[SECURITY] Fedora 29 Update: python-urllib3-1.24.3-1.fc29

2019-06-13T01:38:45

Description

Python HTTP module with connection pooling and file POST abilities.

Affected Package

OS	OS Version	Package Name	Package Version
Fedora	29	python-urllib3	1.24.3

{"id": "FEDORA:3D5E8602DBD2", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 29 Update: python-urllib3-1.24.3-1.fc29", "description": "Python HTTP module with connection pooling and file POST abilities. ", "published": "2019-06-13T01:38:45", "modified": "2019-06-13T01:38:45", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2019-11236", "CVE-2019-9740"], "immutableFields": [], "lastseen": "2021-07-28T14:46:51", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:3335", "ALSA-2020:1605"]}, {"type": "amazon", "idList": ["ALAS-2019-1204", "ALAS-2019-1230", "ALAS-2019-1236", "ALAS-2019-1242", "ALAS-2019-1243", "ALAS-2019-1324", "ALAS-2020-1340", "ALAS-2020-1375", "ALAS-2020-1428", "ALAS-2020-1429", "ALAS2-2019-1247", "ALAS2-2020-1389", "ALAS2-2020-1413"]}, {"type": "centos", "idList": ["CESA-2019:2030", "CESA-2019:2272", "CESA-2020:0850", "CESA-2020:0851"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0388"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:EDF9B83EB83E197F691D5842752D4768"]}, {"type": "cve", "idList": ["CVE-2019-11236", "CVE-2019-18348", "CVE-2019-9740", "CVE-2019-9947"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1828-1:261F9", "DEBIAN:DLA-1834-1:7FA17", "DEBIAN:DLA-1835-1:96F0B", "DEBIAN:DLA-1835-2:87B43", "DEBIAN:DLA-2280-1:96280", "DEBIAN:DLA-2337-1:70801", "DEBIAN:DLA-2686-1:2EED1"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-11236", "DEBIANCVE:CVE-2019-18348", "DEBIANCVE:CVE-2019-9740", "DEBIANCVE:CVE-2019-9947"]}, {"type": "fedora", "idList": ["FEDORA:4B77660C7BDE", "FEDORA:82887605B464", "FEDORA:9848360648DC", "FEDORA:9F764605D68D", "FEDORA:AB30161793DD", "FEDORA:BF65760525B8", "FEDORA:D75236076D16", "FEDORA:DBDE4606041A", "FEDORA:EA23E62567AD", "FEDORA:F3F93606FD7F"]}, {"type": "freebsd", "idList": ["18ED9650-A1D6-11E9-9B17-FCAA147E860E", "87270BA5-03D3-11EA-B81F-3085A9A95629", "A449C604-A43A-11E9-B422-FCAA147E860E"]}, {"type": "gentoo", "idList": ["GLSA-202003-26"]}, {"type": "ibm", "idList": ["42199350A15ECD574A4263D0A6005F41F9E7F2D6CBDAFC538A9528C9803327A0", "58C1DFD540547AB60466B1F4F820D3217038C6F41CEA4FCA665F19DF97CB0815", "8B24753FF8758BF51E7C6001AC39E0EF90B14323A9756CCEF8AC68E99EF03367"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1247.NASL", "AL2_ALAS-2020-1389.NASL", "AL2_ALAS-2020-1413.NASL", "ALA_ALAS-2019-1204.NASL", "ALA_ALAS-2019-1230.NASL", "ALA_ALAS-2019-1236.NASL", "ALA_ALAS-2019-1242.NASL", "ALA_ALAS-2019-1243.NASL", "ALA_ALAS-2019-1324.NASL", "ALA_ALAS-2020-1340.NASL", "ALA_ALAS-2020-1428.NASL", "ALA_ALAS-2020-1429.NASL", "ANSIBLE_TOWER_3_5_1.NASL", "CENTOS8_RHSA-2019-3335.NASL", "CENTOS8_RHSA-2019-3520.NASL", "CENTOS8_RHSA-2019-3590.NASL", "CENTOS8_RHSA-2020-1605.NASL", "CENTOS8_RHSA-2020-1916.NASL", "CENTOS_RHSA-2019-2030.NASL", "CENTOS_RHSA-2019-2272.NASL", "CENTOS_RHSA-2020-0850.NASL", "CENTOS_RHSA-2020-0851.NASL", "DEBIAN_DLA-1828.NASL", "DEBIAN_DLA-1834.NASL", "DEBIAN_DLA-1835.NASL", "DEBIAN_DLA-2280.NASL", "DEBIAN_DLA-2337.NASL", "DEBIAN_DLA-2686.NASL", "EULEROS_SA-2019-1657.NASL", "EULEROS_SA-2019-1658.NASL", "EULEROS_SA-2019-2184.NASL", "EULEROS_SA-2019-2225.NASL", "EULEROS_SA-2019-2239.NASL", "EULEROS_SA-2019-2442.NASL", "EULEROS_SA-2019-2653.NASL", "EULEROS_SA-2020-1176.NASL", "EULEROS_SA-2020-1177.NASL", "EULEROS_SA-2020-1212.NASL", "EULEROS_SA-2020-1213.NASL", "EULEROS_SA-2020-1275.NASL", "EULEROS_SA-2020-1277.NASL", "EULEROS_SA-2020-1340.NASL", "EULEROS_SA-2020-1354.NASL", "EULEROS_SA-2020-1643.NASL", "FEDORA_2019-1FFD6B6064.NASL", "FEDORA_2019-20BC611B61.NASL", "FEDORA_2019-57462FA10D.NASL", "FEDORA_2019-7723D4774A.NASL", "FEDORA_2019-7DF59302E0.NASL", "FEDORA_2019-B06EC6159B.NASL", "FEDORA_2019-D202CDA4F8.NASL", "FEDORA_2019-EC26883852.NASL", "FEDORA_2019-FBDA9F1E49.NASL", "FEDORA_2020-6148C44137.NASL", "FEDORA_2020-D0D9AD17D8.NASL", "FREEBSD_PKG_18ED9650A1D611E99B17FCAA147E860E.NASL", "FREEBSD_PKG_87270BA503D311EAB81F3085A9A95629.NASL", "FREEBSD_PKG_A449C604A43A11E9B422FCAA147E860E.NASL", "GENTOO_GLSA-202003-26.NASL", "NEWSTART_CGSL_NS-SA-2019-0187_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2019-0199_PYTHON-URLLIB3.NASL", "NEWSTART_CGSL_NS-SA-2019-0229_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2019-0246_PYTHON-URLLIB3.NASL", "NEWSTART_CGSL_NS-SA-2020-0035_PYTHON-PIP.NASL", "NEWSTART_CGSL_NS-SA-2020-0044_PYTHON-VIRTUALENV.NASL", "NEWSTART_CGSL_NS-SA-2020-0112_PYTHON-PIP.NASL", "NEWSTART_CGSL_NS-SA-2020-0118_PYTHON-VIRTUALENV.NASL", "OPENSUSE-2019-2131.NASL", "OPENSUSE-2019-2133.NASL", "ORACLELINUX_ELSA-2020-0850.NASL", "ORACLELINUX_ELSA-2020-0851.NASL", "PHOTONOS_PHSA-2019-1_0-0236_PYTHON2.NASL", "PHOTONOS_PHSA-2019-1_0-0237_PYTHON2.NASL", "PHOTONOS_PHSA-2019-1_0-0237_PYTHON3.NASL", "PHOTONOS_PHSA-2021-2_0-0393_PYTHON.NASL", "PHOTONOS_PHSA-2021-3_0-0246_PYTHON.NASL", "REDHAT-RHSA-2019-2030.NASL", "REDHAT-RHSA-2019-2272.NASL", "REDHAT-RHSA-2019-3335.NASL", "REDHAT-RHSA-2019-3520.NASL", "REDHAT-RHSA-2019-3590.NASL", "REDHAT-RHSA-2020-0850.NASL", "REDHAT-RHSA-2020-0851.NASL", "REDHAT-RHSA-2020-1268.NASL", "REDHAT-RHSA-2020-1346.NASL", "REDHAT-RHSA-2020-1462.NASL", "REDHAT-RHSA-2020-1605.NASL", "REDHAT-RHSA-2020-1916.NASL", "REDHAT-RHSA-2020-2068.NASL", "REDHAT-RHSA-2020-2081.NASL", "SLACKWARE_SSA_2019-293-01.NASL", "SL_20190806_PYTHON_ON_SL7_X.NASL", "SL_20190806_PYTHON_URLLIB3_ON_SL7_X.NASL", "SL_20200317_PYTHON_PIP_ON_SL7_X.NASL", "SL_20200317_PYTHON_VIRTUALENV_ON_SL7_X.NASL", "SL_20200512_PYTHON_PIP_ON_SL7_X.NASL", "SL_20200512_PYTHON_VIRTUALENV_ON_SL7_X.NASL", "UBUNTU_USN-3990-1.NASL", "UBUNTU_USN-4127-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310844016", "OPENVAS:1361412562310844168", "OPENVAS:1361412562310852700", "OPENVAS:1361412562310852944", "OPENVAS:1361412562310876371", "OPENVAS:1361412