412562310880739", "OPENVAS:1361412562310892626", "OPENVAS:1361412562310900247", "OPENVAS:1361412562311220191547", "OPENVAS:64869", "OPENVAS:64894", "OPENVAS:64911", "OPENVAS:64912", "OPENVAS:64924", "OPENVAS:66240", "OPENVAS:66241", "OPENVAS:66270", "OPENVAS:66274", "OPENVAS:66275", "OPENVAS:66278", "OPENVAS:66279", "OPENVAS:66285", "OPENVAS:66302", "OPENVAS:66310", "OPENVAS:66353", "OPENVAS:66414", "OPENVAS:66449", "OPENVAS:66450", "OPENVAS:66451", "OPENVAS:66497", "OPENVAS:66498", "OPENVAS:66517", "OPENVAS:66557", "OPENVAS:66562", "OPENVAS:66563", "OPENVAS:66583", "OPENVAS:66585", "OPENVAS:67045", "OPENVAS:67218", "OPENVAS:68998", "OPENVAS:69021", "OPENVAS:703253", "OPENVAS:70768", "OPENVAS:71308", "OPENVAS:71585", "OPENVAS:800466", "OPENVAS:800499", "OPENVAS:830893", "OPENVAS:830906", "OPENVAS:830920", "OPENVAS:830934", "OPENVAS:830970", "OPENVAS:830981", "OPENVAS:830984", "OPENVAS:831003", "OPENVAS:831006", "OPENVAS:831014", "OPENVAS:835229", "OPENVAS:835234", "OPENVAS:835246", "OPENVAS:840411", "OPENVAS:840416", "OPENVAS:840453", "OPENVAS:840455", "OPENVAS:840468", "OPENVAS:840504", "OPENVAS:840505", "OPENVAS:840527", "OPENVAS:850131", "OPENVAS:861695", "OPENVAS:861746", "OPENVAS:861798", "OPENVAS:861861", "OPENVAS:861862", "OPENVAS:861878", "OPENVAS:861929", "OPENVAS:861956", "OPENVAS:862126", "OPENVAS:862152", "OPENVAS:862163", "OPENVAS:862184", "OPENVAS:862207", "OPENVAS:862464", "OPENVAS:862470", "OPENVAS:862519", "OPENVAS:862546", "OPENVAS:862568", "OPENVAS:862628", "OPENVAS:870235", "OPENVAS:870236", "OPENVAS:870237", "OPENVAS:870238", "OPENVAS:870240", "OPENVAS:870243", "OPENVAS:870250", "OPENVAS:870340", "OPENVAS:880380", "OPENVAS:880382", "OPENVAS:880385", "OPENVAS:880386", "OPENVAS:880601", "OPENVAS:880611", "OPENVAS:880612", "OPENVAS:880630", "OPENVAS:880641", "OPENVAS:880658", "OPENVAS:880691", "OPENVAS:880706", "OPENVAS:880739", "OPENVAS:892626", "OPENVAS:900247"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2011-301950", "ORACLE:CPUJAN2011-194091", "ORACLE:CPUJUL2010-155308", "ORACLE:CPUOCT2010-175626"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1579", "ELSA-2009-1580", "ELSA-2010-0162", "ELSA-2010-0163", "ELSA-2010-0164", "ELSA-2010-0165", "ELSA-2010-0166", "ELSA-2010-0167", "ELSA-2010-0339", "ELSA-2010-0768", "ELSA-2015-3022", "ELSA-2019-4581", "ELSA-2019-4747"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:84112"]}, {"type": "redhat", "idList": ["RHSA-2009:1579", "RHSA-2009:1580", "RHSA-2009:1694", "RHSA-2010:0011", "RHSA-2010:0119", "RHSA-2010:0130", "RHSA-2010:0155", "RHSA-2010:0162", "RHSA-2010:0163", "RHSA-2010:0164", "RHSA-2010:0165", "RHSA-2010:0166", "RHSA-2010:0167", "RHSA-2010:0337", "RHSA-2010:0338", "RHSA-2010:0339", "RHSA-2010:0408", "RHSA-2010:0440", "RHSA-2010:0768", "RHSA-2010:0770", "RHSA-2010:0786", "RHSA-2010:0807", "RHSA-2010:0865", "RHSA-2010:0986", "RHSA-2010:0987", "RHSA-2011:0880", "RHSA-2015:1591"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22466", "SECURITYVULNS:DOC:22763", "SECURITYVULNS:DOC:22777", "SECURITYVULNS:DOC:22982", "SECURITYVULNS:DOC:23220", "SECURITYVULNS:DOC:23561", "SECURITYVULNS:DOC:23588", "SECURITYVULNS:DOC:23678", "SECURITYVULNS:DOC:23750", "SECURITYVULNS:DOC:23890", "SECURITYVULNS:DOC:24227", "SECURITYVULNS:DOC:24282", "SECURITYVULNS:DOC:24448", "SECURITYVULNS:DOC:24771", "SECURITYVULNS:DOC:24895", "SECURITYVULNS:DOC:27881", "SECURITYVULNS:DOC:30023", "SECURITYVULNS:VULN:10238", "SECURITYVULNS:VULN:10388", "SECURITYVULNS:VULN:10745", "SECURITYVULNS:VULN:10790", "SECURITYVULNS:VULN:10999", "SECURITYVULNS:VULN:11198", "SECURITYVULNS:VULN:11380", "SECURITYVULNS:VULN:11620", "SECURITYVULNS:VULN:13422", "SECURITYVULNS:VULN:9726"]}, {"type": "seebug", "idList": ["SSV:12337", "SSV:12600", "SSV:12673", "SSV:14982", "SSV:15088", "SSV:18637", "SSV:67231"]}, {"type": "slackware", "idList": ["SSA-2009-320-01", "SSA-2010-067-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:0845-1", "OPENSUSE-SU-2014:1100-1", "SUSE-SA:2009:057", "SUSE-SA:2010:020", "SUSE-SA:2010:021", "SUSE-SA:2010:028", "SUSE-SA:2010:061", "SUSE-SA:2011:006", "SUSE-SU-2011:0847-1"]}, {"type": "threatpost", "idList": ["THREATPOST:D533EB88E7D7596BACF9A448FE23A374"]}, {"type": "ubuntu", "idList": ["USN-1010-1", "USN-860-1", "USN-923-1", "USN-927-1", "USN-927-4", "USN-927-6", "USN-990-1", "USN-990-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-2629", "UB:CVE-2009-3555", "UB:CVE-2009-3896"]}, {"type": "vmware", "idList": ["VMSA-2010-0015", "VMSA-2010-0015.1", "VMSA-2010-0019", "VMSA-2010-0019.3"]}, {"type": "vulnerlab", "idList": ["VULNERABLE:967", "VULNERLAB:967"]}]}, "score": {"value": 6.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "canvas", "idList": ["NGINX"]}, {"type": "centos", "idList": ["CESA-2009:1579", "CESA-2009:1580", "CESA-2010:0162", "CESA-2010:0163", "CESA-2010:0164", "CESA-2010:0165", "CESA-2010:0166", "CESA-2010:0167", "CESA-2010:0339", "CESA-2010:0768"]}, {"type": "cert", "idList": ["VU:120541"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2009-0308"]}, {"type": "cisco", "idList": ["CISCO-SA-20091105-CVE-2009-3555"]}, {"type": "cve", "idList": ["CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896"]}, {"type": "debian", "idList": ["DEBIAN:DLA-400-1:76CCE", "DEBIAN:DSA-1934-1:699DB", "DEBIAN:DSA-2141-1:1F9CB", "DEBIAN:DSA-2141-4:01EC7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-3555"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:8B4E7E8DAE5A13C8250C6C33307CD66C"]}, {"type": "f5", "idList": ["SOL10737"]}, {"type": "fedora", "idList": ["FEDORA:300D410F886", "FEDORA:F1AD728EDBF"]}, {"type": "freebsd", "idList": ["152B27F0-A158-11DE-990C-E5B1D4C882E0", "9CCFEE39-3C3B-11DF-9EDC-000F20797EDE"]}, {"type": "gentoo", "idList": ["GLSA-201006-18"]}, {"type": "githubexploit", "idList": ["ECC3E825-EE29-59D3-BE28-1B30DB15940E"]}, {"type": "hackerone", "idList": ["H1:5617"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2010-0162/"]}, {"type": "mozilla", "idList": ["MFSA2010-22"]}, {"type": "nessus", "idList": ["5174.PRM", "5356.PRM", "CENTOS_RHSA-2010-0164.NASL", "CENTOS_RHSA-2010-0166.NASL", "CENTOS_RHSA-2010-0768.NASL", "FEDORA_2009-12229.NASL", "FEDORA_2010-5357.NASL", "FEDORA_2010-6039.NASL", "FEDORA_2010-6131.NASL", "GENTOO_GLSA-200912-01.NASL", "MACOSX_JAVA_10_5_UPDATE7.NASL", "MANDRIVA_MDVSA-2009-323.NASL", "MANDRIVA_MDVSA-2010-076.NASL", "MOZILLA_THUNDERBIRD_304.NASL", "NGINX_HTTP_REQUEST_BUFFER_OVERFLOW.NASL", "OPERA_1050.NASL", "ORACLELINUX_ELSA-2010-0333.NASL", "REDHAT-RHSA-2009-1580.NASL", "REDHAT-RHSA-2010-0338.NASL", "REDHAT-RHSA-2011-0880.NASL", "SEAMONKEY_204.NASL", "SL_20101013_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "SOLARIS10_145102-01.NASL", "SOLARIS8_125437.NASL", "SUSE_11_0_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_1_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_2_JAVA-1_6_0-SUN-100331.NASL", "SUSE_11_2_MOZILLATHUNDERBIRD-100406.NASL", "SUSE_11_2_SEAMONKEY-100406.NASL", "SUSE_11_MOZILLA-XULRUNNER190-100406.NASL", "SUSE_COMPAT-OPENSSL097G-6657.NASL", "SUSE_COMPAT-OPENSSL097G-7645.NASL", "SUSE_OPENSSL-6654.NASL", "UBUNTU_USN-990-1.NASL"]}, {"type": "nginx", "idList": ["NGINX:CVE-2009-2629", "NGINX:CVE-2009-3896"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2009-3555"]}, {"type": "openvas", "idList": ["OPENVAS:102047", "OPENVAS:1361412562310102020", "OPENVAS:1361412562310122380", "OPENVAS:1361412562310122381", "OPENVAS:1361412562310122382", "OPENVAS:136141256231064912", "OPENVAS:136141256231066240", "OPENVAS:136141256231066275", "OPENVAS:136141256231066302", "OPENVAS:136141256231066414", "OPENVAS:136141256231066450", "OPENVAS:136141256231066517", "OPENVAS:136141256231066557", "OPENVAS:136141256231066563", "OPENVAS:1361412562310800499", "OPENVAS:1361412562310830934", "OPENVAS:1361412562310840416", "OPENVAS:1361412562310862519", "OPENVAS:1361412562310870236", "OPENVAS:1361412562310870238", "OPENVAS:1361412562310880611", "OPENVAS:1361412562310880658", "OPENVAS:64894", "OPENVAS:66414", "OPENVAS:67218", "OPENVAS:703253", "OPENVAS:861695", "OPENVAS:862470", "OPENVAS:870243", "OPENVAS:880612", "OPENVAS:880630"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2011-194091"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1579", "ELSA-2010-0164", "ELSA-2010-0166", "ELSA-2010-0339", "ELSA-2010-0768"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:84112"]}, {"type": "redhat", "idList": ["RHSA-2010:0986"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10238"]}, {"type": "seebug", "idList": ["SSV:12600"]}, {"type": "slackware", "idList": ["SSA-2009-320-01"]}, {"type": "suse", "idList": ["SUSE-SA:2010:061"]}, {"type": "threatpost", "idList": ["THREATPOST:D533EB88E7D7596BACF9A448FE23A374"]}, {"type": "ubuntu", "idList": ["USN-1010-1", "USN-860-1", "USN-923-1", "USN-927-1", "USN-927-4", "USN-927-6", "USN-990-1", "USN-990-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-3896"]}, {"type": "vmware", "idList": ["VMSA-2010-0019.3"]}, {"type": "vulnerlab", "idList": ["VULNERLAB:967"]}]}, "exploitation": null, "vulnersScore": 6.7}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "12", "arch": "any", "packageName": "nginx", "packageVersion": "0.7.64", "packageFilename": "UNKNOWN", "operator": "lt"}]}

{"openvas": [{"lastseen": "2018-04-06T11:38:43", "description": "The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12775.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-12775 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555", "CVE-2009-2629", "CVE-2009-3896"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066450", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066450", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12775.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12775 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Fri Dec 4 2009 Jeremy Hinegardner - 0.7.64-1\n- update to 0.7.64\n* Thu Oct 29 2009 Jeremy Hinegardner - 0.7.63-1\n- update to 0.7.63\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nginx' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12775\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12775.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66450\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-2629\", \"CVE-2009-3555\", \"CVE-2009-3896\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-12775 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=539573\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nginx\", rpm:\"nginx~0.7.64~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nginx-debuginfo\", rpm:\"nginx-debuginfo~0.7.64~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:34", "description": "The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12775.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-12775 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555", "CVE-2009-2629", "CVE-2009-3896"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66450", "href": "http://plugins.openvas.org/nasl.php?oid=66450", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12775.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12775 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Fri Dec 4 2009 Jeremy Hinegardner - 0.7.64-1\n- update to 0.7.64\n* Thu Oct 29 2009 Jeremy Hinegardner - 0.7.63-1\n- update to 0.7.63\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nginx' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12775\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12775.\";\n\n\n\nif(description)\n{\n script_id(66450);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-2629\", \"CVE-2009-3555\", \"CVE-2009-3896\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-12775 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=539573\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nginx\", rpm:\"nginx~0.7.64~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nginx-debuginfo\", rpm:\"nginx-debuginfo~0.7.64~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:51", "description": "The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12750.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-12750 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555", "CVE-2009-2629", "CVE-2009-3896"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66449", "href": "http://plugins.openvas.org/nasl.php?oid=66449", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12750.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12750 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Fri Dec 4 2009 Jeremy Hinegardner - 0.7.64-1\n- Update to new stable 0.7.64\n* Thu Oct 29 2009 Jeremy Hinegardner - 0.7.63-1\n- Update to new stable 0.7.63\n- reinstate zlib dependency\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nginx' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12750\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12750.\";\n\n\n\nif(description)\n{\n script_id(66449);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3896\", \"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-12750 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=539573\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nginx\", rpm:\"nginx~0.7.64~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nginx-debuginfo\", rpm:\"nginx-debuginfo~0.7.64~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:34", "description": "The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12750.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-12750 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555", "CVE-2009-2629", "CVE-2009-3896"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066449", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066449", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12750.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12750 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Fri Dec 4 2009 Jeremy Hinegardner - 0.7.64-1\n- Update to new stable 0.7.64\n* Thu Oct 29 2009 Jeremy Hinegardner - 0.7.63-1\n- Update to new stable 0.7.63\n- reinstate zlib dependency\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nginx' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12750\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12750.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66449\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3896\", \"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-12750 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=539573\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nginx\", rpm:\"nginx~0.7.64~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nginx-debuginfo\", rpm:\"nginx-debuginfo~0.7.64~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:24", "description": "The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12782.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-12782 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555", "CVE-2009-2629", "CVE-2009-3896"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066451", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066451", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12782.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12782 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Fri Dec 4 2009 Jeremy Hinegardner - 0.7.64-1\n- update to 0.7.64\n* Thu Oct 29 2009 Jeremy Hinegardner - 0.7.63-1\n- update to 0.7.63\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nginx' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12782\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12782.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66451\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-2629\", \"CVE-2009-3555\", \"CVE-2009-3896\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-12782 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=539573\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nginx\", rpm:\"nginx~0.7.64~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nginx-debuginfo\", rpm:\"nginx-debuginfo~0.7.64~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:27", "description": "The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12782.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-12782 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555", "CVE-2009-2629", "CVE-2009-3896"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66451", "href": "http://plugins.openvas.org/nasl.php?oid=66451", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12782.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12782 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Fri Dec 4 2009 Jeremy Hinegardner - 0.7.64-1\n- update to 0.7.64\n* Thu Oct 29 2009 Jeremy Hinegardner - 0.7.63-1\n- update to 0.7.63\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nginx' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12782\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-12782.\";\n\n\n\nif(description)\n{\n script_id(66451);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-2629\", \"CVE-2009-3555\", \"CVE-2009-3896\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-12782 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=539573\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nginx\", rpm:\"nginx~0.7.64~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nginx-debuginfo\", rpm:\"nginx-debuginfo~0.7.64~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:16", "description": "The 'nginx' program is prone to a buffer-overflow vulnerability\nbecause the application fails to perform adequate boundary checks on\nuser-supplied data.\n\nAttackers can exploit this issue to execute arbitrary code within the\ncontext of the affected application. Failed exploit attempts will\nresult in a denial-of-service condition.", "cvss3": {}, "published": "2009-10-28T00:00:00", "type": "openvas", "title": "nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3896"], "modified": "2017-01-13T00:00:00", "id": "OPENVAS:100321", "href": "http://plugins.openvas.org/nasl.php?oid=100321", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: nginx_36839.nasl 5002 2017-01-13 10:17:13Z teissa $\n#\n# nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability\n#\n# Authors:\n# Michael Meyer\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"The 'nginx' program is prone to a buffer-overflow vulnerability\nbecause the application fails to perform adequate boundary checks on\nuser-supplied data.\n\nAttackers can exploit this issue to execute arbitrary code within the\ncontext of the affected application. Failed exploit attempts will\nresult in a denial-of-service condition.\";\n\ntag_solution = \"Updates are available. Please see the references for more information.\";\n\nif (description)\n{\n script_id(100321);\n script_version(\"$Revision: 5002 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-13 11:17:13 +0100 (Fri, 13 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-28 11:13:14 +0100 (Wed, 28 Oct 2009)\");\n script_cve_id(\"CVE-2009-3896\");\n script_bugtraq_id(36839);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_name(\"nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability\");\n\n script_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/36839\");\n script_xref(name : \"URL\" , value : \"http://nginx.net/\");\n script_xref(name : \"URL\" , value : \"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552035\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web Servers\");\n script_copyright(\"This script is Copyright (C) 2009 Greenbone Networks GmbH\");\n script_dependencies(\"nginx_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"nginx/installed\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"version_func.inc\");\n\nport = get_http_port(default:80);\nif(!get_port_state(port))exit(0);\n\nif(!vers = get_kb_item(string(\"nginx/\", port, \"/version\")))exit(0);\nif(!isnull(vers) && vers >!< \"unknown\") {\n\n\n if(version_in_range(version:vers, test_version:\"0.7\", test_version2: \"0.7.61\") ||\n version_in_range(version:vers, test_version:\"0.6\", test_version2: \"0.6.38\") ||\n version_in_range(version:vers, test_version:\"0.5\", test_version2: \"0.5.37\") ||\n version_in_range(version:vers, test_version:\"0.4\", test_version2: \"0.4.14\")) {\n\n security_message(port:port);\n\n }\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:16", "description": "The ", "cvss3": {}, "published": "2009-10-28T00:00:00", "type": "openvas", "title": "nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3896"], "modified": "2019-02-26T00:00:00", "id": "OPENVAS:1361412562310100321", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100321", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: nginx_36839.nasl 13859 2019-02-26 05:27:33Z ckuersteiner $\n#\n# nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability\n#\n# Authors:\n# Michael Meyer\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:nginx:nginx\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100321\");\n script_version(\"$Revision: 13859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-26 06:27:33 +0100 (Tue, 26 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-28 11:13:14 +0100 (Wed, 28 Oct 2009)\");\n script_cve_id(\"CVE-2009-3896\");\n script_bugtraq_id(36839);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_name(\"nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/36839\");\n script_xref(name:\"URL\", value:\"http://nginx.net/\");\n script_xref(name:\"URL\", value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552035\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web Servers\");\n script_copyright(\"This script is Copyright (C) 2009 Greenbone Networks GmbH\");\n script_dependencies(\"nginx_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"nginx/installed\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"The 'nginx' program is prone to a buffer-overflow vulnerability\nbecause the application fails to perform adequate boundary checks on user-supplied data.\n\nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed\nexploit attempts will result in a denial-of-service condition.\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_in_range(version:version, test_version:\"0.7\", test_version2: \"0.7.61\") ||\n version_in_range(version:version, test_version:\"0.6\", test_version2: \"0.6.38\") ||\n version_in_range(version:version, test_version:\"0.5\", test_version2: \"0.5.37\") ||\n version_in_range(version:version, test_version:\"0.4\", test_version2: \"0.4.14\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"See advisory\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:51:06", "description": "The remote host is missing updates announced in\nadvisory GLSA 201203-22.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201203-22 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3898", "CVE-2009-3555", "CVE-2011-4315", "CVE-2009-3896", "CVE-2012-1180"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71308", "href": "http://plugins.openvas.org/nasl.php?oid=71308", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in nginx, the worst of\n which may allow execution of arbitrary code.\";\ntag_solution = \"All nginx users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/nginx-1.0.14'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201203-22\nhttp://bugs.gentoo.org/show_bug.cgi?id=293785\nhttp://bugs.gentoo.org/show_bug.cgi?id=293786\nhttp://bugs.gentoo.org/show_bug.cgi?id=293788\nhttp://bugs.gentoo.org/show_bug.cgi?id=389319\nhttp://bugs.gentoo.org/show_bug.cgi?id=408367\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201203-22.\";\n\n \n \nif(description)\n{\n script_id(71308);\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3896\", \"CVE-2009-3898\", \"CVE-2011-4315\", \"CVE-2012-1180\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:57 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201203-22 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-servers/nginx\", unaffected: make_list(\"ge 1.0.14\"), vulnerable: make_list(\"lt 1.0.14\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:43", "description": "The remote host is missing updates announced in\nadvisory GLSA 201203-22.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201203-22 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3898", "CVE-2009-3555", "CVE-2011-4315", "CVE-2009-3896", "CVE-2012-1180"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231071308", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071308", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201203_22.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71308\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3896\", \"CVE-2009-3898\", \"CVE-2011-4315\", \"CVE-2012-1180\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:57 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201203-22 (nginx)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in nginx, the worst of\n which may allow execution of arbitrary code.\");\n script_tag(name:\"solution\", value:\"All nginx users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/nginx-1.0.14'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201203-22\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=293785\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=293786\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=293788\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=389319\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=408367\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201203-22.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-servers/nginx\", unaffected: make_list(\"ge 1.0.14\"), vulnerable: make_list(\"lt 1.0.14\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2017-07-02T21:13:56", "description": "The 'nginx' program is prone to a buffer-overflow vulnerability\nbecause the application fails to perform adequate boundary checks on\nuser-supplied data.\n\nAttackers can exploit this issue to execute arbitrary code within the\ncontext of the affected application. Failed exploit attempts will\nresult in a denial-of-service condition.", "cvss3": {}, "published": "2009-10-01T00:00:00", "type": "openvas", "title": "nginx HTTP Request Remote Buffer Overflow Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2017-01-13T00:00:00", "id": "OPENVAS:100276", "href": "http://plugins.openvas.org/nasl.php?oid=100276", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: nginx_36384.nasl 5002 2017-01-13 10:17:13Z teissa $\n#\n# nginx HTTP Request Remote Buffer Overflow Vulnerability\n#\n# Authors:\n# Michael Meyer\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"The 'nginx' program is prone to a buffer-overflow vulnerability\nbecause the application fails to perform adequate boundary checks on\nuser-supplied data.\n\nAttackers can exploit this issue to execute arbitrary code within the\ncontext of the affected application. Failed exploit attempts will\nresult in a denial-of-service condition.\";\n\ntag_solution = \"Updates are available. Please see the references for more information.\";\n\nif (description)\n{\n script_id(100276);\n script_version(\"$Revision: 5002 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-13 11:17:13 +0100 (Fri, 13 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-01 18:57:31 +0200 (Thu, 01 Oct 2009)\");\n script_bugtraq_id(36384);\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_name(\"nginx HTTP Request Remote Buffer Overflow Vulnerability\");\n\n script_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/36384\");\n script_xref(name : \"URL\" , value : \"http://nginx.net/CHANGES-0.5\");\n script_xref(name : \"URL\" , value : \"http://nginx.net/CHANGES-0.6\");\n script_xref(name : \"URL\" , value : \"http://nginx.net/CHANGES-0.7\");\n script_xref(name : \"URL\" , value : \"http://nginx.net/CHANGES\");\n script_xref(name : \"URL\" , value : \"http://nginx.net/\");\n script_xref(name : \"URL\" , value : \"http://www.kb.cert.org/vuls/id/180065\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web Servers\");\n script_copyright(\"This script is Copyright (C) 2009 Greenbone Networks GmbH\");\n script_dependencies(\"nginx_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"nginx/installed\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"version_func.inc\");\n\nport = get_http_port(default:80);\nif(!get_port_state(port))exit(0);\n\nif(!vers = get_kb_item(string(\"nginx/\", port, \"/version\")))exit(0);\nif(!isnull(vers) && vers >!< \"unknown\") {\n\n if(\n version_is_less(version: vers, test_version:\"0.5.38\") ||\n version_in_range(version:vers, test_version:\"0.6\", test_version2:\"0.6.38\") ||\n version_in_range(version:vers, test_version:\"0.7\", test_version2:\"0.7.61\") ||\n version_in_range(version:vers, test_version:\"0.8\", test_version2:\"0.8.14\")\n ) {\n\n security_message(port:port);\n exit(0);\n }\n\n}\n\nexit(0); \n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:00", "description": "The remote host is missing updates announced in\nadvisory GLSA 200909-18.", "cvss3": {}, "published": "2009-09-21T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200909-18 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64924", "href": "http://plugins.openvas.org/nasl.php?oid=64924", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer underflow vulnerability in the request URI processing of nginx\n might enable remote attackers to execute arbitrary code or cause a\nDenial\n of Service.\";\ntag_solution = \"All nginx 0.5.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =www-servers/nginx-0.5.38\n\nAll nginx 0.6.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =www-servers/nginx-0.6.39\n\nAll nginx 0.7.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =www-servers/nginx-0.7.62\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200909-18\nhttp://bugs.gentoo.org/show_bug.cgi?id=285162\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200909-18.\";\n\n \n \n\nif(description)\n{\n script_id(64924);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200909-18 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-servers/nginx\", unaffected: make_list(\"rge 0.5.38\", \"rge 0.6.39\", \"ge 0.7.62\"), vulnerable: make_list(\"lt 0.7.62\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:33", "description": "The remote host is missing an update to nginx\nannounced via advisory DSA 1884-1.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1884-1 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064869", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064869", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1884_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1884-1 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Chris Ries discovered that nginx, a high-performance HTTP server, reverse\nproxy and IMAP/POP3 proxy server, is vulnerable to a buffer underflow when\nprocessing certain HTTP requests. An attacker can use this to execute\narbitrary code with the rights of the worker process (www-data on Debian)\nor possibly perform denial of service attacks by repeatedly crashing\nworker processes via a specially crafted URL in an HTTP request.\n\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 0.4.13-2+etch2.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.6.32-3+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.7.61-3.\n\n\nWe recommend that you upgrade your nginx packages.\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory DSA 1884-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201884-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64869\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1884-1 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"nginx\", ver:\"0.4.13-2+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx\", ver:\"0.6.32-3+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:55", "description": "The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-9630.", "cvss3": {}, "published": "2009-09-21T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-9630 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064911", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064911", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9630.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9630 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Mon Sep 14 2009 Jeremy Hinegardner - 0.7.62-1\n- update to 0.7.62\n- fixes CVE-2009-2629\n* Sun Aug 2 2009 Jeremy Hinegardner - 0.7.61-1\n- update to new stable 0.7.61\n- remove third party module\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nginx' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9630\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-9630.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64911\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-9630 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=523105\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nginx\", rpm:\"nginx~0.7.62~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nginx-debuginfo\", rpm:\"nginx-debuginfo~0.7.62~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:31", "description": "The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-9652.", "cvss3": {}, "published": "2009-09-21T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-9652 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64912", "href": "http://plugins.openvas.org/nasl.php?oid=64912", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9652.