562310876424", "OPENVAS:1361412562310876481", "OPENVAS:1361412562310876483", "OPENVAS:1361412562310876569", "OPENVAS:1361412562310876576", "OPENVAS:1361412562310876974", "OPENVAS:1361412562310876976", "OPENVAS:1361412562310877282", "OPENVAS:1361412562310877340", "OPENVAS:1361412562310877371", "OPENVAS:1361412562310883205", "OPENVAS:1361412562310883207", "OPENVAS:1361412562310891828", "OPENVAS:1361412562310891834", "OPENVAS:1361412562310891835", "OPENVAS:1361412562310892280", "OPENVAS:1361412562311220191657", "OPENVAS:1361412562311220191658", "OPENVAS:1361412562311220192184", "OPENVAS:1361412562311220192225", "OPENVAS:1361412562311220192239", "OPENVAS:1361412562311220192442", "OPENVAS:1361412562311220192653", "OPENVAS:1361412562311220201176", "OPENVAS:1361412562311220201177", "OPENVAS:1361412562311220201212", "OPENVAS:1361412562311220201213", "OPENVAS:1361412562311220201275", "OPENVAS:1361412562311220201277", "OPENVAS:1361412562311220201340", "OPENVAS:1361412562311220201354", "OPENVAS:1361412562311220201532", "OPENVAS:1361412562311220201643"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2030", "ELSA-2019-2272", "ELSA-2019-3335", "ELSA-2019-3520", "ELSA-2020-0850", "ELSA-2020-0851", "ELSA-2020-1605", "ELSA-2020-1916", "ELSA-2020-2068", "ELSA-2020-2081"]}, {"type": "photon", "idList": ["PHSA-2019-0016", "PHSA-2019-0161", "PHSA-2019-0237", "PHSA-2019-1.0-0237", "PHSA-2019-2.0-0161", "PHSA-2019-3.0-0016", "PHSA-2021-0246", "PHSA-2021-0393", "PHSA-2021-0442", "PHSA-2021-2.0-0393", "PHSA-2021-3.0-0246"]}, {"type": "redhat", "idList": ["RHSA-2019:1260", "RHSA-2019:2030", "RHSA-2019:2272", "RHSA-2019:3335", "RHSA-2019:3520", "RHSA-2019:3590", "RHSA-2019:3725", "RHSA-2020:0850", "RHSA-2020:0851", "RHSA-2020:1268", "RHSA-2020:1346", "RHSA-2020:1462", "RHSA-2020:1605", "RHSA-2020:1916", "RHSA-2020:2068", "RHSA-2020:2081", "RHSA-2020:3194", "RHSA-2020:4298"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-11236", "RH:CVE-2020-11078"]}, {"type": "slackware", "idList": ["SSA-2019-293-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2131-1", "OPENSUSE-SU-2019:2133-1"]}, {"type": "ubuntu", "idList": ["USN-3990-1", "USN-3990-2", "USN-4127-1", "USN-4127-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-11236", "UB:CVE-2019-9740"]}]}, "score": {"value": 6.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:3335", "ALSA-2020:1605"]}, {"type": "amazon", "idList": ["ALAS-2019-1204", "ALAS-2019-1230", "ALAS-2019-1236", "ALAS-2019-1242", "ALAS-2019-1243"]}, {"type": "centos", "idList": ["CESA-2019:2030", "CESA-2019:2272"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0388"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:EDF9B83EB83E197F691D5842752D4768"]}, {"type": "cve", "idList": ["CVE-2019-11236", "CVE-2019-9740"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1828-1:261F9", "DEBIAN:DLA-1834-1:7FA17", "DEBIAN:DLA-1835-1:96F0B", "DEBIAN:DLA-1835-2:87B43", "DEBIAN:DLA-2686-1:2EED1"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-11236", "DEBIANCVE:CVE-2019-9740"]}, {"type": "fedora", "idList": ["FEDORA:4B77660C7BDE", "FEDORA:82887605B464", "FEDORA:9848360648DC", "FEDORA:9F764605D68D", "FEDORA:AB30161793DD", "FEDORA:BF65760525B8", "FEDORA:D75236076D16", "FEDORA:DBDE4606041A", "FEDORA:EA23E62567AD", "FEDORA:F3F93606FD7F"]}, {"type": "freebsd", "idList": ["18ED9650-A1D6-11E9-9B17-FCAA147E860E", "A449C604-A43A-11E9-B422-FCAA147E860E"]}, {"type": "gentoo", "idList": ["GLSA-202003-26"]}, {"type": "ibm", "idList": ["42199350A15ECD574A4263D0A6005F41F9E7F2D6CBDAFC538A9528C9803327A0"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1247.NASL", "ALA_ALAS-2019-1204.NASL", "ALA_ALAS-2019-1230.NASL", "ALA_ALAS-2019-1236.NASL", "ALA_ALAS-2019-1242.NASL", "ALA_ALAS-2019-1243.NASL", "ANSIBLE_TOWER_3_5_1.NASL", "CENTOS_RHSA-2019-2030.NASL", "CENTOS_RHSA-2019-2272.NASL", "DEBIAN_DLA-1828.NASL", "DEBIAN_DLA-1834.NASL", "DEBIAN_DLA-1835.NASL", "DEBIAN_DLA-2686.NASL", "EULEROS_SA-2019-1657.NASL", "EULEROS_SA-2019-1658.NASL", "EULEROS_SA-2020-1176.NASL", "EULEROS_SA-2020-1177.NASL", "EULEROS_SA-2020-1212.NASL", "EULEROS_SA-2020-1213.NASL", "FEDORA_2019-1FFD6B6064.NASL", "FEDORA_2019-20BC611B61.NASL", "FEDORA_2019-7723D4774A.NASL", "FEDORA_2019-7DF59302E0.NASL", "FEDORA_2019-EC26883852.NASL", "FEDORA_2019-FBDA9F1E49.NASL", "FREEBSD_PKG_18ED9650A1D611E99B17FCAA147E860E.NASL", "FREEBSD_PKG_A449C604A43A11E9B422FCAA147E860E.NASL", "GENTOO_GLSA-202003-26.NASL", "NEWSTART_CGSL_NS-SA-2019-0187_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2019-0199_PYTHON-URLLIB3.NASL", "OPENSUSE-2019-2131.NASL", "OPENSUSE-2019-2133.NASL", "PHOTONOS_PHSA-2019-1_0-0236_PYTHON2.NASL", "PHOTONOS_PHSA-2019-1_0-0237_PYTHON2.NASL", "PHOTONOS_PHSA-2019-1_0-0237_PYTHON3.NASL", "PHOTONOS_PHSA-2021-2_0-0393_PYTHON.NASL", "PHOTONOS_PHSA-2021-3_0-0246_PYTHON.NASL", "REDHAT-RHSA-2019-2030.NASL", "REDHAT-RHSA-2019-2272.NASL", "REDHAT-RHSA-2020-0851.NASL", "SLACKWARE_SSA_2019-293-01.NASL", "SL_20190806_PYTHON_ON_SL7_X.NASL", "SL_20190806_PYTHON_URLLIB3_ON_SL7_X.NASL", "SL_20200317_PYTHON_PIP_ON_SL7_X.NASL", "SL_20200317_PYTHON_VIRTUALENV_ON_SL7_X.NASL", "UBUNTU_USN-3990-1.NASL", "UBUNTU_USN-4127-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310844016", "OPENVAS:1361412562310844168", "OPENVAS:1361412562310852700", "OPENVAS:1361412562310876371", "OPENVAS:1361412562310876424", "OPENVAS:1361412562310876481", "OPENVAS:1361412562310876483", "OPENVAS:1361412562310876569", "OPENVAS:1361412562310876576", "OPENVAS:1361412562310891828", "OPENVAS:1361412562310891834", "OPENVAS:1361412562310891835", "OPENVAS:1361412562311220201176", "OPENVAS:1361412562311220201177", "OPENVAS:1361412562311220201212", "OPENVAS:1361412562311220201213"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2030", "ELSA-2019-2272", "ELSA-2020-0850", "ELSA-2020-0851"]}, {"type": "photon", "idList": ["PHSA-2019-1.0-0237", "PHSA-2019-2.0-0161", "PHSA-2019-3.0-0016", "PHSA-2021-2.0-0393", "PHSA-2021-3.0-0246"]}, {"type": "redhat", "idList": ["RHSA-2019:3590"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-11078"]}, {"type": "slackware", "idList": ["SSA-2019-293-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2131-1", "OPENSUSE-SU-2019:2133-1"]}, {"type": "ubuntu", "idList": ["USN-3990-1", "USN-3990-2", "USN-4127-1", "USN-4127-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-11236", "UB:CVE-2019-9740"]}]}, "exploitation": null, "vulnersScore": 6.8}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "29", "arch": "any", "packageVersion": "1.24.3", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "python-urllib3"}]}