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9652 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Mon Sep 14 2009 Jeremy Hinegardner - 0.7.62-1\n- update to 0.7.62\n- fixes CVE-2009-2629\n* Sun Aug 2 2009 Jeremy Hinegardner - 0.7.61-1\n- update to new stable 0.7.61\n- remove third party module\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nginx' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9652\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-9652.\";\n\n\n\nif(description)\n{\n script_id(64912);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-9652 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=523105\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nginx\", rpm:\"nginx~0.7.62~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nginx-debuginfo\", rpm:\"nginx-debuginfo~0.7.62~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:08", "description": "The remote host is missing an update to nginx\nannounced via advisory DSA 1884-1.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1884-1 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64869", "href": "http://plugins.openvas.org/nasl.php?oid=64869", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1884_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1884-1 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Chris Ries discovered that nginx, a high-performance HTTP server, reverse\nproxy and IMAP/POP3 proxy server, is vulnerable to a buffer underflow when\nprocessing certain HTTP requests. An attacker can use this to execute\narbitrary code with the rights of the worker process (www-data on Debian)\nor possibly perform denial of service attacks by repeatedly crashing\nworker processes via a specially crafted URL in an HTTP request.\n\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 0.4.13-2+etch2.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.6.32-3+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.7.61-3.\n\n\nWe recommend that you upgrade your nginx packages.\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory DSA 1884-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201884-1\";\n\n\nif(description)\n{\n script_id(64869);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1884-1 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"nginx\", ver:\"0.4.13-2+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx\", ver:\"0.6.32-3+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:23", "description": "The ", "cvss3": {}, "published": "2009-10-01T00:00:00", "type": "openvas", "title": "nginx HTTP Request Remote Buffer Overflow Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2019-02-26T00:00:00", "id": "OPENVAS:1361412562310100276", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100276", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: nginx_36384.nasl 13859 2019-02-26 05:27:33Z ckuersteiner $\n#\n# nginx HTTP Request Remote Buffer Overflow Vulnerability\n#\n# Authors:\n# Michael Meyer\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:nginx:nginx\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100276\");\n script_version(\"$Revision: 13859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-26 06:27:33 +0100 (Tue, 26 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-01 18:57:31 +0200 (Thu, 01 Oct 2009)\");\n script_bugtraq_id(36384);\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_name(\"nginx HTTP Request Remote Buffer Overflow Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/36384\");\n script_xref(name:\"URL\", value:\"http://nginx.net/CHANGES-0.5\");\n script_xref(name:\"URL\", value:\"http://nginx.net/CHANGES-0.6\");\n script_xref(name:\"URL\", value:\"http://nginx.net/CHANGES-0.7\");\n script_xref(name:\"URL\", value:\"http://nginx.net/CHANGES\");\n script_xref(name:\"URL\", value:\"http://nginx.net/\");\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/180065\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web Servers\");\n script_copyright(\"This script is Copyright (C) 2009 Greenbone Networks GmbH\");\n script_dependencies(\"nginx_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"nginx/installed\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"The 'nginx' program is prone to a buffer-overflow vulnerability\nbecause the application fails to perform adequate boundary checks on user-supplied data.\n\nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed\nexploit attempts will result in a denial-of-service condition.\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_is_less(version: version, test_version:\"0.5.38\") ||\n version_in_range(version:version, test_version:\"0.6\", test_version2:\"0.6.38\") ||\n version_in_range(version:version, test_version:\"0.7\", test_version2:\"0.7.61\") ||\n version_in_range(version:version, test_version:\"0.8\", test_version2:\"0.8.14\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"See advisory\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:37:08", "description": "The remote host is missing updates announced in\nadvisory GLSA 200909-18.", "cvss3": {}, "published": "2009-09-21T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200909-18 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064924", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064924", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer underflow vulnerability in the request URI processing of nginx\n might enable remote attackers to execute arbitrary code or cause a\nDenial\n of Service.\";\ntag_solution = \"All nginx 0.5.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =www-servers/nginx-0.5.38\n\nAll nginx 0.6.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =www-servers/nginx-0.6.39\n\nAll nginx 0.7.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =www-servers/nginx-0.7.62\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200909-18\nhttp://bugs.gentoo.org/show_bug.cgi?id=285162\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200909-18.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64924\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200909-18 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-servers/nginx\", unaffected: make_list(\"rge 0.5.38\", \"rge 0.6.39\", \"ge 0.7.62\"), vulnerable: make_list(\"lt 0.7.62\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:11", "description": "This host is running nginx and is prone to buffer-overflow vulnerability.", "cvss3": {}, "published": "2010-11-18T00:00:00", "type": "openvas", "title": "nginx HTTP Request Remote Buffer Overflow Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2019-02-26T00:00:00", "id": "OPENVAS:1361412562310801636", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801636", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_nginx_http_request_bof_vuln.nasl 13859 2019-02-26 05:27:33Z ckuersteiner $\n#\n# nginx HTTP Request Remote Buffer Overflow Vulnerability\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:nginx:nginx\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801636\");\n script_version(\"$Revision: 13859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-26 06:27:33 +0100 (Tue, 26 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-18 06:30:08 +0100 (Thu, 18 Nov 2010)\");\n script_cve_id(\"CVE-2009-2629\");\n script_bugtraq_id(36384);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_name(\"nginx HTTP Request Remote Buffer Overflow Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/180065\");\n script_xref(name:\"URL\", value:\"http://sysoev.ru/nginx/patch.180065.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"nginx_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"nginx/installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to execute arbitrary code\n within the context of the affected application. Failed exploit attempts will result in a denial-of-service\n condition.\");\n\n script_tag(name:\"affected\", value:\"nginx versions 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before\n 0.7.62 and 0.8.x before 0.8.15.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an error in 'src/http/ngx_http_parse.c' which\n allows remote attackers to execute arbitrary code via crafted HTTP requests.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to nginx versions 0.5.38, 0.6.39, 0.7.62 or 0.8.15\");\n\n script_tag(name:\"summary\", value:\"This host is running nginx and is prone to buffer-overflow vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) ) exit( 0 );\nif( ! version = get_app_version( cpe:CPE, port:port ) ) exit( 0 );\n\nif(version_in_range(version: version, test_version:\"0.1.0\", test_version2:\"0.5.37\") ||\n version_in_range(version: version, test_version:\"0.6.0\", test_version2:\"0.6.38\") ||\n version_in_range(version: version, test_version:\"0.7.0\", test_version2:\"0.7.61\")) {\n report = report_fixed_ver( installed_version:version, fixed_version:\"0.5.37/0.6.38/0.7.61\" );\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit( 99 );\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:38:35", "description": "The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-9652.", "cvss3": {}, "published": "2009-09-21T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-9652 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064912", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064912", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9652.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9652 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Mon Sep 14 2009 Jeremy Hinegardner - 0.7.62-1\n- update to 0.7.62\n- fixes CVE-2009-2629\n* Sun Aug 2 2009 Jeremy Hinegardner - 0.7.61-1\n- update to new stable 0.7.61\n- remove third party module\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nginx' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9652\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-9652.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64912\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-9652 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=523105\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nginx\", rpm:\"nginx~0.7.62~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nginx-debuginfo\", rpm:\"nginx-debuginfo~0.7.62~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:38", "description": "The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-9630.", "cvss3": {}, "published": "2009-09-21T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-9630 (nginx)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64911", "href": "http://plugins.openvas.org/nasl.php?oid=64911", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9630.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9630 (nginx)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Mon Sep 14 2009 Jeremy Hinegardner - 0.7.62-1\n- update to 0.7.62\n- fixes CVE-2009-2629\n* Sun Aug 2 2009 Jeremy Hinegardner - 0.7.61-1\n- update to new stable 0.7.61\n- remove third party module\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nginx' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9630\";\ntag_summary = \"The remote host is missing an update to nginx\nannounced via advisory FEDORA-2009-9630.\";\n\n\n\nif(description)\n{\n script_id(64911);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-9630 (nginx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=523105\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nginx\", rpm:\"nginx~0.7.62~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nginx-debuginfo\", rpm:\"nginx-debuginfo~0.7.62~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:36", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "FreeBSD Ports: nginx", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064894", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064894", "sourceData": "#\n#VID 152b27f0-a158-11de-990c-e5b1d4c882e0\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 152b27f0-a158-11de-990c-e5b1d4c882e0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n nginx\n nginx-devel\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://nginx.net/CHANGES\nhttp://lists.debian.org/debian-security-announce/2009/msg00205.html\nhttp://www.vuxml.org/freebsd/152b27f0-a158-11de-990c-e5b1d4c882e0.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64894\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: nginx\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"nginx\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.7.62\")<0) {\n txt += 'Package nginx version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"nginx-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.8.15\")<0) {\n txt += 'Package nginx-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:19", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "FreeBSD Ports: nginx", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2016-12-23T00:00:00", "id": "OPENVAS:64894", "href": "http://plugins.openvas.org/nasl.php?oid=64894", "sourceData": "#\n#VID 152b27f0-a158-11de-990c-e5b1d4c882e0\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 152b27f0-a158-11de-990c-e5b1d4c882e0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n nginx\n nginx-devel\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://nginx.net/CHANGES\nhttp://lists.debian.org/debian-security-announce/2009/msg00205.html\nhttp://www.vuxml.org/freebsd/152b27f0-a158-11de-990c-e5b1d4c882e0.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(64894);\n script_version(\"$Revision: 4847 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-23 10:33:16 +0100 (Fri, 23 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2629\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: nginx\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"nginx\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.7.62\")<0) {\n txt += 'Package nginx version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"nginx-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.8.15\")<0) {\n txt += 'Package nginx-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:05", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-320-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2009-320-01 openssl ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66270", "href": "http://plugins.openvas.org/nasl.php?oid=66270", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_320_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,\nand -current to fix a security issue.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-320-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-320-01\";\n \nif(description)\n{\n script_id(66270);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2009-320-01 openssl \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-4_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-4_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-4_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-4_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-4_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-4_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8i-i486-4_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8i-i486-4_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8k-i486-3_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8k-i486-3_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:18", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl\n openssl-devel\n openssl-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES10: Security update for OpenSSL", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066279", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066279", "sourceData": "#\n#VID slesp2-openssl-6654\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for OpenSSL\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl\n openssl-devel\n openssl-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66279\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"SLES10: Security update for OpenSSL\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8a~18.39.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8a~18.39.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8a~18.39.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-23T13:05:54", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-990-1", "cvss3": {}, "published": "2010-09-27T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl vulnerability USN-990-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:1361412562310840505", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840505", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_990_1.nasl 8495 2018-01-23 07:57:49Z teissa $\n#\n# Ubuntu Update for openssl vulnerability USN-990-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds backported support\n for the new RFC5746 renegotiation extension and will use it when both the\n client and the server support it.\n\n ATTENTION: After applying this update, a patched server will allow both\n patched and unpatched clients to connect, but unpatched clients will not be\n able to renegotiate. For more information, please refer to the following:\n http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html\n http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-990-1\";\ntag_affected = \"openssl vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-990-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840505\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-27 08:14:44 +0200 (Mon, 27 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"990-1\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Ubuntu Update for openssl vulnerability USN-990-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8a-7ubuntu0.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8a-7ubuntu0.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8a-7ubuntu0.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8a-7ubuntu0.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8a-7ubuntu0.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-udeb\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:09", "description": "The remote host is missing an update to proftpd\nannounced via advisory FEDORA-2009-13250.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-13250 (proftpd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066583", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066583", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_13250.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-13250 (proftpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details, please visit the referenced advisories.\n\nChangeLog:\n\n* Thu Dec 10 2009 Paul Howarth 1.3.2c-1\n- Update to 1.3.2c, addressing the following issues:\n- SSL/TLS renegotiation vulnerability (CVE-2009-3555, bug 3324)\n- Failed database transaction can cause mod_quotatab to loop (bug 3228)\n- Segfault in mod_wrap (bug 3332)\n- sections can have problems (bug 3337)\n- mod_wrap2 segfaults when a valid user retries the USER command (bug 3341)\n- mod_auth_file handles 'getgroups' request incorrectly (bug 3347)\n- Segfault caused by scrubbing zero-length portion of memory (bug 3350)\n- Drop upstreamed segfault patch\n* Thu Dec 10 2009 Paul Howarth 1.3.2b-3\n- Add patch for upstream bug 3350 - segfault on auth failures\n* Wed Dec 9 2009 Paul Howarth 1.3.2b-2\n- Reduce the mod_facts patch to the single commit addressing the issue with\ndirectory names with glob characters (#521634), avoiding introducing a\nfurther problem with (#544002)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update proftpd' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13250\";\ntag_summary = \"The remote host is missing an update to proftpd\nannounced via advisory FEDORA-2009-13250.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66583\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-13250 (proftpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=533125\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"proftpd\", rpm:\"proftpd~1.3.2c~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"proftpd-ldap\", rpm:\"proftpd-ldap~1.3.2c~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"proftpd-mysql\", rpm:\"proftpd-mysql~1.3.2c~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"proftpd-postgresql\", rpm:\"proftpd-postgresql~1.3.2c~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"proftpd-debuginfo\", rpm:\"proftpd-debuginfo~1.3.2c~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:41", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libopenssl0_9_8\n openssl\n openssl-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES11: Security update for libopenssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66285", "href": "http://plugins.openvas.org/nasl.php?oid=66285", "sourceData": "#\n#VID d0129289ed5f99e99f64649fe9227069\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libopenssl\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libopenssl0_9_8\n openssl\n openssl-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=553641\");\n script_id(66285);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"SLES11: Security update for libopenssl\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~30.15.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~30.15.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~30.15.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:40", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libopenssl0_9_8\n openssl\n openssl-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES11: Security update for libopenssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066285", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066285", "sourceData": "#\n#VID d0129289ed5f99e99f64649fe9227069\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libopenssl\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libopenssl0_9_8\n openssl\n openssl-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=553641\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.66285\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"SLES11: Security update for libopenssl\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~30.15.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~30.15.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~30.15.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:05", "description": "Check for the Version of gnutls", "cvss3": {}, "published": "2010-06-25T00:00:00", "type": "openvas", "title": "Fedora Update for gnutls FEDORA-2010-9518", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:1361412562310862184", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862184", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnutls FEDORA-2010-9518\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnutls on Fedora 13\";\ntag_insight = \"GnuTLS is a project that aims to develop a library which provides a secure\n layer, over a reliable transport layer. Currently the GnuTLS library implements\n the proposed standards by the IETF's TLS working group.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043275.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862184\");\n script_version(\"$Revision: 8228 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 08:29:52 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-25 12:25:26 +0200 (Fri, 25 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-9518\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Fedora Update for gnutls FEDORA-2010-9518\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnutls\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.8.6~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-22T13:05:37", "description": "Check for the Version of nss", "cvss3": {}, "published": "2010-03-02T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2010-1127", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310861695", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2010-1127\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora 12\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034817.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861695\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-1127\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Fedora Update for nss FEDORA-2010-1127\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.5~8.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-23T13:05:38", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-927-6", "cvss3": {}, "published": "2010-07-26T00:00:00", "type": "openvas", "title": "Ubuntu Update for nss vulnerability USN-927-6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:1361412562310840468", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840468", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_927_6.nasl 8495 2018-01-23 07:57:49Z teissa $\n#\n# Ubuntu Update for nss vulnerability USN-927-6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-927-1 fixed vulnerabilities in NSS on Ubuntu 9.10. This update provides the\n corresponding updates for Ubuntu 9.04.\n\n Original advisory details:\n \n Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds support for the new\n new renegotiation extension and will use it when the server supports it.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-927-6\";\ntag_affected = \"nss vulnerability on Ubuntu 9.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-927-6/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840468\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"927-6\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Ubuntu Update for nss vulnerability USN-927-6\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3-1d-dbg\", ver:\"3.12.6-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"3.12.6-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"3.12.6-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-0d\", ver:\"3.12.6-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"3.12.6-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:12", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-320-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2009-320-01 openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231066270", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066270", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_320_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66270\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2009-320-01 openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(11\\.0|12\\.0|12\\.1|12\\.2|13\\.0)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-320-01\");\n\n script_tag(name:\"insight\", value:\"New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,\nand -current to fix a security issue.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2009-320-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-4_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-4_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-4_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-4_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-4_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-4_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8i-i486-4_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8i-i486-4_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8k-i486-3_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8k-i486-3_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2017-07-02T21:09:51", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS10-049.", "cvss3": {}, "published": "2010-08-11T00:00:00", "type": "openvas", "title": "Remote Code Execution Vulnerabilities in SChannel (980436)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-04-11T00:00:00", "id": "OPENVAS:900247", "href": "http://plugins.openvas.org/nasl.php?oid=900247", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms10-049.nasl 5934 2017-04-11 12:28:28Z antu123 $\n#\n# Remote Code Execution Vulnerabilities in SChannel (980436)\n#\n# Authors:\n# Veerendra G.G <veerendragg@secpod.com>\n#\n# Updated By: Madhuri D <dmadhuri@secpod.com> on 2010-09-12\n# - To detect file version 'SChannel.dll' on vista, win 2008 and win 7\n#\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Fioundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(900247);\n script_version(\"$Revision: 5934 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-11 14:28:28 +0200 (Tue, 11 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-11 15:08:29 +0200 (Wed, 11 Aug 2010)\");\n script_bugtraq_id(36935);\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Remote Code Execution Vulnerabilities in SChannel (980436)\");\n script_xref(name : \"URL\" , value : \"http://xforce.iss.net/xforce/xfdb/54158\");\n script_xref(name : \"URL\" , value : \"http://www.microsoft.com/technet/security/bulletin/MS10-049.mspx\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n script_tag(name : \"impact\" , value : \"Successful exploitation of this issue may allow attackers to perform limited\n man-in-the-middle attacks to inject data into the beginning of the\n application protocol stream to execute HTTP transactions, bypass\n authentication.\n Impact Level: Application\");\n script_tag(name : \"affected\" , value : \"Micorsoft Windows 7\n Microsoft Windows XP Service Pack 3 and prior.\n Microsoft Windows 2K3 Service Pack 2 and prior.\n Microsoft Windows Vista Service Pack 1/2 and prior.\n Microsoft Windows Server 2008 Service Pack 1/2 and prior.\");\n script_tag(name : \"insight\" , value : \"A flaw exists in the Microsoft Windows SChannel (Secure Channel)\n authentication component when using certificate based authentication, which\n allows spoofing.\");\n script_tag(name : \"solution\" , value : \"Run Windows Update and update the listed hotfixes or download and\n update mentioned hotfixes in the advisory from the below link,\n http://www.microsoft.com/technet/security/bulletin/MS10-049.mspx\");\n script_tag(name : \"summary\" , value : \"This host is missing a critical security update according to\n Microsoft Bulletin MS10-049.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(xp:4, win2003:3, winVista:3, win7:1, win2008:3) <= 0){\n exit(0);\n}\n\n## Check for Hotfix 980436 (MS10-049)\nif(hotfix_missing(name:\"980436\") == 0){\n exit(0);\n}\n\n## Get System32 path\nsysPath = smb_get_system32root();\nif(sysPath)\n{\n dllVer = fetch_file_version(sysPath, file_name:\"Schannel.dll\");\n if(!dllVer){\n exit(0);\n }\n}\n\n## Windows XP\nif(hotfix_check_sp(xp:4) > 0)\n{\n SP = get_kb_item(\"SMB/WinXP/ServicePack\");\n if(\"Service Pack 3\" >< SP)\n {\n ## Grep for Schannel.dll < 5.1.2600.6006\n if(version_is_less(version:dllVer, test_version:\"5.1.2600.6006\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n}\n\n## Windows 2003\nif(hotfix_check_sp(win2003:3) > 0)\n{\n SP = get_kb_item(\"SMB/Win2003/ServicePack\");\n if(\"Service Pack 2\" >< SP)\n {\n ## Grep for Schannel.dll version < 5.2.3790.4724\n if(version_is_less(version:dllVer, test_version:\"5.2.3790.4724\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n}\n\n## Get System32 path\nsysPath = smb_get_system32root();\nif(sysPath)\n{\n dllVer = fetch_file_version(sysPath, file_name:\"Schannel.dll\");\n if(!dllVer){\n exit(0);\n }\n}\n\n# Windows Vista\nif(hotfix_check_sp(winVista:3) > 0)\n{\n SP = get_kb_item(\"SMB/WinVista/ServicePack\");\n if(\"Service Pack 1\" >< SP)\n {\n # Grep for Schannel.dll version < 6.0.6001.18490\n if(version_is_less(version:dllVer, test_version:\"6.0.6001.18490\")){\n security_message(0);\n }\n exit(0);\n }\n\n if(\"Service Pack 2\" >< SP)\n {\n # Grep for Schannel.dll version < 6.0.6002.18269\n if(version_is_less(version:dllVer, test_version:\"6.0.6002.18269\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n}\n\n# Windows Server 2008\nelse if(hotfix_check_sp(win2008:3) > 0)\n{\n SP = get_kb_item(\"SMB/Win2008/ServicePack\");\n if(\"Service Pack 1\" >< SP)\n {\n # Grep for Schannel.dll version < 6.0.6001.18490\n if(version_is_less(version:dllVer, test_version:\"6.0.6001.18490\")){\n security_message(0);\n }\n exit(0);\n }\n\n if(\"Service Pack 2\" >< SP)\n {\n # Grep for Schannel.dll version < 6.0.6002.18269\n if(version_is_less(version:dllVer, test_version:\"6.0.6002.18269\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n}\n\n# Windows 7\nelse if(hotfix_check_sp(win7:1) > 0)\n{\n # Grep for Schannel.dll version < 6.1.7600.16612\n if(version_is_less(version:dllVer, test_version:\"6.1.7600.16612\")){\n security_message(0);\n }\n}\n\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:38", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-927-4", "cvss3": {}, "published": "2010-07-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for nss vulnerability USN-927-4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:1361412562310840455", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_927_4.nasl 8246 2017-12-26 07:29:20Z teissa $\n#\n# Ubuntu Update for nss vulnerability USN-927-4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-927-1 fixed vulnerabilities in nss in Ubuntu 9.10. This update provides\n the corresponding updates for Ubuntu 8.04 LTS.