{"fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "Python HTTP module with connection pooling and file POST abilities. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2019-06-12T14:48:30", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: python-urllib3-1.24.3-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11236", "CVE-2019-9740"], "modified": "2019-06-12T14:48:30", "id": "FEDORA:AB30161793DD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "pip is a package management system used to install and manage software pack ages written in Python. Many packages can be found in the Python Package Index (PyPI). pip is a recursive acronym that can stand for either \"Pip Installs Packages\" or \"Pip Installs Python\". ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2020-01-08T11:55:39", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: python-pip-19.1.1-7.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324"], "modified": "2020-01-08T11:55:39", "id": "FEDORA:D75236076D16", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "pip is a package management system used to install and manage software pack ages written in Python. Many packages can be found in the Python Package Index (PyPI). pip is a recursive acronym that can stand for either \"Pip Installs Packages\" or \"Pip Installs Python\". ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2020-01-20T03:19:41", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: python-pip-19.0.3-6.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324"], "modified": "2020-01-20T03:19:41", "id": "FEDORA:82887605B464", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the \"python3\" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3-libs packag e, which should be installed automatically along with python3. The remaining parts of the Python standard library are broken out into the python3-tkinter and python3-test packages, which may need to be installed separately. Documentation for Python is provided in the python3-docs package. Packages containing additional libraries for Python are generally named with the \"python3-\" prefix. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-17T01:08:18", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: python3-3.7.3-3.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947"], "modified": "2019-05-17T01:08:18", "id": "FEDORA:4B77660C7BDE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software Collections or older Fedora releases. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-12T00:59:43", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: python36-3.6.9-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10160", "CVE-2019-9636", "CVE-2019-9740"], "modified": "2019-07-12T00:59:43", "id": "FEDORA:EA23E62567AD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the \"python3\" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3-libs packag e, which should be installed automatically along with python3. The remaining parts of the Python standard library are broken out into the python3-tkinter and python3-test packages, which may need to be installed separately. Documentation for Python is provided in the python3-docs package. Packages containing additional libraries for Python are generally named with the \"python3-\" prefix. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-27T03:24:11", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: python3-3.7.3-3.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5010", "CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947"], "modified": "2019-05-27T03:24:11", "id": "FEDORA:F3F93606FD7F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software Collections or older Fedora releases. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-12T06:18:09", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: python36-3.6.9-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14647", "CVE-2019-10160", "CVE-2019-5010", "CVE-2019-9636", "CVE-2019-9740"], "modified": "2019-07-12T06:18:09", "id": "FEDORA:DBDE4606041A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Python 3.5 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.5, see other distributions that support it, such as CentOS or RHEL with Software Collections or older Fedora releases. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-11-09T22:40:00", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: python35-3.5.8-2.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10160", "CVE-2019-16056", "CVE-2019-16935", "CVE-2019-18348", "CVE-2019-9636", "CVE-2019-9740"], "modified": "2019-11-09T22:40:00", "id": "FEDORA:BF65760525B8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Python 3.5 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.5, see other distributions that support it, such as CentOS or RHEL with Software Collections or older Fedora releases. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-11-11T01:06:32", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: python35-3.5.8-2.