\n\n Original advisory details:\n \n Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds support for the new\n new renegotiation extension and will use it when the server supports it.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-927-4\";\ntag_affected = \"nss vulnerability on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-927-4/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840455\");\n script_version(\"$Revision: 8246 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 08:29:20 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-02 14:26:21 +0200 (Fri, 02 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"927-4\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Ubuntu Update for nss vulnerability USN-927-4\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3-0d\", ver:\"3.12.6-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-1d-dbg\", ver:\"3.12.6-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"3.12.6-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"3.12.6-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"3.12.6-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:53:43", "description": "Check for the Version of mandriva-release", "cvss3": {}, "published": "2010-02-19T00:00:00", "type": "openvas", "title": "Mandriva Update for mandriva-release MDVA-2010:069 (mandriva-release)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:1361412562310830893", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830893", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mandriva-release MDVA-2010:069 (mandriva-release)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The new mandriva-release packages adds extended maintenance access\n support.\n\n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers.\";\n\ntag_affected = \"mandriva-release on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-02/msg00030.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830893\");\n script_version(\"$Revision: 8314 $\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 09:01:01 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 13:38:15 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"MDVA\", value: \"2010:069\");\n script_name(\"Mandriva Update for mandriva-release MDVA-2010:069 (mandriva-release)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mandriva-release\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mandriva-release-common\", rpm:\"mandriva-release-common~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mandriva-release-Flash\", rpm:\"mandriva-release-Flash~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mandriva-release-Free\", rpm:\"mandriva-release-Free~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mandriva-release-One\", rpm:\"mandriva-release-One~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mandriva-release-Powerpack\", rpm:\"mandriva-release-Powerpack~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mandriva-release\", rpm:\"mandriva-release~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:30", "description": "Oracle Linux Local Security Checks ELSA-2010-0164", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0164", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122382", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122382", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0164.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122382\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:17:53 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0164\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0164 - openssl097a security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0164\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0164.html\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"openssl097a\", rpm:\"openssl097a~0.9.7a~9.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:36", "description": "Check for the Version of nspr", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for nspr CESA-2010:0165 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880611", "href": "http://plugins.openvas.org/nasl.php?oid=880611", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nspr CESA-2010:0165 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to support\n the cross-platform development of security-enabled client and server\n applications. Applications built with NSS can support SSLv2, SSLv3, TLS,\n and other security standards.\n\n Netscape Portable Runtime (NSPR) provides platform independence for non-GUI\n operating system facilities. These facilities include threads, thread\n synchronization, normal file and network I/O, interval timing, calendar\n time, basic memory management (malloc and free), and shared library\n linking.\n \n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handled session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update addresses this flaw by implementing the\n TLS Renegotiation Indication Extension, as defined in RFC 5746.\n (CVE-2009-3555)\n \n Refer to the following Knowledgebase article for additional details about\n this flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n \n Users of Red Hat Certificate System 7.3 and 8.0 should review the following\n Knowledgebase article before installing this update:\n http://kbase.redhat.com/faq/docs/DOC-28439\n \n All users of NSS are advised to upgrade to these updated packages, which\n update NSS to version 3.12.6. This erratum also updates the NSPR packages\n to the version required by NSS 3.12.6. All running applications using the\n NSS library must be restarted for this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"nspr on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-March/016602.html\");\n script_id(880611);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0165\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"CentOS Update for nspr CESA-2010:0165 centos5 i386\");\n\n script_summary(\"Check for the Version of nspr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~1.el5_4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.8.4~1.el5_4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.12.6~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.12.6~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.12.6~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:50", "description": "The remote host is missing an update to tomcat-native\nannounced via advisory FEDORA-2009-12229.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-12229 (tomcat-native)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66563", "href": "http://plugins.openvas.org/nasl.php?oid=66563", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12229.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12229 (tomcat-native)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to 1.1.18, implementing a mitigation for CVE-2009-3555.\nhttp://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\nhttp://marc.info/?l=tomcat-dev&m=125900987921402&w=2\nhttp://marc.info/?l=tomcat-dev&m=125874793414940&w=2\nhttp://marc.info/?l=tomcat-user&m=125874793614950&w=2\n\nChangeLog:\n\n* Tue Nov 24 2009 Ville Skytt\u00e4 - 1.1.18-1\n- Update to 1.1.18 (security; CVE-2009-3555).\n* Wed Nov 4 2009 Ville Skytt\u00e4 - 1.1.17-1\n- Update to 1.1.17 (#532931).\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update tomcat-native' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12229\";\ntag_summary = \"The remote host is missing an update to tomcat-native\nannounced via advisory FEDORA-2009-12229.\";\n\n\n\nif(description)\n{\n script_id(66563);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-12229 (tomcat-native)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat-native\", rpm:\"tomcat-native~1.1.18~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat-native-debuginfo\", rpm:\"tomcat-native-debuginfo~1.1.18~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:32", "description": "The remote host is missing an update to tomcat-native\nannounced via advisory FEDORA-2009-12229.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-12229 (tomcat-native)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066563", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066563", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12229.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12229 (tomcat-native)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to 1.1.18, implementing a mitigation for CVE-2009-3555.\nhttp://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\nhttp://marc.info/?l=tomcat-dev&m=125900987921402&w=2\nhttp://marc.info/?l=tomcat-dev&m=125874793414940&w=2\nhttp://marc.info/?l=tomcat-user&m=125874793614950&w=2\n\nChangeLog:\n\n* Tue Nov 24 2009 Ville Skytt\u00e4 - 1.1.18-1\n- Update to 1.1.18 (security; CVE-2009-3555).\n* Wed Nov 4 2009 Ville Skytt\u00e4 - 1.1.17-1\n- Update to 1.1.17 (#532931).\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update tomcat-native' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12229\";\ntag_summary = \"The remote host is missing an update to tomcat-native\nannounced via advisory FEDORA-2009-12229.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66563\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-12229 (tomcat-native)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat-native\", rpm:\"tomcat-native~1.1.18~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat-native-debuginfo\", rpm:\"tomcat-native-debuginfo~1.1.18~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:18:05", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-927-4", "cvss3": {}, "published": "2010-07-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for nss vulnerability USN-927-4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840455", "href": "http://plugins.openvas.org/nasl.php?oid=840455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_927_4.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for nss vulnerability USN-927-4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-927-1 fixed vulnerabilities in nss in Ubuntu 9.10. This update provides\n the corresponding updates for Ubuntu 8.04 LTS.\n\n Original advisory details:\n \n Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds support for the new\n new renegotiation extension and will use it when the server supports it.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-927-4\";\ntag_affected = \"nss vulnerability on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-927-4/\");\n script_id(840455);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-02 14:26:21 +0200 (Fri, 02 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"927-4\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Ubuntu Update for nss vulnerability USN-927-4\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3-0d\", ver:\"3.12.6-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-1d-dbg\", ver:\"3.12.6-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"3.12.6-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"3.12.6-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"3.12.6-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:12", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n compat-openssl097g\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES10: Security update for OpenSSL", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066278", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066278", "sourceData": "#\n#VID slesp2-compat-openssl097g-6656\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for OpenSSL\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n compat-openssl097g\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66278\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"SLES10: Security update for OpenSSL\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~13.19.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:10", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl\n openssl-devel\n openssl-doc\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5062661 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-23T00:00:00", "type": "openvas", "title": "SLES9: Security update for OpenSSL", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66310", "href": "http://plugins.openvas.org/nasl.php?oid=66310", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5062661.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for OpenSSL\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl\n openssl-devel\n openssl-doc\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5062661 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(66310);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-23 20:51:51 +0100 (Mon, 23 Nov 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"SLES9: Security update for OpenSSL\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.7d~15.41\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:43", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:057.", "cvss3": {}, "published": "2009-11-23T00:00:00", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:057 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066302", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066302", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_057.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:057 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The TLS/SSLv3 protocol as implemented in openssl prior to this update\nwas not able to associate already sent data to a renegotiated connection.\nThis allowed man-in-the-middle attackers to inject HTTP requests in a\nHTTPS session without being noticed.\nFor example Apache's mod_ssl was vulnerable to this kind of attack because\nit uses openssl.\n\nIt is believed that this vulnerability is actively exploited in the wild to\nget access to HTTPS protected web-sites.\n\nPlease note that renegotiation will be disabled for any application using\nopenssl by this update and may cause problems in some cases.\nAdditionally this attack is not limited to HTTP.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:057\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:057.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66302\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-23 20:51:51 +0100 (Mon, 23 Nov 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:057 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo\", rpm:\"compat-openssl097g-debuginfo~0.9.7g~149.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debugsource\", rpm:\"compat-openssl097g-debugsource~0.9.7g~149.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo\", rpm:\"libopenssl0_9_8-debuginfo~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~149.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo\", rpm:\"compat-openssl097g-debuginfo~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debugsource\", rpm:\"compat-openssl097g-debugsource~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo\", rpm:\"compat-openssl097g-debuginfo~0.9.7g~119.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debugsource\", rpm:\"compat-openssl097g-debugsource~0.9.7g~119.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~119.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8h~28.2.1\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8h~25.2.13\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo-64bit\", rpm:\"compat-openssl097g-debuginfo-64bit~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-64bit\", rpm:\"compat-openssl097g-64bit~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-64bit\", rpm:\"libopenssl0_9_8-64bit~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-64bit\", rpm:\"compat-openssl097g-64bit~0.9.7g~119.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-64bit\", rpm:\"libopenssl0_9_8-64bit~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo-32bit\", rpm:\"compat-openssl097g-debuginfo-32bit~0.9.7g~149.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo-32bit\", rpm:\"libopenssl0_9_8-debuginfo-32bit~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-32bit\", rpm:\"compat-openssl097g-32bit~0.9.7g~149.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo-32bit\", rpm:\"compat-openssl097g-debuginfo-32bit~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-32bit\", rpm:\"compat-openssl097g-32bit~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-32bit\", rpm:\"compat-openssl097g-32bit~0.9.7g~119.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-18T10:57:54", "description": "Check for the Version of mandriva-release", "cvss3": {}, "published": "2010-02-19T00:00:00", "type": "openvas", "title": "Mandriva Update for mandriva-release MDVA-2010:069 (mandriva-release)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:830893", "href": "http://plugins.openvas.org/nasl.php?oid=830893", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mandriva-release MDVA-2010:069 (mandriva-release)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The new mandriva-release packages adds extended maintenance access\n support.\n\n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers.\";\n\ntag_affected = \"mandriva-release on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-02/msg00030.php\");\n script_id(830893);\n script_version(\"$Revision: 8153 $\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 13:38:15 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"MDVA\", value: \"2010:069\");\n script_name(\"Mandriva Update for mandriva-release MDVA-2010:069 (mandriva-release)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mandriva-release\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mandriva-release-common\", rpm:\"mandriva-release-common~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mandriva-release-Flash\", rpm:\"mandriva-release-Flash~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mandriva-release-Free\", rpm:\"mandriva-release-Free~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mandriva-release-One\", rpm:\"mandriva-release-One~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mandriva-release-Powerpack\", rpm:\"mandriva-release-Powerpack~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mandriva-release\", rpm:\"mandriva-release~2008.0~7.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for openssl097a CESA-2010:0164 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880612", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880612", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl097a CESA-2010:0164 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.880612\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2010:0164\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"CentOS Update for openssl097a CESA-2010:0164 centos5 i386\");\n\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-March/016596.html\");\n script_xref(name:\"URL\", value:\"http://kbase.redhat.com/faq/docs/DOC-20491\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl097a'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"openssl097a on CentOS 5\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handled session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update addresses this flaw by implementing the\n TLS Renegotiation Indication Extension, as defined in RFC 5746.\n (CVE-2009-3555)\n\n Refer to the linked Knowledgebase article for additional details about\n this flaw.\n\n All openssl097a users should upgrade to these updated packages, which\n contain a backported patch to resolve this issue. For the update to take\n effect, all services linked to the openssl097a library must be restarted,\n or the system rebooted.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl097a\", rpm:\"openssl097a~0.9.7a~9.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2018-01-19T15:04:46", "description": "Check for the Version of nss", "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "openvas", "title": "RedHat Update for nss RHSA-2010:0165-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-01-18T00:00:00", "id": "OPENVAS:1361412562310870238", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870238", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for nss RHSA-2010:0165-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to support\n the cross-platform development of security-enabled client and server\n applications. Applications built with NSS can support SSLv2, SSLv3, TLS,\n and other security standards.\n\n Netscape Portable Runtime (NSPR) provides platform independence for non-GUI\n operating system facilities. These facilities include threads, thread\n synchronization, normal file and network I/O, interval timing, calendar\n time, basic memory management (malloc and free), and shared library\n linking.\n \n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handled session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update addresses this flaw by implementing the\n TLS Renegotiation Indication Extension, as defined in RFC 5746.\n (CVE-2009-3555)\n \n Refer to the following Knowledgebase article for additional details about\n this flaw: http://kbase.redhat.com/faq/docs/DOC-20491 \n \n Users of Red Hat Certificate System 7.3 and 8.0 should review the following\n Knowledgebase article before installing this update:\n http://kbase.redhat.com/faq/docs/DOC-28439\n \n All users of NSS are advised to upgrade to these updated packages, which\n update NSS to version 3.12.6. This erratum also updates the NSPR packages\n to the version required by NSS 3.12.6. All running applications using the\n NSS library must be restarted for this update to take effect.\";\n\ntag_affected = \"nss on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-March/msg00023.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870238\");\n script_version(\"$Revision: 8457 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 08:58:32 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0165-01\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"RedHat Update for nss RHSA-2010:0165-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-debuginfo\", rpm:\"nspr-debuginfo~4.8.4~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.8.4~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.12.6~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.12.6~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.12.6~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.12.6~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~1.1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-debuginfo\", rpm:\"nspr-debuginfo~4.8.4~1.1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.8.4~1.1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.12.6~1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.12.6~1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.12.6~1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:58", "description": "Check for the Version of nss", "cvss3": {}, "published": "2010-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for nss MDVSA-2010:069 (nss)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:830970", "href": "http://plugins.openvas.org/nasl.php?oid=830970", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for nss MDVSA-2010:069 (nss)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in nss:\n\n The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as\n used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl\n in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l,\n GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS)\n 3.12.4 and earlier, and other products, does not properly associate\n renegotiation handshakes with an existing connection, which allows\n man-in-the-middle attackers to insert data into HTTPS sessions,\n and possibly other types of sessions protected by TLS or SSL, by\n sending an unauthenticated request that is processed retroactively\n by a server in a post-renegotiation context, related to a plaintext\n injection attack, aka the Project Mogul issue (CVE-2009-3555).\n \n Additionally the NSPR package has been upgraded to 4.8.4 that brings\n numerous upstream fixes.\n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers.\n \n This update provides the latest versions of NSS and NSPR libraries\n and for which NSS is not vulnerable to this attack.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"nss on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00000.php\");\n script_id(830970);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-09 11:11:25 +0200 (Fri, 09 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:069\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Mandriva Update for nss MDVSA-2010:069 (nss)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.8.4~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.8.4~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.8.4~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.8.4~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.8.4~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.8.4~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.8.4~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.8.4~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.8.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.8.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.8.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.8.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.8.4~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.8.4~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.8.4~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.8.4~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.8.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.8.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.8.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.8.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:22", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:057.", "cvss3": {}, "published": "2009-11-23T00:00:00", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:057 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66302", "href": "http://plugins.openvas.org/nasl.php?oid=66302", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_057.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:057 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The TLS/SSLv3 protocol as implemented in openssl prior to this update\nwas not able to associate already sent data to a renegotiated connection.\nThis allowed man-in-the-middle attackers to inject HTTP requests in a\nHTTPS session without being noticed.\nFor example Apache's mod_ssl was vulnerable to this kind of attack because\nit uses openssl.\n\nIt is believed that this vulnerability is actively exploited in the wild to\nget access to HTTPS protected web-sites.\n\nPlease note that renegotiation will be disabled for any application using\nopenssl by this update and may cause problems in some cases.\nAdditionally this attack is not limited to HTTP.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:057\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:057.\";\n\n \n\nif(description)\n{\n script_id(66302);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-23 20:51:51 +0100 (Mon, 23 Nov 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:057 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo\", rpm:\"compat-openssl097g-debuginfo~0.9.7g~149.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debugsource\", rpm:\"compat-openssl097g-debugsource~0.9.7g~149.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo\", rpm:\"libopenssl0_9_8-debuginfo~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~149.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo\", rpm:\"compat-openssl097g-debuginfo~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debugsource\", rpm:\"compat-openssl097g-debugsource~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo\", rpm:\"compat-openssl097g-debuginfo~0.9.7g~119.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debugsource\", rpm:\"compat-openssl097g-debugsource~0.9.7g~119.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~119.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8h~28.2.1\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8h~25.2.13\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo-64bit\", rpm:\"compat-openssl097g-debuginfo-64bit~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-64bit\", rpm:\"compat-openssl097g-64bit~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-64bit\", rpm:\"libopenssl0_9_8-64bit~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-64bit\", rpm:\"compat-openssl097g-64bit~0.9.7g~119.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-64bit\", rpm:\"libopenssl0_9_8-64bit~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo-32bit\", rpm:\"compat-openssl097g-debuginfo-32bit~0.9.7g~149.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo-32bit\", rpm:\"libopenssl0_9_8-debuginfo-32bit~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-32bit\", rpm:\"compat-openssl097g-32bit~0.9.7g~149.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8k~3.5.3\", rls:\"openSUSE11.2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-debuginfo-32bit\", rpm:\"compat-openssl097g-debuginfo-32bit~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-32bit\", rpm:\"compat-openssl097g-32bit~0.9.7g~146.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8h~28.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g-32bit\", rpm:\"compat-openssl097g-32bit~0.9.7g~119.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8g~47.10\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:17:59", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-927-6", "cvss3": {}, "published": "2010-07-26T00:00:00", "type": "openvas", "title": "Ubuntu Update for nss vulnerability USN-927-6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840468", "href": "http://plugins.openvas.org/nasl.php?oid=840468", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_927_6.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for nss vulnerability USN-927-6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-927-1 fixed vulnerabilities in NSS on Ubuntu 9.10. This update provides the\n corresponding updates for Ubuntu 9.04.\n\n Original advisory details:\n \n Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds support for the new\n new renegotiation extension and will use it when the server supports it.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-927-6\";\ntag_affected = \"nss vulnerability on Ubuntu 9.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-927-6/\");\n script_id(840468);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"927-6\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Ubuntu Update for nss vulnerability USN-927-6\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3-1d-dbg\", ver:\"3.12.6-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"3.12.6-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"3.12.6-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-0d\", ver:\"3.12.6-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"3.12.6-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:56", "description": "Check for the Version of openssl097a", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for openssl097a CESA-2010:0164 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880612", "href": "http://plugins.openvas.org/nasl.php?oid=880612", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl097a CESA-2010:0164 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handled session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update addresses this flaw by implementing the\n TLS Renegotiation Indication Extension, as defined in RFC 5746.\n (CVE-2009-3555)\n \n Refer to the following Knowledgebase article for additional details about\n this flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n \n All openssl097a users should upgrade to these updated packages, which\n contain a backported patch to resolve this issue. For the update to take\n effect, all services linked to the openssl097a library must be restarted,\n or the system rebooted.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"openssl097a on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-March/016596.html\");\n script_id(880612);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0164\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"CentOS Update for openssl097a CESA-2010:0164 centos5 i386\");\n\n script_summary(\"Check for the Version of openssl097a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl097a\", rpm:\"openssl097a~0.9.7a~9.