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10160", "CVE-2019-16056", "CVE-2019-16935", "CVE-2019-18348", "CVE-2019-9636", "CVE-2019-9740"], "modified": "2019-11-11T01:06:32", "id": "FEDORA:9848360648DC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2019-06-14T12:42:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-13T00:00:00", "type": "openvas", "title": "Fedora Update for python-urllib3 FEDORA-2019-fbda9f1e49", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-9740"], "modified": "2019-06-13T00:00:00", "id": "OPENVAS:1361412562310876481", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876481", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876481\");\n script_version(\"2019-06-13T11:51:34+0000\");\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-06-13 11:51:34 +0000 (Thu, 13 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-06-13 02:13:08 +0000 (Thu, 13 Jun 2019)\");\n script_name(\"Fedora Update for python-urllib3 FEDORA-2019-fbda9f1e49\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-fbda9f1e49\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-urllib3'\n package(s) announced via the FEDORA-2019-fbda9f1e49 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python HTTP module with connection pooling and file POST abilities.\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-urllib3\", rpm:\"python-urllib3~1.24.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-17T15:52:47", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1643)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-9740"], "modified": "2020-06-16T00:00:00", "id": "OPENVAS:1361412562311220201643", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201643", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1643\");\n script_version(\"2020-06-16T05:47:50+0000\");\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-9740\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-16 05:47:50 +0000 (Tue, 16 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-16 05:47:50 +0000 (Tue, 16 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1643)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1643\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1643\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-urllib3' package(s) announced via the EulerOS-SA-2020-1643 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.(CVE-2019-9740)\n\nIn the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-urllib3\", rpm:\"python-urllib3~1.15.1~2.h5\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-06-14T12:42:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-13T00:00:00", "type": "openvas", "title": "Fedora Update for python-urllib3 FEDORA-2019-20bc611b61", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-9740"], "modified": "2019-06-13T00:00:00", "id": "OPENVAS:1361412562310876483", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876483", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876483\");\n script_version(\"2019-06-13T11:51:34+0000\");\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-06-13 11:51:34 +0000 (Thu, 13 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-06-13 02:13:11 +0000 (Thu, 13 Jun 2019)\");\n script_name(\"Fedora Update for python-urllib3 FEDORA-2019-20bc611b61\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-20bc611b61\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-urllib3'\n package(s) announced via the FEDORA-2019-20bc611b61 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python HTTP module with connection pooling and file POST abilities.\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-urllib3\", rpm:\"python-urllib3~1.24.3~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-31T16:29:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for python-urllib3 (openSUSE-SU-2019:2133-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11324", "CVE-2019-11236", "CVE-2019-9740"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852944", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852944", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852944\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\", \"CVE-2019-9740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:46:58 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for python-urllib3 (openSUSE-SU-2019:2133-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2133-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-urllib3'\n package(s) announced via the openSUSE-SU-2019:2133-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for python-urllib3 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9740: Fixed CRLF injection issue (bsc#1129071).\n\n - CVE-2019-11324: Fixed invalid CA certificate verification (bsc#1132900).\n\n - CVE-2019-11236: Fixed CRLF injection via request parameter (bsc#1132663).\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2133=1\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-urllib3\", rpm:\"python2-urllib3~1.24~lp151.2.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-urllib3-test\", rpm:\"python2-urllib3-test~1.24~lp151.2.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-urllib3\", rpm:\"python3-urllib3~1.24~lp151.2.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-urllib3-test\", rpm:\"python3-urllib3-test~1.24~lp151.2.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:35:55", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2019-2239)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236", "CVE-2019-9740"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192239", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192239", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2239\");\n script_version(\"2020-01-23T12:42:34+0000\");\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\", \"CVE-2019-9740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:42:34 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:42:34 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2019-2239)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2239\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2239\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-urllib3' package(s) announced via the EulerOS-SA-2019-2239 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\nAn issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.