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:11", "description": "Check for the Version of nss", "cvss3": {}, "published": "2010-03-02T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2010-1127", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:861695", "href": "http://plugins.openvas.org/nasl.php?oid=861695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2010-1127\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora 12\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034817.html\");\n script_id(861695);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-1127\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Fedora Update for nss FEDORA-2010-1127\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.5~8.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:01", "description": "Oracle Linux Local Security Checks ELSA-2010-0165", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0165", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122383", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122383", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0165.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122383\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:17:54 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0165\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0165 - nss security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0165\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0165.html\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.8.4~1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.0.1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.12.6~1.0.1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.12.6~1.0.1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.12.6~1.0.1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2018-01-18T11:05:22", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-927-1", "cvss3": {}, "published": "2010-04-16T00:00:00", "type": "openvas", "title": "Ubuntu Update for nss vulnerability USN-927-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310840416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840416", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_927_1.nasl 8447 2018-01-17 16:12:19Z teissa $\n#\n# Ubuntu Update for nss vulnerability USN-927-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds support for the new\n new renegotiation extension and will use it when the server supports it.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-927-1\";\ntag_affected = \"nss vulnerability on Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-927-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840416\");\n script_version(\"$Revision: 8447 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:12:19 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-16 17:02:11 +0200 (Fri, 16 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"927-1\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Ubuntu Update for nss vulnerability USN-927-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3-1d-dbg\", ver:\"3.12.6-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"3.12.6-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"3.12.6-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-0d\", ver:\"3.12.6-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"3.12.6-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:22", "description": "Check for the Version of gnutls", "cvss3": {}, "published": "2010-06-28T00:00:00", "type": "openvas", "title": "Fedora Update for gnutls FEDORA-2010-9487", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:862207", "href": "http://plugins.openvas.org/nasl.php?oid=862207", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnutls FEDORA-2010-9487\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnutls on Fedora 12\";\ntag_insight = \"GnuTLS is a project that aims to develop a library which provides a secure\n layer, over a reliable transport layer. Currently the GnuTLS library implements\n the proposed standards by the IETF's TLS working group.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043445.html\");\n script_id(862207);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-28 09:16:14 +0200 (Mon, 28 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-9487\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Fedora Update for gnutls FEDORA-2010-9487\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnutls\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.8.6~2.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:58", "description": "The remote host is missing an update to proftpd\nannounced via advisory FEDORA-2009-13250.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-13250 (proftpd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66583", "href": "http://plugins.openvas.org/nasl.php?oid=66583", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_13250.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-13250 (proftpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details, please visit the referenced advisories.\n\nChangeLog:\n\n* Thu Dec 10 2009 Paul Howarth 1.3.2c-1\n- Update to 1.3.2c, addressing the following issues:\n- SSL/TLS renegotiation vulnerability (CVE-2009-3555, bug 3324)\n- Failed database transaction can cause mod_quotatab to loop (bug 3228)\n- Segfault in mod_wrap (bug 3332)\n- sections can have problems (bug 3337)\n- mod_wrap2 segfaults when a valid user retries the USER command (bug 3341)\n- mod_auth_file handles 'getgroups' request incorrectly (bug 3347)\n- Segfault caused by scrubbing zero-length portion of memory (bug 3350)\n- Drop upstreamed segfault patch\n* Thu Dec 10 2009 Paul Howarth 1.3.2b-3\n- Add patch for upstream bug 3350 - segfault on auth failures\n* Wed Dec 9 2009 Paul Howarth 1.3.2b-2\n- Reduce the mod_facts patch to the single commit addressing the issue with\ndirectory names with glob characters (#521634), avoiding introducing a\nfurther problem with (#544002)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update proftpd' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13250\";\ntag_summary = \"The remote host is missing an update to proftpd\nannounced via advisory FEDORA-2009-13250.\";\n\n\n\nif(description)\n{\n script_id(66583);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-13250 (proftpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=533125\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"proftpd\", rpm:\"proftpd~1.3.2c~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"proftpd-ldap\", rpm:\"proftpd-ldap~1.3.2c~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"proftpd-mysql\", rpm:\"proftpd-mysql~1.3.2c~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"proftpd-postgresql\", rpm:\"proftpd-postgresql~1.3.2c~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"proftpd-debuginfo\", rpm:\"proftpd-debuginfo~1.3.2c~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:10", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n compat-openssl097g\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES10: Security update for OpenSSL", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66278", "href": "http://plugins.openvas.org/nasl.php?oid=66278", "sourceData": "#\n#VID slesp2-compat-openssl097g-6656\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for OpenSSL\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n compat-openssl097g\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66278);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"SLES10: Security update for OpenSSL\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~13.19.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:17:51", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-990-2", "cvss3": {}, "published": "2010-09-27T00:00:00", "type": "openvas", "title": "Ubuntu Update for apache2 vulnerability USN-990-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840504", "href": "http://plugins.openvas.org/nasl.php?oid=840504", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_990_2.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for apache2 vulnerability USN-990-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-860-1 introduced a partial workaround to Apache that disabled client\n initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1\n introduced the new RFC5746 renegotiation extension in openssl, and\n completely resolves the issue.\n\n After updating openssl, an Apache server will allow both patched and\n unpatched web browsers to connect, but unpatched browsers will not be able\n to renegotiate. This update introduces the new SSLInsecureRenegotiation\n directive for Apache that may be used to re-enable insecure renegotiations\n with unpatched web browsers. For more information, please refer to:\n http://httpd.apache.org/docs/2.2/mod/mod_ssl.html\n http://httpd.apache.org/docs/2.2/mod/mod_ssl.html\n \n Original advisory details:\n \n Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds backported support\n for the new RFC5746 renegotiation extension and will use it when both the\n client and the server support it.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-990-2\";\ntag_affected = \"apache2 vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-990-2/\");\n script_id(840504);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-27 08:14:44 +0200 (Mon, 27 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"990-2\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Ubuntu Update for apache2 vulnerability USN-990-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-bin\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-itk\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-common\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0-dev\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-bin\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-itk\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:09:59", "description": "This host installed with TLS/SSL protocol which is prone to Spoofing\n Vulnerability", "cvss3": {}, "published": "2010-02-11T00:00:00", "type": "openvas", "title": "Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:800466", "href": "http://plugins.openvas.org/nasl.php?oid=800466", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ms_tls_ssl_spoofing_vuln.nasl 5364 2017-02-20 13:26:07Z cfi $\n#\n# Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow remote attackers to prepend content into a\n legitimate, client-initiated request to a server in the context of a valid\n TLS/SSL-authenticated session.\n Impact Level: System\";\ntag_affected = \"Microsoft Windows XP Service Pack 3 and prior\n Microsoft Windows 2000 Service Pack 4 and prior\n Microsoft Windows 2003 Service Pack 2 and prior\";\ntag_insight = \"The flaw is due to an error in TLS/SSL, allows a malicious man-in-the-middle\n attack to introduce and execute a request in the protected TLS/SSL session\n between a client and a server.\";\ntag_solution = \"Run Windows Update and update the listed hotfixes or download and\n update mentioned hotfixes in the advisory from the below link,\n http://www.microsoft.com/technet/security/advisory/977377.mspx\";\ntag_summary = \"This host installed with TLS/SSL protocol which is prone to Spoofing\n Vulnerability\";\n\nif(description)\n{\n script_id(800466);\n script_version(\"$Revision: 5364 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 14:26:07 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-11 16:37:59 +0100 (Thu, 11 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_name(\"Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/977377\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/0349\");\n script_xref(name : \"URL\" , value : \"http://www.microsoft.com/technet/security/advisory/977377.mspx\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Windows\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2k:5, xp:4, win2003:3) <= 0){\n exit(0);\n}\n\n# Check for Hotfix Missing 977377\nif(hotfix_missing(name:\"977377\") == 0){\n exit(0);\n}\n\nsysPath = registry_get_sz(key:\"SOFTWARE\\Microsoft\\COM3\\Setup\",\n item:\"Install Path\");\nif(!sysPath){\n exit(0);\n}\n\nshare = ereg_replace(pattern:\"([A-Z]):.*\", replace:\"\\1$\", string:sysPath);\nfile = ereg_replace(pattern:\"[A-Z]:(.*)\", replace:\"\\1\",\n string:sysPath + \"\\Schannel.dll\");\n\nsysVer = GetVer(file:file, share:share);\nif(!sysVer){\n exit(0);\n}\n\n# Windows 2K\nif(hotfix_check_sp(win2k:5) > 0)\n{\n # Grep for Schannel.dll version < 5.1.2195.7371\n if(version_is_less(version:sysVer, test_version:\"5.1.2195.7371\")){\n security_message(0);\n }\n}\n\n# Windows XP\nelse if(hotfix_check_sp(xp:4) > 0)\n{\n SP = get_kb_item(\"SMB/WinXP/ServicePack\");\n if(\"Service Pack 2\" >< SP)\n {\n # Grep for Schannel.dll < 5.1.2600.3664\n if(version_is_less(version:sysVer, test_version:\"5.1.2600.3664\")){\n security_message(0);\n }\n exit(0);\n }\n else if(\"Service Pack 3\" >< SP)\n {\n # Grep for Schannel.dll < 5.1.2600.5931\n if(version_is_less(version:sysVer, test_version:\"5.1.2600.5931\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n}\n\n# Windows 2003\nelse if(hotfix_check_sp(win2003:3) > 0)\n{\n SP = get_kb_item(\"SMB/Win2003/ServicePack\");\n if(\"Service Pack 2\" >< SP)\n {\n # Grep for Schannel.dll version < 5.2.3790.4657\n if(version_is_less(version:sysVer, test_version:\"5.2.3790.4657\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:21", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-990-2", "cvss3": {}, "published": "2010-09-27T00:00:00", "type": "openvas", "title": "Ubuntu Update for apache2 vulnerability USN-990-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:1361412562310840504", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840504", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_990_2.nasl 8246 2017-12-26 07:29:20Z teissa $\n#\n# Ubuntu Update for apache2 vulnerability USN-990-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-860-1 introduced a partial workaround to Apache that disabled client\n initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1\n introduced the new RFC5746 renegotiation extension in openssl, and\n completely resolves the issue.\n\n After updating openssl, an Apache server will allow both patched and\n unpatched web browsers to connect, but unpatched browsers will not be able\n to renegotiate. This update introduces the new SSLInsecureRenegotiation\n directive for Apache that may be used to re-enable insecure renegotiations\n with unpatched web browsers. For more information, please refer to:\n http://httpd.apache.org/docs/2.2/mod/mod_ssl.html\n http://httpd.apache.org/docs/2.2/mod/mod_ssl.html\n \n Original advisory details:\n \n Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds backported support\n for the new RFC5746 renegotiation extension and will use it when both the\n client and the server support it.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-990-2\";\ntag_affected = \"apache2 vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-990-2/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840504\");\n script_version(\"$Revision: 8246 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 08:29:20 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-27 08:14:44 +0200 (Mon, 27 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"990-2\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Ubuntu Update for apache2 vulnerability USN-990-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-bin\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-itk\", ver:\"2.2.12-1ubuntu2.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-common\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0-dev\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.0.55-4ubuntu2.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-bin\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-itk\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.14-5ubuntu8.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.11-2ubuntu2.7\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.8-1ubuntu0.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:26", "description": "Check for the Version of gnutls", "cvss3": {}, "published": "2010-06-25T00:00:00", "type": "openvas", "title": "Fedora Update for gnutls FEDORA-2010-9518", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:862184", "href": "http://plugins.openvas.org/nasl.php?oid=862184", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnutls FEDORA-2010-9518\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnutls on Fedora 13\";\ntag_insight = \"GnuTLS is a project that aims to develop a library which provides a secure\n layer, over a reliable transport layer. Currently the GnuTLS library implements\n the proposed standards by the IETF's TLS working group.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043275.html\");\n script_id(862184);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-25 12:25:26 +0200 (Fri, 25 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-9518\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Fedora Update for gnutls FEDORA-2010-9518\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnutls\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.8.6~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:34", "description": "Check for the Version of openssl097a", "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "openvas", "title": "RedHat Update for openssl097a RHSA-2010:0164-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:1361412562310870236", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870236", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl097a RHSA-2010:0164-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handled session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update addresses this flaw by implementing the\n TLS Renegotiation Indication Extension, as defined in RFC 5746.\n (CVE-2009-3555)\n \n Refer to the following Knowledgebase article for additional details about\n this flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n \n All openssl097a users should upgrade to these updated packages, which\n contain a backported patch to resolve this issue. For the update to take\n effect, all services linked to the openssl097a library must be restarted,\n or the system rebooted.\";\n\ntag_affected = \"openssl097a on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-March/msg00022.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870236\");\n script_version(\"$Revision: 8254 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 08:29:05 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0164-01\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"RedHat Update for openssl097a RHSA-2010:0164-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl097a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl097a\", rpm:\"openssl097a~0.9.7a~9.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl097a-debuginfo\", rpm:\"openssl097a-debuginfo~0.9.7a~9.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:17:56", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-927-5", "cvss3": {}, "published": "2010-07-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for nspr update USN-927-5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840453", "href": "http://plugins.openvas.org/nasl.php?oid=840453", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_927_5.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for nspr update USN-927-5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR\n needed to use the new NSS.\n\n Original advisory details:\n \n Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds support for the new\n new renegotiation extension and will use it when the server supports it.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-927-5\";\ntag_affected = \"nspr update on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-927-5/\");\n script_id(840453);\n script_cve_id(\"CVE-2009-3555\");\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-02 14:26:21 +0200 (Fri, 02 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"927-5\");\n script_name(\"Ubuntu Update for nspr update USN-927-5\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnspr4-0d-dbg\", ver:\"4.8-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4-0d\", ver:\"4.8-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4-dev\", ver:\"4.8-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:33:22", "description": "Check for the Version of nss", "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2010-3905", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:861798", "href": "http://plugins.openvas.org/nasl.php?oid=861798", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2010-3905\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora 11\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037711.html\");\n script_id(861798);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-3905\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Fedora Update for nss FEDORA-2010-3905\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.2.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-27T19:23:08", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS10-049.", "cvss3": {}, "published": "2010-08-11T00:00:00", "type": "openvas", "title": "Remote Code Execution Vulnerabilities in SChannel (980436)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310900247", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900247", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Remote Code Execution Vulnerabilities in SChannel (980436)\n#\n# Authors:\n# Veerendra G.G <veerendragg@secpod.com>\n#\n# Updated By: Madhuri D <dmadhuri@secpod.com> on 2010-09-12\n# - To detect file version 'SChannel.dll' on vista, win 2008 and win 7\n#\n# Copyright (C) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Fioundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900247\");\n script_version(\"2020-04-23T12:22:09+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 12:22:09 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-08-11 15:08:29 +0200 (Wed, 11 Aug 2010)\");\n script_bugtraq_id(36935);\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Remote Code Execution Vulnerabilities in SChannel (980436)\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/54158\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/registry_enumerated\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this issue may allow attackers to perform limited\n man-in-the-middle attacks to inject data into the beginning of the\n application protocol stream to execute HTTP transactions, bypass\n authentication.\");\n script_tag(name:\"affected\", value:\"- Microsoft Windows 7\n\n - Microsoft Windows XP Service Pack 3 and prior\n\n - Microsoft Windows 2K3 Service Pack 2 and prior\n\n - Microsoft Windows Vista Service Pack 1/2 and prior\n\n - Microsoft Windows Server 2008 Service Pack 1/2 and prior\");\n script_tag(name:\"insight\", value:\"A flaw exists in the Microsoft Windows SChannel (Secure Channel)\n authentication component when using certificate based authentication, which\n allows spoofing.\");\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n script_tag(name:\"summary\", value:\"This host is missing a critical security update according to\n Microsoft Bulletin MS10-049.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(xp:4, win2003:3, winVista:3, win7:1, win2008:3) <= 0){\n exit(0);\n}\n\nif(hotfix_missing(name:\"980436\") == 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(sysPath)\n{\n dllVer = fetch_file_version(sysPath:sysPath, file_name:\"Schannel.dll\");\n if(!dllVer){\n exit(0);\n }\n}\n\nif(hotfix_check_sp(xp:4) > 0)\n{\n SP = get_kb_item(\"SMB/WinXP/ServicePack\");\n if(\"Service Pack 3\" >< SP)\n {\n if(version_is_less(version:dllVer, test_version:\"5.1.2600.6006\")){\n report = report_fixed_ver(installed_version:dllVer, fixed_version:\"5.1.2600.6006\", install_path:sysPath);\n security_message(port: 0, data: report);\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n\nif(hotfix_check_sp(win2003:3) > 0)\n{\n SP = get_kb_item(\"SMB/Win2003/ServicePack\");\n if(\"Service Pack 2\" >< SP)\n {\n if(version_is_less(version:dllVer, test_version:\"5.2.3790.4724\")){\n report = report_fixed_ver(installed_version:dllVer, fixed_version:\"5.2.3790.4724\", install_path:sysPath);\n security_message(port: 0, data: report);\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n\nsysPath = smb_get_system32root();\nif(sysPath)\n{\n dllVer = fetch_file_version(sysPath:sysPath, file_name:\"Schannel.dll\");\n if(!dllVer){\n exit(0);\n }\n}\n\nif(hotfix_check_sp(winVista:3) > 0)\n{\n SP = get_kb_item(\"SMB/WinVista/ServicePack\");\n if(\"Service Pack 1\" >< SP)\n {\n if(version_is_less(version:dllVer, test_version:\"6.0.6001.18490\")){\n report = report_fixed_ver(installed_version:dllVer, fixed_version:\"6.0.6001.18490\", install_path:sysPath);\n security_message(port: 0, data: report);\n }\n exit(0);\n }\n\n if(\"Service Pack 2\" >< SP)\n {\n if(version_is_less(version:dllVer, test_version:\"6.0.6002.18269\")){\n report = report_fixed_ver(installed_version:dllVer, fixed_version:\"6.0.6002.18269\", install_path:sysPath);\n security_message(port: 0, data: report);\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n\nelse if(hotfix_check_sp(win2008:3) > 0)\n{\n SP = get_kb_item(\"SMB/Win2008/ServicePack\");\n if(\"Service Pack 1\" >< SP)\n {\n if(version_is_less(version:dllVer, test_version:\"6.0.6001.18490\")){\n report = report_fixed_ver(installed_version:dllVer, fixed_version:\"6.0.6001.18490\", install_path:sysPath);\n security_message(port: 0, data: report);\n }\n exit(0);\n }\n\n if(\"Service Pack 2\" >< SP)\n {\n if(version_is_less(version:dllVer, test_version:\"6.0.6002.18269\")){\n report = report_fixed_ver(installed_version:dllVer, fixed_version:\"6.0.6002.18269\", install_path:sysPath);\n security_message(port: 0, data: report);\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n\nelse if(hotfix_check_sp(win7:1) > 0)\n{\n if(version_is_less(version:dllVer, test_version:\"6.1.7600.16612\")){\n report = report_fixed_ver(installed_version:dllVer, fixed_version:\"6.1.7600.16612\", install_path:sysPath);\n security_message(port: 0, data: report);\n }\n}\n\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-04-27T19:23:06", "description": "This host installed with TLS/SSL protocol which is prone to Spoofing\n Vulnerability", "cvss3": {}, "published": "2010-02-11T00:00:00", "type": "openvas", "title": "Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310800466", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800466", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800466\");\n script_version(\"2020-04-23T12:22:09+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 12:22:09 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-02-11 16:37:59 +0100 (Thu, 11 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_name(\"Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/977377\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/0349\");\n script_xref(name:\"URL\", value:\"http://www.microsoft.com/technet/security/advisory/977377.mspx\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Windows\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/registry_enumerated\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow remote attackers to prepend content into a\n legitimate, client-initiated request to a server in the context of a valid\n TLS/SSL-authenticated session.\");\n script_tag(name:\"affected\", value:\"- Microsoft Windows XP Service Pack 3 and prior\n\n - Microsoft Windows 2000 Service Pack 4 and prior\n\n - Microsoft Windows 2003 Service Pack 2 and prior\");\n script_tag(name:\"insight\", value:\"The flaw is due to an error in TLS/SSL, allows a malicious man-in-the-middle\n attack to introduce and execute a request in the protected TLS/SSL session\n between a client and a server.\");\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"This host installed with TLS/SSL protocol which is prone to Spoofing\n Vulnerability\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2k:5, xp:4, win2003:3) <= 0){\n exit(0);\n}\n\nif(hotfix_missing(name:\"977377\") == 0){\n exit(0);\n}\n\nsysPath = registry_get_sz(key:\"SOFTWARE\\Microsoft\\COM3\\Setup\",\n item:\"Install Path\");\nif(!sysPath){\n exit(0);\n}\n\nshare = ereg_replace(pattern:\"([A-Z]):.*\", replace:\"\\1$\", string:sysPath);\nfile = ereg_replace(pattern:\"[A-Z]:(.*)\", replace:\"\\1\",\n string:sysPath + \"\\Schannel.dll\");\n\nsysVer = GetVer(file:file, share:share);\nif(!sysVer){\n exit(0);\n}\n\nif(hotfix_check_sp(win2k:5) > 0)\n{\n if(version_is_less(version:sysVer, test_version:\"5.1.2195.7371\")){\n report = report_fixed_ver(installed_version:sysVer, fixed_version:\"5.1.2195.7371\");\n security_message(port: 0, data: report);\n }\n}\n\nelse if(hotfix_check_sp(xp:4) > 0)\n{\n SP = get_kb_item(\"SMB/WinXP/ServicePack\");\n if(\"Service Pack 2\" >< SP)\n {\n if(version_is_less(version:sysVer, test_version:\"5.1.2600.3664\")){\n report = report_fixed_ver(installed_version:sysVer, fixed_version:\"5.1.2600.3664\");\n security_message(port: 0, data: report);\n }\n exit(0);\n }\n else if(\"Service Pack 3\" >< SP)\n {\n if(version_is_less(version:sysVer, test_version:\"5.1.2600.5931\")){\n report = report_fixed_ver(installed_version:sysVer, fixed_version:\"5.1.2600.5931\");\n security_message(port: 0, data: report);\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n\nelse if(hotfix_check_sp(win2003:3) > 0)\n{\n SP = get_kb_item(\"SMB/Win2003/ServicePack\");\n if(\"Service Pack 2\" >< SP)\n {\n if(version_is_less(version:sysVer, test_version:\"5.2.3790.4657\")){\n report = report_fixed_ver(installed_version:sysVer, fixed_version:\"5.2.3790.4657\");\n security_message(port: 0, data: report);\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2017-07-02T21:13:58", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-09:15.ssl.asc", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "FreeBSD Security Advisory (FreeBSD-SA-09:15.ssl.asc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2016-12-28T00:00:00", "id": "OPENVAS:66353", "href": "http://plugins.openvas.org/nasl.php?oid=66353", "sourceData": "#\n#ADV FreeBSD-SA-09:15.ssl.asc\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from ADV FreeBSD-SA-09:15.ssl.asc\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_insight = \"The SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols\nprovide a secure communications layer over which other protocols can be\nutilized. The most widespread use of SSL/TLS is to add security to the\nHTTP protocol, thus producing HTTPS.\n\nFreeBSD includes software from the OpenSSL Project which implements SSL\nand TLS.\n\nThe SSL version 3 and TLS protocols support session renegotiation without\ncryptographically tying the new session parameters to the old parameters.\";\ntag_solution = \"Upgrade your system to the appropriate stable release\nor security branch dated after the correction date\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-09:15.ssl.asc\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-09:15.ssl.asc\";\n\n\nif(description)\n{\n script_id(66353);\n script_version(\"$Revision: 4865 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-28 17:16:43 +0100 (Wed, 28 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"FreeBSD Security Advisory (FreeBSD-SA-09:15.ssl.asc)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdpatchlevel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\nif(patchlevelcmp(rel:\"8.0\", patchlevel:\"1\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"7.2\", patchlevel:\"5\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"7.1\", patchlevel:\"9\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"6.4\", patchlevel:\"8\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"6.3\", patchlevel:\"14\")<0) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:53", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl\n openssl-devel\n openssl-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES10: Security update for OpenSSL", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66279", "href": "http://plugins.openvas.org/nasl.php?oid=66279", "sourceData": "#\n#VID slesp2-openssl-6654\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for OpenSSL\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl\n openssl-devel\n openssl-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66279);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"SLES10: Security update for OpenSSL\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8a~18.39.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8a~18.39.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8a~18.39.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:51", "description": "The remote host is missing an update to nss-util\nannounced via advisory FEDORA-2009-12968.", "cvss3": {}, "published": "2009-12-14T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-12968 (nss-util)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066497", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066497", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12968.