(CVE-2019-9740)\n\nurllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.(CVE-2018-20060)\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-urllib3\", rpm:\"python-urllib3~1.10.2~2.h2\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-31T16:53:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-15T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for python-urllib3 (openSUSE-SU-2019:2131-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11324", "CVE-2019-11236", "CVE-2019-9740"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852700", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852700", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852700\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\", \"CVE-2019-11324\", \"CVE-2019-9740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-15 02:00:37 +0000 (Sun, 15 Sep 2019)\");\n script_name(\"openSUSE: Security Advisory for python-urllib3 (openSUSE-SU-2019:2131-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2131-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-urllib3'\n package(s) announced via the openSUSE-SU-2019:2131-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for python-urllib3 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9740: Fixed CRLF injection issue (bsc#1129071).\n\n - CVE-2019-11324: Fixed invalid CA certificate verification (bsc#1132900).\n\n - CVE-2019-11236: Fixed CRLF injection via request parameter (bsc#1132663).\n\n - CVE-2018-20060: Remove Authorization header when redirecting cross-host\n (bsc#1119376).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2131=1\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-urllib3\", rpm:\"python2-urllib3~1.22~lp150.5.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-urllib3\", rpm:\"python3-urllib3~1.22~lp150.5.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:41:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2019-1657)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191657", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191657", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1657\");\n script_version(\"2020-01-23T12:19:11+0000\");\n script_cve_id(\"CVE-2019-9740\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:19:11 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:19:11 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2019-1657)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1657\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1657\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python2' package(s) announced via the EulerOS-SA-2019-1657 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.(CVE-2019-9740)\");\n\n script_tag(name:\"affected\", value:\"'python2' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-unversioned-command\", rpm:\"python-unversioned-command~2.7.15~10.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2\", rpm:\"python2~2.7.15~10.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-devel\", rpm:\"python2-devel~2.7.15~10.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-libs\", rpm:\"python2-libs~2.7.15~10.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-23T14:58:28", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-19T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1277)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2020-03-19T00:00:00", "id": "OPENVAS:1361412562311220201277", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201277", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1277\");\n script_version(\"2020-03-19T13:43:31+0000\");\n script_cve_id(\"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-19 13:43:31 +0000 (Thu, 19 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-19 13:43:31 +0000 (Thu, 19 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1277)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1277\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1277\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-urllib3' package(s) announced via the EulerOS-SA-2020-1277 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-urllib3\", rpm:\"python-urllib3~1.10.2~2.h2\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:37:16", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2019-2184)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192184", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192184", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2184\");\n script_version(\"2020-01-23T12:37:42+0000\");\n script_cve_id(\"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:37:42 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:37:42 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2019-2184)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2184\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2184\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-urllib3' package(s) announced via the EulerOS-SA-2019-2184 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-urllib3\", rpm:\"python-urllib3~1.10.2~2.h3.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-03T17:08:46", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-01T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1340)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2020-04-01T00:00:00", "id": "OPENVAS:1361412562311220201340", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201340", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1340\");\n script_version(\"2020-04-01T13:54:02+0000\");\n script_cve_id(\"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-04-01 13:54:02 +0000 (Wed, 01 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-01 13:54:02 +0000 (Wed, 01 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1340)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1340\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1340\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-urllib3' package(s) announced via the EulerOS-SA-2020-1340 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-urllib3\", rpm:\"python2-urllib3~1.23~4.h4.