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12968 (nss-util)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to 3.12.5 This update fixes the following security flaw:\nCVE-2009-3555 TLS: MITM attacks via session renegotiation\n\nChangeLog:\n\n* Thu Dec 3 2009 Elio Maldonado - 3.12.5-1.1\n- Update to 3.12.5\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nss-util' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12968\";\ntag_summary = \"The remote host is missing an update to nss-util\nannounced via advisory FEDORA-2009-12968.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66497\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-12968 (nss-util)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=533125\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.12.5~1.fc12.1\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.12.5~1.fc12.1\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.12.5~1.fc12.1\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-15T11:58:20", "description": "Check for the Version of nspr", "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "openvas", "title": "CentOS Update for nspr CESA-2010:0165 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-15T00:00:00", "id": "OPENVAS:880382", "href": "http://plugins.openvas.org/nasl.php?oid=880382", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nspr CESA-2010:0165 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to support\n the cross-platform development of security-enabled client and server\n applications. Applications built with NSS can support SSLv2, SSLv3, TLS,\n and other security standards.\n\n Netscape Portable Runtime (NSPR) provides platform independence for non-GUI\n operating system facilities. These facilities include threads, thread\n synchronization, normal file and network I/O, interval timing, calendar\n time, basic memory management (malloc and free), and shared library\n linking.\n \n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handled session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update addresses this flaw by implementing the\n TLS Renegotiation Indication Extension, as defined in RFC 5746.\n (CVE-2009-3555)\n \n Refer to the following Knowledgebase article for additional details about\n this flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n \n Users of Red Hat Certificate System 7.3 and 8.0 should review the following\n Knowledgebase article before installing this update:\n http://kbase.redhat.com/faq/docs/DOC-28439\n \n All users of NSS are advised to upgrade to these updated packages, which\n update NSS to version 3.12.6. This erratum also updates the NSPR packages\n to the version required by NSS 3.12.6. All running applications using the\n NSS library must be restarted for this update to take effect.\";\n\ntag_affected = \"nspr on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-March/016607.html\");\n script_id(880382);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0165\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"CentOS Update for nspr CESA-2010:0165 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nspr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~1.1.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.8.4~1.1.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.12.6~1.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.12.6~1.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for nspr CESA-2010:0165 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880611", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880611", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nspr CESA-2010:0165 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.880611\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2010:0165\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"CentOS Update for nspr CESA-2010:0165 centos5 i386\");\n\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-March/016602.html\");\n script_xref(name:\"URL\", value:\"http://kbase.redhat.com/faq/docs/DOC-20491\");\n script_xref(name:\"URL\", value:\"http://kbase.redhat.com/faq/docs/DOC-28439\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nspr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"nspr on CentOS 5\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\n the cross-platform development of security-enabled client and server\n applications. Applications built with NSS can support SSLv2, SSLv3, TLS,\n and other security standards.\n\n Netscape Portable Runtime (NSPR) provides platform independence for non-GUI\n operating system facilities. These facilities include threads, thread\n synchronization, normal file and network I/O, interval timing, calendar\n time, basic memory management (malloc and free), and shared library\n linking.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handled session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update addresses this flaw by implementing the\n TLS Renegotiation Indication Extension, as defined in RFC 5746.\n (CVE-2009-3555)\n\n Refer to the referenced Knowledgebase article for additional details about\n this flaw.\n\n Users of Red Hat Certificate System 7.3 and 8.0 should review the referenced\n Knowledgebase article before installing this update.\n\n All users of NSS are advised to upgrade to these updated packages, which\n update NSS to version 3.12.6. This erratum also updates the NSPR packages\n to the version required by NSS 3.12.6. All running applications using the\n NSS library must be restarted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~1.el5_4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.8.4~1.el5_4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.12.6~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.12.6~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.12.6~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2018-01-02T10:54:51", "description": "Check for the Version of nss", "cvss3": {}, "published": "2010-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for nss MDVSA-2010:069 (nss)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:1361412562310830970", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830970", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for nss MDVSA-2010:069 (nss)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in nss:\n\n The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as\n used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl\n in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l,\n GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS)\n 3.12.4 and earlier, and other products, does not properly associate\n renegotiation handshakes with an existing connection, which allows\n man-in-the-middle attackers to insert data into HTTPS sessions,\n and possibly other types of sessions protected by TLS or SSL, by\n sending an unauthenticated request that is processed retroactively\n by a server in a post-renegotiation context, related to a plaintext\n injection attack, aka the Project Mogul issue (CVE-2009-3555).\n \n Additionally the NSPR package has been upgraded to 4.8.4 that brings\n numerous upstream fixes.\n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers.\n \n This update provides the latest versions of NSS and NSPR libraries\n and for which NSS is not vulnerable to this attack.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"nss on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00000.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830970\");\n script_version(\"$Revision: 8266 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 08:28:32 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-09 11:11:25 +0200 (Fri, 09 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:069\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Mandriva Update for nss MDVSA-2010:069 (nss)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.8.4~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.8.4~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.8.4~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.8.4~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.6~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.8.4~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.8.4~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.8.4~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.8.4~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.6~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.8.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.8.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.8.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.8.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.8.4~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.8.4~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.8.4~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.8.4~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.6~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.8.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.8.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.8.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.8.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:23", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-09:15.ssl.asc", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "FreeBSD Security Advisory (FreeBSD-SA-09:15.ssl.asc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066353", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066353", "sourceData": "#\n#ADV FreeBSD-SA-09:15.ssl.asc\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from ADV FreeBSD-SA-09:15.ssl.asc\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_insight = \"The SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols\nprovide a secure communications layer over which other protocols can be\nutilized. The most widespread use of SSL/TLS is to add security to the\nHTTP protocol, thus producing HTTPS.\n\nFreeBSD includes software from the OpenSSL Project which implements SSL\nand TLS.\n\nThe SSL version 3 and TLS protocols support session renegotiation without\ncryptographically tying the new session parameters to the old parameters.\";\ntag_solution = \"Upgrade your system to the appropriate stable release\nor security branch dated after the correction date\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-09:15.ssl.asc\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-09:15.ssl.asc\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66353\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"FreeBSD Security Advisory (FreeBSD-SA-09:15.ssl.asc)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdpatchlevel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\nif(patchlevelcmp(rel:\"8.0\", patchlevel:\"1\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"7.2\", patchlevel:\"5\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"7.1\", patchlevel:\"9\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"6.4\", patchlevel:\"8\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"6.3\", patchlevel:\"14\")<0) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:13", "description": "The remote host is missing an update to tomcat-native\nannounced via advisory FEDORA-2009-12305.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-12305 (tomcat-native)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66562", "href": "http://plugins.openvas.org/nasl.php?oid=66562", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12305.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12305 (tomcat-native)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to 1.1.18, implementing a mitigation for CVE-2009-3555.\nhttp://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\nhttp://marc.info/?l=tomcat-dev&m=125900987921402&w=2\nhttp://marc.info/?l=tomcat-dev&m=125874793414940&w=2\nhttp://marc.info/?l=tomcat-user&m=125874793614950&w=2\n\nChangeLog:\n\n* Tue Nov 24 2009 Ville Skytt\u00e4 - 1.1.18-1\n- Update to 1.1.18 (security; CVE-2009-3555).\n* Wed Nov 4 2009 Ville Skytt\u00e4 - 1.1.17-1\n- Update to 1.1.17 (#532931).\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update tomcat-native' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12305\";\ntag_summary = \"The remote host is missing an update to tomcat-native\nannounced via advisory FEDORA-2009-12305.\";\n\n\n\nif(description)\n{\n script_id(66562);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-12305 (tomcat-native)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat-native\", rpm:\"tomcat-native~1.1.18~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat-native-debuginfo\", rpm:\"tomcat-native-debuginfo~1.1.18~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:27", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-927-5", "cvss3": {}, "published": "2010-07-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for nspr update USN-927-5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:1361412562310840453", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840453", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_927_5.nasl 8228 2017-12-22 07:29:52Z teissa $\n#\n# Ubuntu Update for nspr update USN-927-5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR\n needed to use the new NSS.\n\n Original advisory details:\n \n Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds support for the new\n new renegotiation extension and will use it when the server supports it.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-927-5\";\ntag_affected = \"nspr update on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-927-5/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840453\");\n script_cve_id(\"CVE-2009-3555\");\n script_version(\"$Revision: 8228 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 08:29:52 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-02 14:26:21 +0200 (Fri, 02 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"927-5\");\n script_name(\"Ubuntu Update for nspr update USN-927-5\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnspr4-0d-dbg\", ver:\"4.8-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4-0d\", ver:\"4.8-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4-dev\", ver:\"4.8-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:32:42", "description": "Check for the Version of nss", "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "openvas", "title": "RedHat Update for nss RHSA-2010:0165-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:870238", "href": "http://plugins.openvas.org/nasl.php?oid=870238", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for nss RHSA-2010:0165-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to support\n the cross-platform development of security-enabled client and server\n applications. Applications built with NSS can support SSLv2, SSLv3, TLS,\n and other security standards.\n\n Netscape Portable Runtime (NSPR) provides platform independence for non-GUI\n operating system facilities. These facilities include threads, thread\n synchronization, normal file and network I/O, interval timing, calendar\n time, basic memory management (malloc and free), and shared library\n linking.\n \n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handled session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update addresses this flaw by implementing the\n TLS Renegotiation Indication Extension, as defined in RFC 5746.\n (CVE-2009-3555)\n \n Refer to the following Knowledgebase article for additional details about\n this flaw: http://kbase.redhat.com/faq/docs/DOC-20491 \n \n Users of Red Hat Certificate System 7.3 and 8.0 should review the following\n Knowledgebase article before installing this update:\n http://kbase.redhat.com/faq/docs/DOC-28439\n \n All users of NSS are advised to upgrade to these updated packages, which\n update NSS to version 3.12.6. This erratum also updates the NSPR packages\n to the version required by NSS 3.12.6. All running applications using the\n NSS library must be restarted for this update to take effect.\";\n\ntag_affected = \"nss on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-March/msg00023.html\");\n script_id(870238);\n script_version(\"$Revision: 8205 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0165-01\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"RedHat Update for nss RHSA-2010:0165-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-debuginfo\", rpm:\"nspr-debuginfo~4.8.4~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.8.4~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.12.6~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.12.6~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.12.6~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.12.6~1.el5_4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~1.1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-debuginfo\", rpm:\"nspr-debuginfo~4.8.4~1.1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.8.4~1.1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.12.6~1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.12.6~1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.12.6~1.el4_8\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:45", "description": "The remote host is missing an update to tomcat-native\nannounced via advisory FEDORA-2009-12305.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-12305 (tomcat-native)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066562", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066562", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12305.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12305 (tomcat-native)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to 1.1.18, implementing a mitigation for CVE-2009-3555.\nhttp://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\nhttp://marc.info/?l=tomcat-dev&m=125900987921402&w=2\nhttp://marc.info/?l=tomcat-dev&m=125874793414940&w=2\nhttp://marc.info/?l=tomcat-user&m=125874793614950&w=2\n\nChangeLog:\n\n* Tue Nov 24 2009 Ville Skytt\u00e4 - 1.1.18-1\n- Update to 1.1.18 (security; CVE-2009-3555).\n* Wed Nov 4 2009 Ville Skytt\u00e4 - 1.1.17-1\n- Update to 1.1.17 (#532931).\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update tomcat-native' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12305\";\ntag_summary = \"The remote host is missing an update to tomcat-native\nannounced via advisory FEDORA-2009-12305.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66562\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-12305 (tomcat-native)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat-native\", rpm:\"tomcat-native~1.1.18~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat-native-debuginfo\", rpm:\"tomcat-native-debuginfo~1.1.18~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:11", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl\n openssl-devel\n openssl-doc\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5062661 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-23T00:00:00", "type": "openvas", "title": "SLES9: Security update for OpenSSL", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066310", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066310", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5062661.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for OpenSSL\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl\n openssl-devel\n openssl-doc\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5062661 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66310\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-23 20:51:51 +0100 (Mon, 23 Nov 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"SLES9: Security update for OpenSSL\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.7d~15.41\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:05:18", "description": "Check for the Version of nspr", "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "openvas", "title": "CentOS Update for nspr CESA-2010:0165 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:1361412562310880382", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880382", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nspr CESA-2010:0165 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to support\n the cross-platform development of security-enabled client and server\n applications. Applications built with NSS can support SSLv2, SSLv3, TLS,\n and other security standards.\n\n Netscape Portable Runtime (NSPR) provides platform independence for non-GUI\n operating system facilities. These facilities include threads, thread\n synchronization, normal file and network I/O, interval timing, calendar\n time, basic memory management (malloc and free), and shared library\n linking.\n \n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handled session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update addresses this flaw by implementing the\n TLS Renegotiation Indication Extension, as defined in RFC 5746.\n (CVE-2009-3555)\n \n Refer to the following Knowledgebase article for additional details about\n this flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n \n Users of Red Hat Certificate System 7.3 and 8.0 should review the following\n Knowledgebase article before installing this update:\n http://kbase.redhat.com/faq/docs/DOC-28439\n \n All users of NSS are advised to upgrade to these updated packages, which\n update NSS to version 3.12.6. This erratum also updates the NSPR packages\n to the version required by NSS 3.12.6. All running applications using the\n NSS library must be restarted for this update to take effect.\";\n\ntag_affected = \"nspr on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-March/016607.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880382\");\n script_version(\"$Revision: 8274 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 08:28:17 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0165\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"CentOS Update for nspr CESA-2010:0165 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nspr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.4~1.1.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.8.4~1.1.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.12.6~1.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.12.6~1.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-19T15:05:18", "description": "Check for the Version of nss", "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2010-3905", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2018-01-18T00:00:00", "id": "OPENVAS:1361412562310861798", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861798", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2010-3905\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora 11\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037711.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861798\");\n script_version(\"$Revision: 8457 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 08:58:32 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-3905\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Fedora Update for nss FEDORA-2010-3905\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.6~1.2.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:18:12", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-990-1", "cvss3": {}, "published": "2010-09-27T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl vulnerability USN-990-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840505", "href": "http://plugins.openvas.org/nasl.php?oid=840505", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_990_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for openssl vulnerability USN-990-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\n protocols. If an attacker could perform a man in the middle attack at the\n start of a TLS connection, the attacker could inject arbitrary content at\n the beginning of the user's session. This update adds backported support\n for the new RFC5746 renegotiation extension and will use it when both the\n client and the server support it.\n\n ATTENTION: After applying this update, a patched server will allow both\n patched and unpatched clients to connect, but unpatched clients will not be\n able to renegotiate. For more information, please refer to the following:\n http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html\n http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-990-1\";\ntag_affected = \"openssl vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-990-1/\");\n script_id(840505);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-27 08:14:44 +0200 (Mon, 27 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"990-1\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"Ubuntu Update for openssl vulnerability USN-990-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-16ubuntu3.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8a-7ubuntu0.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8a-7ubuntu0.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8a-7ubuntu0.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8a-7ubuntu0.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8a-7ubuntu0.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-udeb\", ver:\"0.9.8k-7ubuntu8.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-15ubuntu3.5\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-4ubuntu3.10\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:57", "description": "The remote host is missing an update to nss-util\nannounced via advisory FEDORA-2009-12968.", "cvss3": {}, "published": "2009-12-14T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-12968 (nss-util)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66497", "href": "http://plugins.openvas.org/nasl.php?oid=66497", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12968.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12968 (nss-util)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to 3.12.5 This update fixes the following security flaw:\nCVE-2009-3555 TLS: MITM attacks via session renegotiation\n\nChangeLog:\n\n* Thu Dec 3 2009 Elio Maldonado - 3.12.5-1.1\n- Update to 3.12.5\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update nss-util' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12968\";\ntag_summary = \"The remote host is missing an update to nss-util\nannounced via advisory FEDORA-2009-12968.\";\n\n\n\nif(description)\n{\n script_id(66497);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-12968 (nss-util)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=533125\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.12.5~1.fc12.1\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.12.5~1.fc12.1\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.12.5~1.fc12.1\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:47", "description": "Check for the Version of openssl097a", "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "openvas", "title": "RedHat Update for openssl097a RHSA-2010:0164-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:870236", "href": "http://plugins.openvas.org/nasl.php?oid=870236", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl097a RHSA-2010:0164-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handled session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update addresses this flaw by implementing the\n TLS Renegotiation Indication Extension, as defined in RFC 5746.\n (CVE-2009-3555)\n \n Refer to the following Knowledgebase article for additional details about\n this flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n \n All openssl097a users should upgrade to these updated packages, which\n contain a backported patch to resolve this issue. For the update to take\n effect, all services linked to the openssl097a library must be restarted,\n or the system rebooted.\";\n\ntag_affected = \"openssl097a on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-March/msg00022.html\");\n script_id(870236);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0164-01\");\n script_cve_id(\"CVE-2009-3555\");\n script_name(\"RedHat Update for openssl097a RHSA-2010:0164-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl097a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl097a\", rpm:\"openssl097a~0.9.7a~9.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl097a-debuginfo\", rpm:\"openssl097a-debuginfo~0.9.7a~9.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-08-19T13:05:57", "description": "- Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.64-1\n\n - update to 0.7.64\n\n - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.63-1\n\n - update to 0.7.63\n\n - Mon Sep 14 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.62-1\n\n - update to 0.7.62\n\n - fixes CVE-2009-2629\n\n - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.61-1\n\n - update to new stable 0.7.61\n\n - remove third-party module\n\n - Sat Apr 11 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> 0.6.36-1\n\n - update to 0.6.36\n\n - Wed Feb 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.35-3\n\n - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n\n - Thu Feb 19 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.35-2\n\n - rebuild\n\n - Thu Feb 19 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.35-1\n\n - update to 0.6.35\n\n - Sat Jan 17 2009 Tomas Mraz <tmraz at redhat.com> - 0.6.34-2\n\n - rebuild with new openssl\n\n - Tue Dec 30 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.34-1\n\n - update to 0.6.34\n\n - Thu Dec 4 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 0.6.33-2\n\n - Fix inclusion of /usr/share/nginx tree => no unowned directories.\n\n - Sun Nov 23 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.33-1\n\n - update to 0.6.33\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-08T00:00:00", "type": "nessus", "title": "Fedora 10 : nginx-0.7.64-1.fc10 (2009-12775)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nginx", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-12775.NASL", "href": "https://www.tenable.com/plugins/nessus/43033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12775.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43033);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2629\", \"CVE-2009-3555\", \"CVE-2009-3896\");\n script_bugtraq_id(36384, 36839, 36935);\n script_xref(name:\"FEDORA\", value:\"2009-12775\");\n\n script_name(english:\"Fedora 10 : nginx-0.7.64-1.fc10 (2009-12775)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner\n dot org> - 0.7.64-1\n\n - update to 0.7.64\n\n - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.63-1\n\n - update to 0.7.63\n\n - Mon Sep 14 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.62-1\n\n - update to 0.7.62\n\n - fixes CVE-2009-2629\n\n - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.61-1\n\n - update to new stable 0.7.61\n\n - remove third-party module\n\n - Sat Apr 11 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> 0.6.36-1\n\n - update to 0.6.36\n\n - Wed Feb 25 2009 Fedora Release Engineering <rel-eng at\n lists.fedoraproject.org> - 0.6.35-3\n\n - Rebuilt for\n https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n\n - Thu Feb 19 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.6.35-2\n\n - rebuild\n\n - Thu Feb 19 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.6.35-1\n\n - update to 0.6.35\n\n - Sat Jan 17 2009 Tomas Mraz <tmraz at redhat.com> -\n 0.6.34-2\n\n - rebuild with new openssl\n\n - Tue Dec 30 2008 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.6.34-1\n\n - update to 0.6.34\n\n - Thu Dec 4 2008 Michael Schwendt <mschwendt at\n fedoraproject.org> - 0.6.33-2\n\n - Fix inclusion of /usr/share/nginx tree => no unowned\n directories.\n\n - Sun Nov 23 2008 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.6.33-1\n\n - update to 0.6.33\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539573\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032251.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3f8a5a6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nginx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"nginx-0.7.64-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nginx\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:47", "description": "- Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.64-1\n\n - Update to new stable 0.7.64\n\n - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.63-1\n\n - Update to new stable 0.7.63\n\n - reinstate zlib dependency\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-08T00:00:00", "type": "nessus", "title": "Fedora 12 : nginx-0.7.64-1.fc12 (2009-12750)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nginx", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2009-12750.NASL", "href": "https://www.tenable.com/plugins/nessus/43032", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12750.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43032);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2629\", \"CVE-2009-3555\", \"CVE-2009-3896\");\n script_bugtraq_id(36384, 36839, 36935);\n script_xref(name:\"FEDORA\", value:\"2009-12750\");\n\n script_name(english:\"Fedora 12 : nginx-0.7.64-1.fc12 (2009-12750)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner\n dot org> - 0.7.64-1\n\n - Update to new stable 0.7.64\n\n - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.63-1\n\n - Update to new stable 0.7.63\n\n - reinstate zlib dependency\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539573\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032237.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72850b86\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nginx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"nginx-0.7.64-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nginx\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:52", "description": "- Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.64-1\n\n - update to 0.7.64\n\n - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.63-1\n\n - update to 0.7.63\n\n - Mon Sep 14 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.62-1\n\n - update to 0.7.62\n\n - fixes CVE-2009-2629\n\n - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.61-1\n\n - update to new stable 0.7.61\n\n - remove third-party module\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-08T00:00:00", "type": "nessus", "title": "Fedora 11 : nginx-0.7.64-1.fc11 (2009-12782)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nginx", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-12782.NASL", "href": "https://www.tenable.com/plugins/nessus/43034", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12782.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43034);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2629\", \"CVE-2009-3555\", \"CVE-2009-3896\");\n script_bugtraq_id(36384, 36839, 36935);\n script_xref(name:\"FEDORA\", value:\"2009-12782\");\n\n script_name(english:\"Fedora 11 : nginx-0.7.64-1.fc11 (2009-12782)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner\n dot org> - 0.7.64-1\n\n - update to 0.7.64\n\n - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.63-1\n\n - update to 0.7.63\n\n - Mon Sep 14 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.62-1\n\n - update to 0.7.62\n\n - fixes CVE-2009-2629\n\n - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.61-1\n\n - update to new stable 0.7.61\n\n - remove third-party module\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539573\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032258.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72595697\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nginx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"nginx-0.7.64-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nginx\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T16:26:46", "description": "The remote web server is running nginx, a lightweight, high performance web server / reverse proxy and email (IMAP/POP3) proxy.\n\nAccording to its Server response header, the installed version of nginx is affected by multiple vulnerabilities : - A remote buffer overflow attack related to its parsing of complex URIs.\n\n - A remote denial of service attack related to its parsing of HTTP request headers.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "nginx HTTP Request Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629", "CVE-2009-3896"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:nginx:nginx"], "id": "NGINX_HTTP_REQUEST_BUFFER_OVERFLOW.NASL", "href": "https://www.tenable.com/plugins/nessus/41608", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41608);\n script_version(\"1.31\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2009-2629\", \"CVE-2009-3896\");\n script_bugtraq_id(36384, 36839);\n script_xref(name:\"CERT\", value:\"180065\");\n\n script_name(english:\"nginx HTTP Request Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The web server on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote web server is running nginx, a lightweight, high\nperformance web server / reverse proxy and email (IMAP/POP3) proxy.\n\nAccording to its Server response header, the installed version of\nnginx is affected by multiple vulnerabilities : - A remote buffer\noverflow attack related to its parsing of complex URIs.\n\n - A remote denial of service attack related to its parsing\n of HTTP request headers.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://nginx.net/CHANGES\");\n script_set_attribute(attribute:\"see_also\", value:\"http://nginx.org/en/CHANGES-0.7\");\n script_set_attribute(attribute:\"see_also\", value:\"http://nginx.org/en/CHANGES-0.6\");\n script_set_attribute(attribute:\"see_also\", value:\"http://nginx.org/en/CHANGES-0.5\");\n script_set_attribute(attribute:\"see_also\", value:\"http://sysoev.ru/nginx/patch.180065.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2009/Oct/306\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.8.15, 0.7.62, 0.6.39, 0.5.38, or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2009-2629\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:nginx:nginx\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nginx_detect.nasl\", \"nginx_nix_installed.nbin\");\n script_require_keys(\"installed_sw/nginx\");\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nappname = 'nginx';\nget_install_count(app_name:appname, exit_if_zero:TRUE);\napp_info = vcf::combined_get_app_info(app:appname);\n\nvcf::check_all_backporting(app_info:app_info);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n# If the detection is only remote, Detection Method won't be set, and we should require paranoia\nif (empty_or_null(app_info['Detection Method']) && report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nconstraints = [\n {'min_version':'0.1.0', 'fixed_version':'0.5.38'},\n {'min_version':'0.6.0', 'fixed_version':'0.6.39'},\n {'min_version':'0.7.0', 'fixed_version':'0.7.62'},\n {'min_version':'0.8.0', 'fixed_version':'0.8.15'}\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:15", "description": "The remote host is running a version of nginx web server earlier than 0.5.38, 0.6.39, or 0.7.62. Such versions are potentially affected by a remote denial of service vulnerability because the application fails to to perform adequate bounds checking in the 'ngx_http_process_request_headers()' function of the 'src/http/ngx_http_request.c' source file. An attacker, exploiting this flaw, can cause the web server to crash, or potentially run arbitrary code subject to the privileges of the web server process.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2009-10-28T00:00:00", "type": "nessus", "title": "nginx HTTP Request Header Remote Buffer Overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3896"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:nginx:nginx:*:*:*:*:*:*:*:*"], "id": "5216.PRM", "href": "https://www.tenable.com/plugins/nnm/5216", "sourceData": "Binary data 5216.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T14:04:56", "description": "The remote host is affected by the vulnerability described in GLSA-201203-22 (nginx: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in nginx:\n The TLS protocol does not properly handle session renegotiation requests (CVE-2009-3555).\n The 'ngx_http_process_request_headers()' function in ngx_http_parse.c could cause a NULL pointer dereference (CVE-2009-3896).\n nginx does not properly sanitize user input for the the WebDAV COPY or MOVE methods (CVE-2009-3898).\n The 'ngx_resolver_copy()' function in ngx_resolver.c contains a boundary error which could cause a heap-based buffer overflow (CVE-2011-4315).\n nginx does not properly parse HTTP header responses which could expose sensitive information (CVE-2012-1180).\n Impact :\n\n A remote attacker could possibly execute arbitrary code with the privileges of the nginx process, cause a Denial of Service condition, create or overwrite arbitrary files, or obtain sensitive information.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-21T00:00:00", "type": "nessus", "title": "GLSA-201203-22 : nginx: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555", "CVE-2009-3896", "CVE-2009-3898", "CVE-2011-4315", "CVE-2012-1180"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:nginx", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201203-22.NASL", "href": "https://www.tenable.com/plugins/nessus/59614", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201203-22.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59614);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3896\", \"CVE-2009-3898\", \"CVE-2011-4315\", \"CVE-2012-1180\");\n script_bugtraq_id(36490, 36839, 36935, 50710, 52578);\n script_xref(name:\"GLSA\", value:\"201203-22\");\n\n script_name(english:\"GLSA-201203-22 : nginx: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201203-22\n(nginx: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in nginx:\n The TLS protocol does not properly handle session renegotiation\n requests (CVE-2009-3555).\n The 'ngx_http_process_request_headers()' function in ngx_http_parse.c\n could cause a NULL pointer dereference (CVE-2009-3896).\n nginx does not properly sanitize user input for the the WebDAV COPY\n or MOVE methods (CVE-2009-3898).\n The 'ngx_resolver_copy()' function in ngx_resolver.c contains a\n boundary error which could cause a heap-based buffer overflow\n (CVE-2011-4315).\n nginx does not properly parse HTTP header responses which could\n expose sensitive information (CVE-2012-1180).\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code with the\n privileges of the nginx process, cause a Denial of Service condition,\n create or overwrite arbitrary files, or obtain sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201203-22\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All nginx users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/nginx-1.0.14'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22, 119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/nginx\", unaffected:make_list(\"ge 1.0.14\"), vulnerable:make_list(\"lt 1.0.14\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nginx\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:19", "description": "Chris Ries discovered that nginx, a high-performance HTTP server, reverse proxy and IMAP/POP3 proxy server, is vulnerable to a buffer underflow when processing certain HTTP requests. An attacker can use this to execute arbitrary code with the rights of the worker process (www-data on Debian) or possibly perform denial of service attacks by repeatedly crashing worker processes via a specially crafted URL in an HTTP request.", "cvss3": {"score": null, "vector": null}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1884-1 : nginx - buffer underflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:nginx", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1884.NASL", "href": "https://www.tenable.com/plugins/nessus/44749", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1884. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44749);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-2629\");\n script_xref(name:\"DSA\", value:\"1884\");\n\n script_name(english:\"Debian DSA-1884-1 : nginx - buffer underflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chris Ries discovered that nginx, a high-performance HTTP server,\nreverse proxy and IMAP/POP3 proxy server, is vulnerable to a buffer\nunderflow when processing certain HTTP requests. An attacker can use\nthis to execute arbitrary code with the rights of the worker process\n(www-data on Debian) or possibly perform denial of service attacks by\nrepeatedly crashing worker processes via a specially crafted URL in an\nHTTP request.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1884\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the nginx packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 0.4.13-2+etch2.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.6.32-3+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"nginx\", reference:\"0.4.13-2+etch2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"nginx\", reference:\"0.6.32-3+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:26", "description": "The remote host is running a version of nginx web server that is potentially affected by a remote buffer overflow vulnerability. Using a specially crafted HTTP request, an attacker can cause web server to crash, or potentially run arbitrary code subject to the privileges of the web server user.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2009-09-14T00:00:00", "type": "nessus", "title": "nginx HTTP Request Remote Buffer Overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:igor_sysoev:nginx:*:*:*:*:*:*:*:*"], "id": "5174.PRM", "href": "https://www.tenable.com/plugins/nnm/5174", "sourceData": "Binary data 5174.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:44", "description": "- Mon Sep 14 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.62-1\n\n - update to 0.7.62\n\n - fixes CVE-2009-2629\n\n - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.61-1\n\n - update to new stable 0.7.61\n\n - remove third-party module\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-16T00:00:00", "type": "nessus", "title": "Fedora 11 : nginx-0.7.62-1.fc11 (2009-9630)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nginx", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-9630.NASL", "href": "https://www.tenable.com/plugins/nessus/40995", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-9630.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40995);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2629\");\n script_bugtraq_id(36384);\n script_xref(name:\"FEDORA\", value:\"2009-9630\");\n\n script_name(english:\"Fedora 11 : nginx-0.7.62-1.fc11 (2009-9630)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Sep 14 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.62-1\n\n - update to 0.7.62\n\n - fixes CVE-2009-2629\n\n - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.61-1\n\n - update to new stable 0.7.61\n\n - remove third-party module\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=523105\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-September/029236.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3cd718a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nginx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"nginx-0.7.62-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nginx\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:50", "description": "nginx development team reports :\n\nA segmentation fault might occur in worker process while specially crafted request handling.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-15T00:00:00", "type": "nessus", "title": "FreeBSD : nginx -- remote denial of service vulnerability (152b27f0-a158-11de-990c-e5b1d4c882e0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:nginx", "p-cpe:/a:freebsd:freebsd:nginx-devel", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_152B27F0A15811DE990CE5B1D4C882E0.NASL", "href": "https://www.tenable.com/plugins/nessus/40978", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40978);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-2629\");\n\n script_name(english:\"FreeBSD : nginx -- remote denial of service vulnerability (152b27f0-a158-11de-990c-e5b1d4c882e0)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"nginx development team reports :\n\nA segmentation fault might occur in worker process while specially\ncrafted request handling.\"\n );\n # http://nginx.net/CHANGES\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://nginx.org/en/CHANGES\"\n );\n # http://lists.debian.org/debian-security-announce/2009/msg00205.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-security-announce/2009/msg00205.html\"\n );\n # https://vuxml.freebsd.org/freebsd/152b27f0-a158-11de-990c-e5b1d4c882e0.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c163f1ea\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:nginx-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"nginx<0.7.62\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"nginx-devel<0.8.15\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:38", "description": "The remote host is affected by the vulnerability described in GLSA-200909-18 (nginx: Remote execution of arbitrary code)\n\n Chris Ries reported a heap-based buffer underflow in the ngx_http_parse_complex_uri() function in http/ngx_http_parse.c when parsing the request URI.\n Impact :\n\n A remote attacker might send a specially crafted request URI to a nginx server, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the server, or a Denial of Service. NOTE: By default, nginx runs as the 'nginx' user.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-21T00:00:00", "type": "nessus", "title": "GLSA-200909-18 : nginx: Remote execution of arbitrary code", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:nginx", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200909-18.NASL", "href": "https://www.tenable.com/plugins/nessus/41022", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200909-18.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41022);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-2629\");\n script_xref(name:\"GLSA\", value:\"200909-18\");\n\n script_name(english:\"GLSA-200909-18 : nginx: Remote execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200909-18\n(nginx: Remote execution of arbitrary code)\n\n Chris Ries reported a heap-based buffer underflow in the\n ngx_http_parse_complex_uri() function in http/ngx_http_parse.c when\n parsing the request URI.\n \nImpact :\n\n A remote attacker might send a specially crafted request URI to a nginx\n server, possibly resulting in the remote execution of arbitrary code\n with the privileges of the user running the server, or a Denial of\n Service. NOTE: By default, nginx runs as the 'nginx' user.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200909-18\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All nginx 0.5.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/nginx-0.5.38'\n All nginx 0.6.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/nginx-0.6.39'\n All nginx 0.7.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/nginx-0.7.62'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/nginx\", unaffected:make_list(\"rge 0.5.38\", \"rge 0.6.39\", \"ge 0.7.62\"), vulnerable:make_list(\"lt 0.7.62\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nginx\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:36", "description": "- Mon Sep 14 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.62-1\n\n - update to 0.7.62\n\n - fixes CVE-2009-2629\n\n - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.61-1\n\n - update to new stable 0.7.61\n\n - remove third-party module\n\n - Sat Apr 11 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> 0.6.36-1\n\n - update to 0.6.36\n\n - Wed Feb 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.35-3\n\n - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n\n - Thu Feb 19 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.35-2\n\n - rebuild\n\n - Thu Feb 19 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.35-1\n\n - update to 0.6.35\n\n - Sat Jan 17 2009 Tomas Mraz <tmraz at redhat.com> - 0.6.34-2\n\n - rebuild with new openssl\n\n - Tue Dec 30 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.34-1\n\n - update to 0.6.34\n\n - Thu Dec 4 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 0.6.33-2\n\n - Fix inclusion of /usr/share/nginx tree => no unowned directories.\n\n - Sun Nov 23 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.33-1\n\n - update to 0.6.33\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-16T00:00:00", "type": "nessus", "title": "Fedora 10 : nginx-0.7.62-1.fc10 (2009-9652)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2629"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nginx", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-9652.NASL", "href": "https://www.tenable.com/plugins/nessus/40996", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-9652.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40996);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2629\");\n script_bugtraq_id(36384);\n script_xref(name:\"FEDORA\", value:\"2009-9652\");\n\n script_name(english:\"Fedora 10 : nginx-0.7.62-1.fc10 (2009-9652)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Sep 14 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.62-1\n\n - update to 0.7.62\n\n - fixes CVE-2009-2629\n\n - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.7.61-1\n\n - update to new stable 0.7.61\n\n - remove third-party module\n\n - Sat Apr 11 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> 0.6.36-1\n\n - update to 0.6.36\n\n - Wed Feb 25 2009 Fedora Release Engineering <rel-eng at\n lists.fedoraproject.org> - 0.6.35-3\n\n - Rebuilt for\n https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n\n - Thu Feb 19 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.6.35-2\n\n - rebuild\n\n - Thu Feb 19 2009 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.6.35-1\n\n - update to 0.6.35\n\n - Sat Jan 17 2009 Tomas Mraz <tmraz at redhat.com> -\n 0.6.34-2\n\n - rebuild with new openssl\n\n - Tue Dec 30 2008 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.6.34-1\n\n - update to 0.6.34\n\n - Thu Dec 4 2008 Michael Schwendt <mschwendt at\n fedoraproject.org> - 0.6.33-2\n\n - Fix inclusion of /usr/share/nginx tree => no unowned\n directories.\n\n - Sun Nov 23 2008 Jeremy Hinegardner <jeremy at\n hinegardner dot org> - 0.6.33-1\n\n - update to 0.6.33\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=523105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-September/029250.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b45ba97d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nginx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"nginx-0.7.62-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nginx\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:05:01", "description": "This update fixes the safe renegotiation testing code which was missing in the previous update for CVE-2009-3555.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gnutls", "p-cpe:/a:novell:opensuse:libgnutls-devel", "p-cpe:/a:novell:opensuse:libgnutls-extra-devel", "p-cpe:/a:novell:opensuse:libgnutls-extra26", "p-cpe:/a:novell:opensuse:libgnutls26", "p-cpe:/a:novell:opensuse:libgnutls26-32bit", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_GNUTLS-101206.NASL", "href": "https://www.tenable.com/plugins/nessus/75522", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update gnutls-3647.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75522);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-2)\");\n script_summary(english:\"Check for the gnutls-3647 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the safe renegotiation testing code which was\nmissing in the previous update for CVE-2009-3555.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=554084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-12/msg00051.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnutls packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-extra-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-extra26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls26-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"gnutls-2.8.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libgnutls-devel-2.8.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libgnutls-extra-devel-2.8.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libgnutls-extra26-2.8.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libgnutls26-2.8.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libgnutls26-32bit-2.8.6-2.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnutls\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:40:08", "description": "New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue.", "cvss3": {"score": null, "vector": null}, "published": "2009-11-17T00:00:00", "type": "nessus", "title": "Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / current : openssl (SSA:2009-320-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:openssl", "p-cpe:/a:slackware:slackware_linux:openssl-solibs", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0"], "id": "SLACKWARE_SSA_2009-320-01.NASL", "href": "https://www.tenable.com/plugins/nessus/42826", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-320-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42826);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_xref(name:\"SSA\", value:\"2009-320-01\");\n\n script_name(english:\"Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / current : openssl (SSA:2009-320-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New openssl packages are available for Slackware 11.0, 12.0, 12.1,\n12.2, 13.0, and -current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a8609185\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl and / or openssl-solibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl-solibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"11.0\", pkgname:\"openssl\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"4_slack11.0\")) flag++;\nif (slackware_check(osver:\"11.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"4_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"openssl\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"4_slack12.0\")) flag++;\nif (slackware_check(osver:\"12.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"4_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"openssl\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"4_slack12.1\")) flag++;\nif (slackware_check(osver:\"12.1\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"4_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"openssl\", pkgver:\"0.9.8i\", pkgarch:\"i486\", pkgnum:\"4_slack12.2\")) flag++;\nif (slackware_check(osver:\"12.2\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8i\", pkgarch:\"i486\", pkgnum:\"4_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"openssl\", pkgver:\"0.9.8k\", pkgarch:\"i486\", pkgnum:\"3_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8k\", pkgarch:\"i486\", pkgnum:\"3_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8k\", pkgarch:\"x86_64\", pkgnum:\"3_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8k\", pkgarch:\"x86_64\", pkgnum:\"3_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"openssl\", pkgver:\"0.9.8l\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8l\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8l\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8l\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:40:08", "description": "The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)", "cvss3": {"score": null, "vector": null}, "published": "2009-11-17T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : OpenSSL (SAT Patch Number 1544)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:compat-openssl097g", "p-cpe:/a:novell:suse_linux:11:compat-openssl097g-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_COMPAT-OPENSSL097G-091113.NASL", "href": "https://www.tenable.com/plugins/nessus/42829", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42829);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"SuSE 11 Security Update : OpenSSL (SAT Patch Number 1544)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The TLS/SSLv3 protocol as implemented in openssl prior to this update\nwas not able to associate data to a renegotiated connection. This\nallowed man-in-the-middle attackers to inject HTTP requests in a HTTPS\nsession without being noticed. For example Apache's mod_ssl was\nvulnerable to this kind of attack because it uses openssl. Please note\nthat renegotiation will be disabled by this update and may cause\nproblems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=553641\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3555.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1544.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:compat-openssl097g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:compat-openssl097g-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"compat-openssl097g-0.9.7g-146.16.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"compat-openssl097g-0.9.7g-146.16.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"compat-openssl097g-32bit-0.9.7g-146.16.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:40:11", "description": "The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)", "cvss3": {"score": null, "vector": null}, "published": "2009-11-19T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libopenssl-devel (libopenssl-devel-1554)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl0_9_8", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:openssl-certs", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_LIBOPENSSL-DEVEL-091112.NASL", "href": "https://www.tenable.com/plugins/nessus/42854", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libopenssl-devel-1554.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42854);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"openSUSE Security Update : libopenssl-devel (libopenssl-devel-1554)\");\n script_summary(english:\"Check for the libopenssl-devel-1554 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The TLS/SSLv3 protocol as implemented in openssl prior to this update\nwas not able to associate data to a renegotiated connection. This\nallowed man-in-the-middle attackers to inject HTTP requests in a HTTPS\nsession without being noticed. For example Apache's mod_ssl was\nvulnerable to this kind of attack because it uses openssl. Please note\nthat renegotiation will be disabled by this update and may cause\nproblems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=553641\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libopenssl-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libopenssl-devel-0.9.8h-28.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libopenssl0_9_8-0.9.8h-28.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"openssl-0.9.8h-28.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"openssl-certs-0.9.8h-25.2.13\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-28.11.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:41:03", "description": "This update addresses CVE-2009-3555 (SSL/TLS renegotiation vulnerability), mitigating the problem by refusing all client-initiated SSL/TLS session renegotiations. This update to the latest maintenance release also fixes a number of bugs recorded in the proftpd bug tracker: - SSL/TLS renegotiation vulnerability (CVE-2009-3555, bug 3324) - Failed database transaction can cause mod_quotatab to loop (bug 3228) - Segfault in mod_wrap (bug 3332) - <Directory> sections can have <Limit> problems (bug 3337) - mod_wrap2 segfaults when a valid user retries the USER command (bug 3341) - mod_auth_file handles 'getgroups' request incorrectly (bug 3347) - Segfault caused by scrubbing zero- length portion of memory (bug 3350) Finally, the behaviour of the MLSD FTP command (used in many modern FTP clients to list directories) is fixed for the case when the FTP server's configuration disallows its usage (using a <Limit> clause) in some but not all places (#544002).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-28T00:00:00", "type": "nessus", "title": "Fedora 12 : proftpd-1.3.2c-1.fc12 (2009-13250)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:proftpd", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2009-13250.NASL", "href": "https://www.tenable.com/plugins/nessus/43604", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-13250.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43604);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36804, 36935);\n script_xref(name:\"FEDORA\", value:\"2009-13250\");\n\n script_name(english:\"Fedora 12 : proftpd-1.3.2c-1.fc12 (2009-13250)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses CVE-2009-3555 (SSL/TLS renegotiation\nvulnerability), mitigating the problem by refusing all\nclient-initiated SSL/TLS session renegotiations. This update to the\nlatest maintenance release also fixes a number of bugs recorded in the\nproftpd bug tracker: - SSL/TLS renegotiation vulnerability\n(CVE-2009-3555, bug 3324) - Failed database transaction can cause\nmod_quotatab to loop (bug 3228) - Segfault in mod_wrap (bug 3332) -\n<Directory> sections can have <Limit> problems (bug 3337) - mod_wrap2\nsegfaults when a valid user retries the USER command (bug 3341) -\nmod_auth_file handles 'getgroups' request incorrectly (bug 3347) -\nSegfault caused by scrubbing zero- length portion of memory (bug 3350)\nFinally, the behaviour of the MLSD FTP command (used in many modern\nFTP clients to list directories) is fixed for the case when the FTP\nserver's configuration disallows its usage (using a <Limit> clause) in\nsome but not all places (#544002).