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-14T16:49:05", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-13T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1213)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201213", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201213", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1213\");\n script_version(\"2020-03-13T07:15:12+0000\");\n script_cve_id(\"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:15:12 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:15:12 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1213)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1213\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1213\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-urllib3' package(s) announced via the EulerOS-SA-2020-1213 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-urllib3\", rpm:\"python-urllib3~1.10.2~2.h3\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-29T19:30:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-21T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for python-urllib3 (DLA-1828-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891828", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891828", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891828\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-21 02:00:07 +0000 (Fri, 21 Jun 2019)\");\n script_name(\"Debian LTS: Security Advisory for python-urllib3 (DLA-1828-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/06/msg00016.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1828-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/927172\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-urllib3'\n package(s) announced via the DLA-1828-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A vulnerability was discovered in python-urllib3, an HTTP library with\n thread-safe connection pooling, whereby an attacker can inject CRLF\n characters in the request parameter.\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', this problem has been fixed in version\n 1.9.1-3+deb8u1.\n\n We recommend that you upgrade your python-urllib3 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"python-urllib3\", ver:\"1.9.1-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-urllib3-whl\", ver:\"1.9.1-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3-urllib3\", ver:\"1.9.1-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-02-26T20:47:30", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-02-25T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1177)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2020-02-25T00:00:00", "id": "OPENVAS:1361412562311220201177", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201177", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1177\");\n script_version(\"2020-02-25T13:58:03+0000\");\n script_cve_id(\"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-25 13:58:03 +0000 (Tue, 25 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-25 13:58:03 +0000 (Tue, 25 Feb 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1177)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1177\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1177\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-urllib3' package(s) announced via the EulerOS-SA-2020-1177 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-urllib3\", rpm:\"python2-urllib3~1.23~4.h4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-urllib3\", rpm:\"python3-urllib3~1.23~4.h4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:37:18", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2019-1658)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740", "CVE-2019-9947"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191658", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191658", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1658\");\n script_version(\"2020-01-23T12:19:12+0000\");\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-9947\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:19:12 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:19:12 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2019-1658)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1658\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1658\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python3' package(s) announced via the EulerOS-SA-2019-1658 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.(CVE-2019-9740)\n\n An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue.(CVE-2019-9947)\");\n\n script_tag(name:\"affected\", value:\"'python3' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python3\", rpm:\"python3~3.7.0~9.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-libs\", rpm:\"python3-libs~3.7.0~9.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-test\", rpm:\"python3-test~3.7.0~9.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-02-26T20:50:17", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-02-25T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2020-1176)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11324", "CVE-2019-11236"], "modified": "2020-02-25T00:00:00", "id": "OPENVAS:1361412562311220201176", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201176", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1176\");\n script_version(\"2020-02-25T13:58:01+0000\");\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-25 13:58:01 +0000 (Tue, 25 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-25 13:58:01 +0000 (Tue, 25 Feb 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2020-1176)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1176\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1176\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-pip' package(s) announced via the EulerOS-SA-2020-1176 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.