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533125\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/033169.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8b4a0b82\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected proftpd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:proftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"proftpd-1.3.2c-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"proftpd\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:41:22", "description": "Update to 3.12.5 This update fixes the following security flaw:\nCVE-2009-3555 TLS: MITM attacks via session renegotiation\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-10T00:00:00", "type": "nessus", "title": "Fedora 12 : nss-util-3.12.5-1.fc12.1 (2009-12968)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nss-util", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2009-12968.NASL", "href": "https://www.tenable.com/plugins/nessus/43092", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12968.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43092);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_xref(name:\"FEDORA\", value:\"2009-12968\");\n\n script_name(english:\"Fedora 12 : nss-util-3.12.5-1.fc12.1 (2009-12968)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 3.12.5 This update fixes the following security flaw:\nCVE-2009-3555 TLS: MITM attacks via session renegotiation\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533125\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032443.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?33249dce\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nss-util package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"nss-util-3.12.5-1.fc12.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss-util\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:39:32", "description": "The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)", "cvss3": {"score": null, "vector": null}, "published": "2009-11-18T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : OpenSSL (YOU Patch Number 12550)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12550.NASL", "href": "https://www.tenable.com/plugins/nessus/42836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42836);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"SuSE9 Security Update : OpenSSL (YOU Patch Number 12550)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The TLS/SSLv3 protocol as implemented in openssl prior to this update\nwas not able to associate data to a renegotiated connection. This\nallowed man-in-the-middle attackers to inject HTTP requests in a HTTPS\nsession without being noticed. For example Apache's mod_ssl was\nvulnerable to this kind of attack because it uses openssl. Please note\nthat renegotiation will be disabled by this update and may cause\nproblems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3555.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12550.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"openssl-0.9.7d-15.41\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openssl-devel-0.9.7d-15.41\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openssl-doc-0.9.7d-15.41\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"openssl-32bit-9-200911130943\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"openssl-devel-32bit-9-200911130943\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:39:32", "description": "The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)", "cvss3": {"score": null, "vector": null}, "published": "2009-11-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : compat-openssl097g (compat-openssl097g-1548)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:compat-openssl097g", "p-cpe:/a:novell:opensuse:compat-openssl097g-32bit", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_COMPAT-OPENSSL097G-091113.NASL", "href": "https://www.tenable.com/plugins/nessus/42837", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update compat-openssl097g-1548.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42837);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"openSUSE Security Update : compat-openssl097g (compat-openssl097g-1548)\");\n script_summary(english:\"Check for the compat-openssl097g-1548 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The TLS/SSLv3 protocol as implemented in openssl prior to this update\nwas not able to associate data to a renegotiated connection. This\nallowed man-in-the-middle attackers to inject HTTP requests in a HTTPS\nsession without being noticed. For example Apache's mod_ssl was\nvulnerable to this kind of attack because it uses openssl. Please note\nthat renegotiation will be disabled by this update and may cause\nproblems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=553641\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected compat-openssl097g packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:compat-openssl097g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:compat-openssl097g-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"compat-openssl097g-0.9.7g-119.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"compat-openssl097g-32bit-0.9.7g-119.7\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:06:06", "description": "CVE-2009-3555 TLS: MITM attacks via session renegotiation\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update addresses this flaw by implementing the TLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about this flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nFor the update to take effect, all services linked to the openssl097a library must be restarted, or the system rebooted.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : openssl097a on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20100325_OPENSSL097A_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60757", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60757);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"Scientific Linux Security Update : openssl097a on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-3555 TLS: MITM attacks via session renegotiation\n\nA flaw was found in the way the TLS/SSL (Transport Layer\nSecurity/Secure Sockets Layer) protocols handled session\nrenegotiation. A man-in-the-middle attacker could use this flaw to\nprefix arbitrary plain text to a client's session (for example, an\nHTTPS connection to a website). This could force the server to process\nan attacker's request as if authenticated using the victim's\ncredentials. This update addresses this flaw by implementing the TLS\nRenegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details\nabout this flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nFor the update to take effect, all services linked to the openssl097a\nlibrary must be restarted, or the system rebooted.\"\n );\n # http://kbase.redhat.com/faq/docs/DOC-20491\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/20490\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1003&L=scientific-linux-errata&T=0&P=2492\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e39536a6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl097a package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"openssl097a-0.9.7a-9.el5_4.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:40:29", "description": "Update to 1.1.18, implementing a mitigation for CVE-2009-3555.\nhttp://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html http://marc.info/?l=tomcat-dev&m=125900987921402&w=2 http://marc.info/?l =tomcat-dev&m=125874793414940&w=2 http://marc.info/?l=tomcat- user&m=125874793614950&w=2\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-18T00:00:00", "type": "nessus", "title": "Fedora 12 : tomcat-native-1.1.18-1.fc12 (2009-12229)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tomcat-native", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2009-12229.NASL", "href": "https://www.tenable.com/plugins/nessus/43327", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12229.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43327);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_xref(name:\"FEDORA\", value:\"2009-12229\");\n\n script_name(english:\"Fedora 12 : tomcat-native-1.1.18-1.fc12 (2009-12229)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 1.1.18, implementing a mitigation for CVE-2009-3555.\nhttp://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\nhttp://marc.info/?l=tomcat-dev&m=125900987921402&w=2\nhttp://marc.info/?l =tomcat-dev&m=125874793414940&w=2\nhttp://marc.info/?l=tomcat- user&m=125874793614950&w=2\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://marc.info/?l\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l\"\n );\n # http://marc.info/?l=tomcat-\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=tomcat-\"\n );\n # http://marc.info/?l=tomcat-dev&m=125900987921402&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=tomcat-dev&m=125900987921402&w=2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032838.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eb03b77e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat-native package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tomcat-native\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"tomcat-native-1.1.18-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat-native\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:38:54", "description": "The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)", "cvss3": {"score": null, "vector": null}, "published": "2009-11-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : compat-openssl097g (compat-openssl097g-1548)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:compat-openssl097g", "p-cpe:/a:novell:opensuse:compat-openssl097g-32bit", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_COMPAT-OPENSSL097G-091113.NASL", "href": "https://www.tenable.com/plugins/nessus/42839", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update compat-openssl097g-1548.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42839);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"openSUSE Security Update : compat-openssl097g (compat-openssl097g-1548)\");\n script_summary(english:\"Check for the compat-openssl097g-1548 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The TLS/SSLv3 protocol as implemented in openssl prior to this update\nwas not able to associate data to a renegotiated connection. This\nallowed man-in-the-middle attackers to inject HTTP requests in a HTTPS\nsession without being noticed. For example Apache's mod_ssl was\nvulnerable to this kind of attack because it uses openssl. Please note\nthat renegotiation will be disabled by this update and may cause\nproblems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=553641\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected compat-openssl097g packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:compat-openssl097g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:compat-openssl097g-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"compat-openssl097g-0.9.7g-149.5.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"compat-openssl097g-32bit-0.9.7g-149.5.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:41:43", "description": "This update addresses CVE-2009-3555 (SSL/TLS renegotiation vulnerability), mitigating the problem by refusing all client-initiated SSL/TLS session renegotiations. This update to the latest maintenance release also fixes a number of bugs recorded in the proftpd bug tracker: - SSL/TLS renegotiation vulnerability (CVE-2009-3555, bug 3324) - Failed database transaction can cause mod_quotatab to loop (bug 3228) - Segfault in mod_wrap (bug 3332) - <Directory> sections can have <Limit> problems (bug 3337) - mod_wrap2 segfaults when a valid user retries the USER command (bug 3341) - mod_auth_file handles 'getgroups' request incorrectly (bug 3347) - Segfault caused by scrubbing zero- length portion of memory (bug 3350) Finally, the behaviour of the MLSD FTP command (used in many modern FTP clients to list directories) is fixed for the case when the FTP server's configuration disallows its usage (using a <Limit> clause) in some but not all places (#544002).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-28T00:00:00", "type": "nessus", "title": "Fedora 11 : proftpd-1.3.2c-1.fc11 (2009-13236)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:proftpd", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-13236.NASL", "href": "https://www.tenable.com/plugins/nessus/43603", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-13236.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43603);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36804);\n script_xref(name:\"FEDORA\", value:\"2009-13236\");\n\n script_name(english:\"Fedora 11 : proftpd-1.3.2c-1.fc11 (2009-13236)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses CVE-2009-3555 (SSL/TLS renegotiation\nvulnerability), mitigating the problem by refusing all\nclient-initiated SSL/TLS session renegotiations. This update to the\nlatest maintenance release also fixes a number of bugs recorded in the\nproftpd bug tracker: - SSL/TLS renegotiation vulnerability\n(CVE-2009-3555, bug 3324) - Failed database transaction can cause\nmod_quotatab to loop (bug 3228) - Segfault in mod_wrap (bug 3332) -\n<Directory> sections can have <Limit> problems (bug 3337) - mod_wrap2\nsegfaults when a valid user retries the USER command (bug 3341) -\nmod_auth_file handles 'getgroups' request incorrectly (bug 3347) -\nSegfault caused by scrubbing zero- length portion of memory (bug 3350)\nFinally, the behaviour of the MLSD FTP command (used in many modern\nFTP clients to list directories) is fixed for the case when the FTP\nserver's configuration disallows its usage (using a <Limit> clause) in\nsome but not all places (#544002).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533125\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/033227.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0239a31b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected proftpd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:proftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"proftpd-1.3.2c-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"proftpd\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:40:44", "description": "Update to 1.1.18, implementing a mitigation for CVE-2009-3555.\nhttp://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html http://marc.info/?l=tomcat-dev&m=125900987921402&w=2 http://marc.info/?l =tomcat-dev&m=125874793414940&w=2 http://marc.info/?l=tomcat- user&m=125874793614950&w=2\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-18T00:00:00", "type": "nessus", "title": "Fedora 11 : tomcat-native-1.1.18-1.fc11 (2009-12305)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tomcat-native", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-12305.NASL", "href": "https://www.tenable.com/plugins/nessus/43328", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12305.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43328);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_xref(name:\"FEDORA\", value:\"2009-12305\");\n\n script_name(english:\"Fedora 11 : tomcat-native-1.1.18-1.fc11 (2009-12305)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 1.1.18, implementing a mitigation for CVE-2009-3555.\nhttp://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\nhttp://marc.info/?l=tomcat-dev&m=125900987921402&w=2\nhttp://marc.info/?l =tomcat-dev&m=125874793414940&w=2\nhttp://marc.info/?l=tomcat- user&m=125874793614950&w=2\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://marc.info/?l\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l\"\n );\n # http://marc.info/?l=tomcat-\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=tomcat-\"\n );\n # http://marc.info/?l=tomcat-dev&m=125900987921402&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=tomcat-dev&m=125900987921402&w=2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032829.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bff3c0cc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat-native package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tomcat-native\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"tomcat-native-1.1.18-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat-native\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:40:10", "description": "A vulnerability was discovered and corrected in apache :\n\nApache is affected by SSL injection or man-in-the-middle attacks due to a design flaw in the SSL and/or TLS protocols. A short term solution was released Sat Nov 07 2009 by the ASF team to mitigate these problems. Apache will now reject in-session renegotiation (CVE-2009-3555).\n\nAdditionally the SNI patch was upgraded for 2009.0/MES5 and 2009.1.\n\nThis update provides a solution to this vulnerability.", "cvss3": {"score": null, "vector": null}, "published": "2009-11-09T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : apache (MDVSA-2009:295)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache-base", "p-cpe:/a:mandriva:linux:apache-devel", "p-cpe:/a:mandriva:linux:apache-htcacheclean", "p-cpe:/a:mandriva:linux:apache-mod_authn_dbd", "p-cpe:/a:mandriva:linux:apache-mod_cache", "p-cpe:/a:mandriva:linux:apache-mod_dav", "p-cpe:/a:mandriva:linux:apache-mod_dbd", "p-cpe:/a:mandriva:linux:apache-mod_deflate", "p-cpe:/a:mandriva:linux:apache-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache-mod_file_cache", "p-cpe:/a:mandriva:linux:apache-mod_ldap", "p-cpe:/a:mandriva:linux:apache-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache-mod_proxy", "p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp", "p-cpe:/a:mandriva:linux:apache-mod_proxy_scgi", "p-cpe:/a:mandriva:linux:apache-mod_ssl", "p-cpe:/a:mandriva:linux:apache-mod_userdir", "p-cpe:/a:mandriva:linux:apache-modules", "p-cpe:/a:mandriva:linux:apache-mpm-event", "p-cpe:/a:mandriva:linux:apache-mpm-itk", "p-cpe:/a:mandriva:linux:apache-mpm-peruser", "p-cpe:/a:mandriva:linux:apache-mpm-prefork", "p-cpe:/a:mandriva:linux:apache-mpm-worker", "p-cpe:/a:mandriva:linux:apache-source", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.0"], "id": "MANDRIVA_MDVSA-2009-295.NASL", "href": "https://www.tenable.com/plugins/nessus/42429", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:295. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42429);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_xref(name:\"MDVSA\", value:\"2009:295\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apache (MDVSA-2009:295)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered and corrected in apache :\n\nApache is affected by SSL injection or man-in-the-middle attacks due\nto a design flaw in the SSL and/or TLS protocols. A short term\nsolution was released Sat Nov 07 2009 by the ASF team to mitigate\nthese problems. Apache will now reject in-session renegotiation\n(CVE-2009-3555).\n\nAdditionally the SNI patch was upgraded for 2009.0/MES5 and 2009.1.\n\nThis update provides a solution to this vulnerability.\"\n );\n # http://marc.info/?l=apache-httpd-announce&amp;m=125755783724966&amp;w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6a81680c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-htcacheclean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_authn_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy_scgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_userdir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-peruser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-base-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-devel-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-htcacheclean-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_authn_dbd-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_cache-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_dav-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_dbd-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_deflate-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_disk_cache-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_file_cache-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_ldap-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_mem_cache-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_proxy-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_proxy_ajp-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_ssl-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_userdir-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-modules-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mpm-event-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mpm-itk-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mpm-peruser-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mpm-prefork-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mpm-worker-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-source-2.2.9-12.5mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-base-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-devel-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-htcacheclean-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_authn_dbd-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_cache-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_dav-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_dbd-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_deflate-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_disk_cache-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_file_cache-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_ldap-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_mem_cache-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_proxy-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_proxy_ajp-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_ssl-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_userdir-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-modules-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mpm-event-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mpm-itk-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mpm-peruser-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mpm-prefork-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mpm-worker-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-source-2.2.11-10.6mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-base-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-devel-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-htcacheclean-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_authn_dbd-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_cache-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_dav-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_dbd-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_deflate-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_disk_cache-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_file_cache-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_ldap-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_mem_cache-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_proxy-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_proxy_ajp-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_proxy_scgi-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_ssl-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_userdir-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-modules-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mpm-event-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mpm-itk-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mpm-peruser-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mpm-prefork-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mpm-worker-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-source-2.2.14-1.1mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:37:45", "description": "Mozilla NSS was updated to version 3.12.6.\n\nThis fixes all currently known issues in mozilla-nss, and also implements the new TLS/SSL renegotiation handling. (CVE-2009-3555)", "cvss3": {"score": null, "vector": null}, "published": "2010-10-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 6978)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MOZILLA-NSS-6978.NASL", "href": "https://www.tenable.com/plugins/nessus/49896", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49896);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 6978)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla NSS was updated to version 3.12.6.\n\nThis fixes all currently known issues in mozilla-nss, and also\nimplements the new TLS/SSL renegotiation handling. (CVE-2009-3555)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3555.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6978.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"mozilla-nss-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"mozilla-nss-devel-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"mozilla-nss-tools-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"mozilla-nss-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"mozilla-nss-devel-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.6-3.4.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:03:53", "description": "IBM Java 1.4.2 was updated to version U13 FP 4 iFixes to fix the SSL renegotiation flaw reported as CVE-2009-3555, as well as SAP installer related bugs.", "cvss3": {"score": null, "vector": null}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 7036)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_JAVA-1_4_2-IBM-7036.NASL", "href": "https://www.tenable.com/plugins/nessus/59119", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59119);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 7036)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"IBM Java 1.4.2 was updated to version U13 FP 4 iFixes to fix the SSL\nrenegotiation flaw reported as CVE-2009-3555, as well as SAP installer\nrelated bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3555.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7036.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"java-1_4_2-ibm-1.4.2_sr13.4-1.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"java-1_4_2-ibm-devel-1.4.2_sr13.4-1.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:04", "description": "The version of Opera installed on the remote host is earlier than 10.50. Such versions are potentially affected by multiple vulnerabilities : \n\n - An error in the TLS protocol when handling session re-negotiations. (944)\n\n - An unspecified vulnerability.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2010-03-02T00:00:00", "type": "nessus", "title": "Opera < 10.50 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*"], "id": "5349.PRM", "href": "https://www.tenable.com/plugins/nnm/5349", "sourceData": "Binary data 5349.prm", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-16T14:31:46", "description": "Update to NSS 3.12.6 The primary feature of NSS 3.12.6 is support for the TLS Renegotiation Indication Extension, RFC 5746.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 11 : nss-3.12.6-1.2.fc11 (2010-3905)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nss", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2010-3905.NASL", "href": "https://www.tenable.com/plugins/nessus/47330", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-3905.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47330);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_xref(name:\"FEDORA\", value:\"2010-3905\");\n\n script_name(english:\"Fedora 11 : nss-3.12.6-1.2.fc11 (2010-3905)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to NSS 3.12.6 The primary feature of NSS 3.12.6 is support for\nthe TLS Renegotiation Indication Extension, RFC 5746.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533125\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-March/037711.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ffae753c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nss package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"nss-3.12.6-1.2.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:12:45", "description": "From Red Hat Security Advisory 2010:0165 :\n\nUpdated nss packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management (malloc and free), and shared library linking.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update addresses this flaw by implementing the TLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about this flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nUsers of Red Hat Certificate System 7.3 and 8.0 should review the following Knowledgebase article before installing this update:\nhttp://kbase.redhat.com/faq/docs/DOC-28439\n\nAll users of NSS are advised to upgrade to these updated packages, which update NSS to version 3.12.6. This erratum also updates the NSPR packages to the version required by NSS 3.12.6. All running applications using the NSS library must be restarted for this update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 : nss (ELSA-2010-0165)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:nspr", "p-cpe:/a:oracle:linux:nspr-devel", "p-cpe:/a:oracle:linux:nss", "p-cpe:/a:oracle:linux:nss-devel", "p-cpe:/a:oracle:linux:nss-pkcs11-devel", "p-cpe:/a:oracle:linux:nss-tools", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2010-0165.NASL", "href": "https://www.tenable.com/plugins/nessus/68019", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0165 and \n# Oracle Linux Security Advisory ELSA-2010-0165 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68019);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_xref(name:\"RHSA\", value:\"2010:0165\");\n\n script_name(english:\"Oracle Linux 4 / 5 : nss (ELSA-2010-0165)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0165 :\n\nUpdated nss packages that fix a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Applications built with NSS can support SSLv2,\nSSLv3, TLS, and other security standards.\n\nNetscape Portable Runtime (NSPR) provides platform independence for\nnon-GUI operating system facilities. These facilities include threads,\nthread synchronization, normal file and network I/O, interval timing,\ncalendar time, basic memory management (malloc and free), and shared\nlibrary linking.\n\nA flaw was found in the way the TLS/SSL (Transport Layer\nSecurity/Secure Sockets Layer) protocols handled session\nrenegotiation. A man-in-the-middle attacker could use this flaw to\nprefix arbitrary plain text to a client's session (for example, an\nHTTPS connection to a website). This could force the server to process\nan attacker's request as if authenticated using the victim's\ncredentials. This update addresses this flaw by implementing the TLS\nRenegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details\nabout this flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nUsers of Red Hat Certificate System 7.3 and 8.0 should review the\nfollowing Knowledgebase article before installing this update:\nhttp://kbase.redhat.com/faq/docs/DOC-28439\n\nAll users of NSS are advised to upgrade to these updated packages,\nwhich update NSS to version 3.12.6. This erratum also updates the NSPR\npackages to the version required by NSS 3.12.6. All running\napplications using the NSS library must be restarted for this update\nto take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-March/001402.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-March/001411.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nss packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"nspr-4.8.4-1.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"nspr-devel-4.8.4-1.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"nss-3.12.6-1.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"nss-devel-3.12.6-1.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"nss-tools-3.12.6-1.0.1.el4_8\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"nspr-4.8.4-1.el5_4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nspr-devel-4.8.4-1.el5_4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-3.12.6-1.0.1.el5_4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-devel-3.12.6-1.0.1.el5_4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-pkcs11-devel-3.12.6-1.0.1.el5_4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-tools-3.12.6-1.0.1.el5_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-pkcs11-devel / nss-tools\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:35:47", "description": "USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555.\nUSN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue.\n\nAfter updating openssl, an Apache server will allow both patched and unpatched web browsers to connect, but unpatched browsers will not be able to renegotiate. This update introduces the new SSLInsecureRenegotiation directive for Apache that may be used to re-enable insecure renegotiations with unpatched web browsers. For more information, please refer to:\nhttp://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotia tion\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds backported support for the new RFC5746 renegotiation extension and will use it when both the client and the server support it.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-09-22T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : apache2 vulnerability (USN-990-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:apache2", "p-cpe:/a:canonical:ubuntu_linux:apache2-common", "p-cpe:/a:canonical:ubuntu_linux:apache2-doc", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-event", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-itk", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker", "p-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-src", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-custom", "p-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-utils", "p-cpe:/a:canonical:ubuntu_linux:apache2.2-bin", "p-cpe:/a:canonical:ubuntu_linux:apache2.2-common", "p-cpe:/a:canonical:ubuntu_linux:libapr0", "p-cpe:/a:canonical:ubuntu_linux:libapr0-dev", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-990-2.NASL", "href": "https://www.tenable.com/plugins/nessus/49644", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-990-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(49644);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_xref(name:\"USN\", value:\"990-2\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : apache2 vulnerability (USN-990-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-860-1 introduced a partial workaround to Apache that disabled\nclient initiated TLS renegotiation in order to mitigate CVE-2009-3555.\nUSN-990-1 introduced the new RFC5746 renegotiation extension in\nopenssl, and completely resolves the issue.\n\nAfter updating openssl, an Apache server will allow both patched and\nunpatched web browsers to connect, but unpatched browsers will not be\nable to renegotiate. This update introduces the new\nSSLInsecureRenegotiation directive for Apache that may be used to\nre-enable insecure renegotiations with unpatched web browsers. For\nmore information, please refer to:\nhttp://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotia\ntion\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\nprotocols. If an attacker could perform a man in the middle attack at\nthe start of a TLS connection, the attacker could inject arbitrary\ncontent at the beginning of the user's session. This update adds\nbackported support for the new RFC5746 renegotiation extension and\nwill use it when both the client and the server support it.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/990-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-custom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2.2-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2.2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapr0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06|8\\.04|9\\.04|9\\.10|10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 9.04 / 9.10 / 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-common\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-doc\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-mpm-perchild\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-utils\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libapr0\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libapr0-dev\", pkgver:\"2.0.55-4ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-doc\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-mpm-event\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-mpm-perchild\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-src\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-utils\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2.2-common\", pkgver:\"2.2.8-1ubuntu0.18\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-doc\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-mpm-event\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-src\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-suexec\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-suexec-custom\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-utils\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2.2-common\", pkgver:\"2.2.11-2ubuntu2.7\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-doc\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-mpm-event\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-mpm-itk\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-suexec\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-suexec-custom\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-utils\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2.2-bin\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2.2-common\", pkgver:\"2.2.12-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2-doc\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2-mpm-event\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2-mpm-itk\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2-suexec\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2-suexec-custom\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2-utils\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2.2-bin\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2.2-common\", pkgver:\"2.2.14-5ubuntu8.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2 / apache2-common / apache2-doc / apache2-mpm-event / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:28:59", "description": "Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-04-12T00:00:00", "type": "nessus", "title": "Ubuntu 9.10 : nss vulnerability (USN-927-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libnss3-0d", "p-cpe:/a:canonical:ubuntu_linux:libnss3-1d", "p-cpe:/a:canonical:ubuntu_linux:libnss3-1d-dbg", "p-cpe:/a:canonical:ubuntu_linux:libnss3-dev", "p-cpe:/a:canonical:ubuntu_linux:libnss3-tools", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-927-1.NASL", "href": "https://www.tenable.com/plugins/nessus/45485", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-927-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45485);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_xref(name:\"USN\", value:\"927-1\");\n\n script_name(english:\"Ubuntu 9.10 : nss vulnerability (USN-927-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\nprotocols. If an attacker could perform a man in the middle attack at\nthe start of a TLS connection, the attacker could inject arbitrary\ncontent at the beginning of the user's session. This update adds\nsupport for the new new renegotiation extension and will use it when\nthe server supports it.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/927-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-0d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-1d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-1d-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(9\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libnss3-0d\", pkgver:\"3.12.6-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libnss3-1d\", pkgver:\"3.12.6-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libnss3-1d-dbg\", pkgver:\"3.12.6-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libnss3-dev\", pkgver:\"3.12.6-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libnss3-tools\", pkgver:\"3.12.6-0ubuntu0.9.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnss3-0d / libnss3-1d / libnss3-1d-dbg / libnss3-dev / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-16T14:04:51", "description": "The SSL-renegotiation 'authentication gap' has been fixed in gnutls.\nCVE-2009-3555 has been assigned to this issue.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gnutls", "p-cpe:/a:novell:opensuse:libgnutls-devel", "p-cpe:/a:novell:opensuse:libgnutls-extra-devel", "p-cpe:/a:novell:opensuse:libgnutls-extra26", "p-cpe:/a:novell:opensuse:libgnutls26", "p-cpe:/a:novell:opensuse:libgnutls26-32bit", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_GNUTLS-101025.NASL", "href": "https://www.tenable.com/plugins/nessus/75521", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update gnutls-3388.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75521);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-1)\");\n script_summary(english:\"Check for the gnutls-3388 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SSL-renegotiation 'authentication gap' has been fixed in gnutls.\nCVE-2009-3555 has been assigned to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=554084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-12/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnutls packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-extra-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-extra26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls26-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"gnutls-2.8.6-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libgnutls-devel-2.8.6-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libgnutls-extra-devel-2.8.6-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libgnutls-extra26-2.8.6-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libgnutls26-2.8.6-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libgnutls26-32bit-2.8.6-2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnutls\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:31:46", "description": "Add implementation of the safe renegotiation extension to fix the CVE-2009-3555 security vulnerability.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 12 : gnutls-2.8.6-2.fc12 (2010-9487)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gnutls", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-9487.NASL", "href": "https://www.tenable.com/plugins/nessus/47537", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-9487.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47537);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_xref(name:\"FEDORA\", value:\"2010-9487\");\n\n script_name(english:\"Fedora 12 : gnutls-2.8.6-2.fc12 (2010-9487)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Add implementation of the safe renegotiation extension to fix the\nCVE-2009-3555 security vulnerability.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533125\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-June/043445.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a0000917\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnutls package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"gnutls-2.8.6-2.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnutls\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:24:42", "description": "The version of Opera installed on the remote host is earlier than 10.50. Such versions are potentially affected by multiple vulnerabilities : \n\n - An error in the TLS protocol when handling session re-negotiations. (944)\n\n - An unspecified vulnerability.\n\nIAVA Reference : 2011-A-0107\nIAVB Reference : 2012-B-0038\nSTIG Finding Severity : Category I", "cvss3": {"score": null, "vector": null}, "published": "2010-03-02T00:00:00", "type": "nessus", "title": "Opera < 10.50 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2010-03-02T00:00:00", "cpe": [], "id": "800857.PRM", "href": "https://www.tenable.com/plugins/lce/800857", "sourceData": "Binary data 800857.prm", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-16T16:55:24", "description": "The SSL-renegotiation 'authentication gap' has been fixed in gnutls.\nCVE-2009-3555 has been assigned to this issue.", "cvss3": {"score": null, "vector": null}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gnutls", "p-cpe:/a:novell:opensuse:libgnutls-devel", "p-cpe:/a:novell:opensuse:libgnutls-extra-devel", "p-cpe:/a:novell:opensuse:libgnutls-extra26", "p-cpe:/a:novell:opensuse:libgnutls26", "p-cpe:/a:novell:opensuse:libgnutls26-32bit", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_GNUTLS-101025.NASL", "href": "https://www.tenable.com/plugins/nessus/53660", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update gnutls-3388.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53660);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-1)\");\n script_summary(english:\"Check for the gnutls-3388 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SSL-renegotiation 'authentication gap' has been fixed in gnutls.\nCVE-2009-3555 has been assigned to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=554084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-12/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnutls packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-extra-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-extra26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls26-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"gnutls-2.4.1-24.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libgnutls-devel-2.4.1-24.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libgnutls-extra-devel-2.4.1-24.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libgnutls-extra26-2.4.1-24.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libgnutls26-2.4.1-24.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libgnutls26-32bit-2.4.1-24.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnutls\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:28:40", "description": "Mozilla NSS was updated to version 3.12.6.\n\nThis fixes all currently known issues in mozilla-nss, and also implements the new TLS/SSL renegotiation handling. (CVE-2009-3555)", "cvss3": {"score": null, "vector": null}, "published": "2010-04-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 6977)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MOZILLA-NSPR-6977.NASL", "href": "https://www.tenable.com/plugins/nessus/45499", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(45499);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3555\");\n\n script_name(english:\"SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 6977)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla NSS was updated to version 3.12.6.\n\nThis fixes all currently known issues in mozilla-nss, and also\nimplements the new TLS/SSL renegotiation handling. (CVE-2009-3555)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3555.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6977.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mozilla-nspr-4.8.2-1.5.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mozilla-nspr-devel-4.8.2-1.5.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mozilla-nss-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mozilla-nss-devel-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mozilla-nss-tools-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.8.2-1.5.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mozilla-nspr-4.8.2-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mozilla-nspr-devel-4.8.2-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mozilla-nss-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mozilla-nss-devel-3.12.6-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.8.2-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.6-3.4.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:29:29", "description": "According to the web server banner, the version of HP System Management Homepage (SMH) running on the remote host is potentially affected by the following vulnerabilities :\n\n - Session renegotiations are not handled properly, which could be exploited to insert arbitrary plaintext by a man-in-the-middle. (CVE-2009-3555)\n\n - An unspecified vulnerability in version 2.0.18 of the Namazu component, used by the Windows version of SMH.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2010-05-19T00:00:00", "type": "nessus", "title": "HP System Management Homepage < 6.1.0.102 / 6.1.0-103 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:hp:system_management_homepage"], "id": "HPSMH_6_1_0_102.NASL", "href": "https://www.tenable.com/plugins/nessus/46677", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46677);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_xref(name:\"SECUNIA\", value:\"39777\");\n\n script_name(english:\"HP System Management Homepage < 6.1.0.102 / 6.1.0-103 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server has multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the web server banner, the version of HP System\nManagement Homepage (SMH) running on the remote host is potentially\naffected by the following vulnerabilities :\n\n - Session renegotiations are not handled properly, which\n could be exploited to insert arbitrary plaintext by a\n man-in-the-middle. (CVE-2009-3555)\n\n - An unspecified vulnerability in version 2.0.18 of the\n Namazu component, used by the Windows version of SMH.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/bugtraq/2010/May/139\");\n # http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=3884319&swItem=MTX-1b189d95582249b58d9ca94c45&prodNameId=3884320&swEnvOID=4024&swLang=13&taskId=135&mode=5\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4e8707ba\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to HP System Management Homepage 6.1.0.102 (Windows) /\n6.1.0-103 (Linux) or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2009-3555\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:system_management_homepage\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"compaq_wbem_detect.nasl\");\n script_require_keys(\"www/hp_smh\");\n script_require_ports(\"Services/www\", 2301, 2381);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nvar port = get_http_port(default:2381, embedded:TRUE);\n\nvar install = get_install_from_kb(appname:'hp_smh', port:port, exit_on_fail:TRUE);\nvar dir = install['dir'];\nvar version = install['ver'];\nvar prod = get_kb_item_or_exit('www/'+port+'/hp_smh/variant');\nif (version == UNKNOWN_VER)\n audit(AUDIT_UNKNOWN_APP_VER, prod + ' installed at ' + build_url(port:port, qs:dir+'/'));\n\n# nb: 'version' can have non-numeric characters in it so we'll create\n# an alternate form and make sure that's safe for use in 'ver_compare()'.\nversion_alt = ereg_replace(pattern:\"[_-]\", replace:\".\", string:version);\nif (!preg(pattern:\"^[0-9][0-9.]+$\", string:version_alt))\n audit(AUDIT_NONNUMERIC_VER, prod + ' installed at ' + build_url(port:port, qs:dir+'/'), port, version);\n\n# technically 6.1.0.103 is the fix for Linux and 6.1.0.102 is the fix for\n# Windows, but there is no way to infer OS from the banner. since there\n# is no 6.1.0.102 publicly released for Linux, this check should be\n# Good Enough\nvar fixed_version = '6.1.0.102';\nif (ver_compare(ver:version_alt, fix:fixed_version, strict:FALSE) == -1)\n{\n var source_line = get_kb_item('www/'+port+'/hp_smh/source');\n\n var report = '\\n Product : ' + prod;\n if (!isnull(source_line))\n report += '\\n Version source : ' + source_line;\n report +=\n '\\n Installed version : ' + version +\n '\\n Fixed version : 6.1.0.102 (Windows) / 6.1.0-103 (Linux)\\n';\n\n security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, prod, port, version);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-16T14:40:44", "description": "A vulnerability has been identified and corrected in proftpd :\n\nThe TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue (CVE-2009-3555).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers.\n\nThis update fixes this vulnerability.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : proftpd (MDVSA-2009:337)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:proftpd", "p-cpe:/a:mandriva:linux:proftpd-devel", "p-cpe:/a:mandriva:linux:proftpd-mod_autohost", "p-cpe:/a:mandriva:linux:proftpd-mod_ban", "p-cpe:/a:mandriva:linux:proftpd-mod_case", "p-cpe:/a:mandriva:linux:proftpd-mod_ctrls_admin", "p-cpe:/a:mandriva:linux:proftpd-mod_gss", "p-cpe:/a:mandriva:linux:proftpd-mod_ifsession", "p-cpe:/a:mandriva:linux:proftpd-mod_ldap", "p-cpe:/a:mandriva:linux:proftpd-mod_load", "p-cpe:/a:mandriva:linux:proftpd-mod_quotatab", "p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_file", "p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_ldap", "p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_radius", "p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_sql", "p-cpe:/a:mandriva:linux:proftpd-mod_radius", "p-cpe:/a:mandriva:linux:proftpd-mod_ratio", "p-cpe:/a:mandriva:linux:proftpd-mod_rewrite", "p-cpe:/a:mandriva:linux:proftpd-mod_sftp", "p-cpe:/a:mandriva:linux:proftpd-mod_shaper", "p-cpe:/a:mandriva:linux:proftpd-mod_site_misc", "p-cpe:/a:mandriva:linux:proftpd-mod_sql", "p-cpe:/a:mandriva:linux:proftpd-mod_sql_mysql", "p-cpe:/a:mandriva:linux:proftpd-mod_sql_postgres", "p-cpe:/a:mandriva:linux:proftpd-mod_time", "p-cpe:/a:mandriva:linux:proftpd-mod_tls", "p-cpe:/a:mandriva:linux:proftpd-mod_vroot", "p-cpe:/a:mandriva:linux:proftpd-mod_wrap", "p-cpe:/a:mandriva:linux:proftpd-mod_wrap_file", "p-cpe:/a:mandriva:linux:proftpd-mod_wrap_sql", "cpe:/o:mandriva:linux:2008.0", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.0"], "id": "MANDRIVA_MDVSA-2009-337.NASL", "href": "https://www.tenable.com/plugins/nessus/43393", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:337. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43393);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-3555\");\n script_bugtraq_id(36935);\n script_xref(name:\"MDVSA\", value:\"2009:337\");\n\n script_name(english:\"Mandriva Linux Security Advisory : proftpd (MDVSA-2009:337)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been identified and corrected in proftpd :\n\nThe TLS protocol, and the SSL protocol 3.0 and possibly earlier, as\nused in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in\nthe Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l,\nGnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS)\n3.12.4 and earlier, and other products, does not properly associate\nrenegotiation handshakes with an existing connection, which allows\nman-in-the-middle attackers to insert data into HTTPS sessions, and\npossibly other types of sessions protected by TLS or SSL, by sending\nan unauthenticated request that is processed retroactively by a server\nin a post-renegotiation context, related to a plaintext injection\nattack, aka the Project Mogul issue (CVE-2009-3555).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers.\n\nThis update fixes this vulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.proftpd.org/show_bug.cgi?id=3324\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_autohost\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_ban\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_case\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_ctrls_admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_gss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_ifsession\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_load\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_quotatab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_ratio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_rewrite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_sftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_shaper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_site_misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_sql_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_sql_postgres\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_time\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_tls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_vroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_wrap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_wrap_file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_wrap_sql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-devel-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_autohost-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_ban-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_case-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_ctrls_admin-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_gss-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_ifsession-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_ldap-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_load-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_quotatab-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_quotatab_file-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_quotatab_ldap-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_quotatab_radius-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_quotatab_sql-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_radius-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_ratio-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_rewrite-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_shaper-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_site_misc-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_sql-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_sql_mysql-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_sql_postgres-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_time-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_tls-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_wrap-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_wrap_file-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"proftpd-mod_wrap_sql-1.3.2-0.3mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-devel-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_autohost-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_ban-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_case-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_ctrls_admin-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_gss-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_ifsession-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_ldap-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_load-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_quotatab-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_quotatab_file-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_quotatab_ldap-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_quotatab_radius-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_quotatab_sql-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_radius-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_ratio-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_rewrite-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_shaper-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_site_misc-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_sql-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_sql_mysql-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_sql_postgres-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_time-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_tls-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_vroot-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_wrap-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_wrap_file-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"proftpd-mod_wrap_sql-1.3.2-0.4mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-devel-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_autohost-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_ban-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_case-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_ctrls_admin-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_gss-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_ifsession-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_ldap-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_load-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_quotatab-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_quotatab_file-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_quotatab_ldap-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_quotatab_radius-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_quotatab_sql-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_radius-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_ratio-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_rewrite-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_sftp-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_shaper-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_site_misc-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_sql-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_sql_mysql-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_sql_postgres-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_time-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_tls-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_vroot-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_wrap-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_wrap_file-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"proftpd-mod_wrap_sql-1.3.2-4.3mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-devel-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_autohost-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_ban-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_case-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_ctrls_admin-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_gss-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_ifsession-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_ldap-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_load-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_quotatab-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_quotatab_file-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_quotatab_ldap-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_quotatab_radius-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_quotatab_sql-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_radius-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_ratio-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_rewrite-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_sftp-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_shaper-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_site_misc-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_sql-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_sql_mysql-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_sql_postgres-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_time-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_tls-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_vroot-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_wrap-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_wrap_file-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"proftpd-mod_wrap_sql-1.3.2b-1.2mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "Nginx [engine x] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server written by Igor Sysoev. ", "cvss3": {}, "published": "2009-12-07T07:27:32", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: nginx-0.7.64-1.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896"], "modified": "2009-12-07T07:27:32", "id": "FEDORA:5502F10F89D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6OEYHK6QZUWZOMVCUFEOQ3RN5CHURPQV/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Nginx [engine x] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server written by Igor Sysoev. ", "cvss3": {}, "published": "2009-12-07T07:26:07", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: nginx-0.7.64-1.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896"], "modified": "2009-12-07T07:26:07", "id": "FEDORA:E042E10F89C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VS33IU77H6QKADIHHMDAPFAJZ3BPECCQ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Nginx [engine x] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server written by Igor Sysoev. ", "cvss3": {}, "published": "2009-09-15T20:59:51", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: nginx-0.7.62-1.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2629"], "modified": "2009-09-15T20:59:51", "id": "FEDORA:7B89910F87D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FNFUQU3GB35DECHCXRDO37QTLMV54BHA/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Nginx [engine x] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server written by Igor Sysoev. ", "cvss3": {}, "published": "2009-09-15T21:01:57", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: nginx-0.7.62-1.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2629"], "modified": "2009-09-15T21:01:57", "id": "FEDORA:300D410F886", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NAZEXWOBMMVKMJHP6IN567VASE7PSQLV/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Utilities for Network Security Services and the Softoken module ", "cvss3": {}, "published": "2009-12-10T04:13:15", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: nss-util