(CVE-2019-11324)\n\nIn the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\");\n\n script_tag(name:\"affected\", value:\"'python-pip' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-pip-wheel\", rpm:\"python-pip-wheel~18.0~4.h7.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-pip\", rpm:\"python2-pip~18.0~4.h7.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-pip\", rpm:\"python3-pip~18.0~4.h7.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-03T17:09:18", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-01T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2020-1354)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11324", "CVE-2019-11236"], "modified": "2020-04-01T00:00:00", "id": "OPENVAS:1361412562311220201354", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201354", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1354\");\n script_version(\"2020-04-01T13:54:42+0000\");\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-04-01 13:54:42 +0000 (Wed, 01 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-01 13:54:42 +0000 (Wed, 01 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2020-1354)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1354\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1354\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-pip' package(s) announced via the EulerOS-SA-2020-1354 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\nThe urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.(CVE-2019-11324)\");\n\n script_tag(name:\"affected\", value:\"'python-pip' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-pip-wheel\", rpm:\"python-pip-wheel~18.0~4.h7.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-14T14:48:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for python-pip FEDORA-2020-6148c44137", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11324", "CVE-2019-11236"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877340", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877340", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877340\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-11324\", \"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 11:05:45 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for python-pip FEDORA-2020-6148c44137\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-6148c44137\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-pip'\n package(s) announced via the FEDORA-2020-6148c44137 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"pip is a package management system used to install and manage software packages\nwritten in Python. Many packages can be found in the Python Package Index\n(PyPI). pip is a recursive acronym that can stand for either 'Pip Installs\nPackages' or 'Pip Installs Python'.\");\n\n script_tag(name:\"affected\", value:\"'python-pip' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-pip\", rpm:\"python-pip~19.1.1~7.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-29T18:33:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-27T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for python-pip (FEDORA-2020-d0d9ad17d8)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11324", "CVE-2019-11236"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310877371", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877371", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877371\");\n script_version(\"2020-01-28T10:45:23+0000\");\n script_cve_id(\"CVE-2019-11324\", \"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 10:45:23 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-27 09:25:01 +0000 (Mon, 27 Jan 2020)\");\n script_name(\"Fedora: Security Advisory for python-pip (FEDORA-2020-d0d9ad17d8)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-d0d9ad17d8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-pip'\n package(s) announced via the FEDORA-2020-d0d9ad17d8 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"pip is a package management system used to install and manage software packages\nwritten in Python. Many packages can be found in the Python Package Index\n(PyPI). pip is a recursive acronym that can stand for either 'Pip Installs\nPackages' or 'Pip Installs Python'.\");\n\n script_tag(name:\"affected\", value:\"'python-pip' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-pip\", rpm:\"python-pip~19.0.3~6.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-17T00:00:00", "type": "openvas", "title": "Fedora Update for python3 FEDORA-2019-1ffd6b6064", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310876371", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876371", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876371\");\n script_version(\"2019-05-17T10:04:07+0000\");\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-9947\", \"CVE-2019-9636\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:04:07 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-17 02:12:18 +0000 (Fri, 17 May 2019)\");\n script_name(\"Fedora Update for python3 FEDORA-2019-1ffd6b6064\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1ffd6b6064\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python3'\n package(s) announced via the FEDORA-2019-1ffd6b6064 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python is an accessible, high-level, dynamically typed, interpreted programming\nlanguage, designed with an emphasis on code readability.\nIt includes an extensive standard library, and has a vast ecosystem of\nthird-party libraries.\n\nThe python3 package provides the 'python3' executable: the reference\ninterpreter for the Python language, version 3.\nThe majority of its standard library is provided in the python3-libs package,\nwhich should be installed automatically along with python3.\nThe remaining parts of the Python standard library are broken out into the\npython3-tkinter and python3-test packages, which may need to be installed\nseparately.\n\nDocumentation for Python is provided in the python3-docs package.\n\nPackages containing additional libraries for Python are generally named with\nthe 'python3-' prefix.\");\n\n script_tag(name:\"affected\", value:\"'python3' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python3\", rpm:\"python3~3.7.3~3.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-07-19T21:44:18", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-07-13T00:00:00", "type": "openvas", "title": "Fedora Update for python36 FEDORA-2019-7723d4774a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2019-10160"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310876569", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876569", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876569\");\n script_version(\"2019-07-17T08:19:47+0000\");\n script_cve_id(\"CVE-2019-9636\", \"CVE-2019-9740\", \"CVE-2019-10160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:19:47 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-07-13 02:14:27 +0000 (Sat, 13 Jul 2019)\");\n script_name(\"Fedora Update for python36 FEDORA-2019-7723d4774a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-7723d4774a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'python36' package(s) announced via the FEDORA-2019-7723d4774a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python 3.6 package for developers.\n\nThis package exists to allow developers to test their code against an older\nversion of Python. This is not a full Python stack and if you wish to run\nyour applications with Python 3.6, see other distributions\nthat support it, such as CentOS or RHEL with Software Collections\nor older Fedora releases.\");\n\n script_tag(name:\"affected\", value:\"'python36' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python36\", rpm:\"python36~3.6.9~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-06-05T01:41:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for python-urllib3 USN-3990-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11324", "CVE-2019-11236"], "modified": "2019-05-31T00:00:00", "id": "OPENVAS:1361412562310844016", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844016", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844016\");\n script_version(\"2019-05-31T13:18:49+0000\");\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\", \"CVE-2019-11324\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-31 13:18:49 +0000 (Fri, 31 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-22 02:00:47 +0000 (Wed, 22 May 2019)\");\n script_name(\"Ubuntu Update for python-urllib3 USN-3990-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.10|UBUNTU19\\.04|UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3990-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-May/004909.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-urllib3'\n package(s) announced via the USN-3990-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that urllib3 incorrectly removed Authorization HTTP\nheaders when handled cross-origin redirects. This could result in\ncredentials being sent to unintended hosts. This issue only affected Ubuntu\n16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-20060)\n\nIt was discovered that urllib3 incorrectly stripped certain characters from\nrequests. A remote attacker could use this issue to perform CRLF injection.\n(CVE-2019-11236)\n\nIt was discovered that urllib3 incorrectly handled situations where a\ndesired set of CA certificates were specified. This could result in\ncertificates being accepted by the default CA certificates contrary to\nexpectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and\nUbuntu 19.04. (CVE-2019-11324)\");\n\n script_tag(name:\"affected\", value:\"'python-urllib3' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-urllib3\", ver:\"1.22-1ubuntu0.18.10.1\", rls:\"UBUNTU18.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-urllib3\", ver:\"1.22-1ubuntu0.18.10.1\", rls:\"UBUNTU18.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-urllib3\", ver:\"1.24.1-1ubuntu0.1\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-urllib3\", ver:\"1.24.1-1ubuntu0.1\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-urllib3\", ver:\"1.22-1ubuntu0.18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-urllib3\", ver:\"1.22-1ubuntu0.18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-urllib3\", ver:\"1.13.1-2ubuntu0.16.04.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-urllib3\", ver:\"1.13.1-2ubuntu0.16.04.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-06-08T21:53:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-26T00:00:00", "type": "openvas", "title": "CentOS: Security Advisory for python-virtualenv (CESA-2020:0851)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236", "CVE-2018-18074"], "modified": "2020-06-05T00:00:00", "id": "OPENVAS:1361412562310883205", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883205", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883205\");\n script_version(\"2020-06-05T06:49:56+0000\");\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-05 06:49:56 +0000 (Fri, 05 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-26 04:01:03 +0000 (Thu, 26 Mar 2020)\");\n script_name(\"CentOS: Security Advisory for python-virtualenv (CESA-2020:0851)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2020:0851\");\n script_xref(name:\"URL\", value:\"https://lists.centos.org/pipermail/centos-announce/2020-March/035680.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-virtualenv'\n package(s) announced via the CESA-2020:0851 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The virtualenv tool creates isolated Python environments. The virtualenv\ntool is a successor to workingenv, and an extension of virtual-python.\n\nSecurity Fix(es):\n\n * python-urllib3: Cross-host redirect does not remove Authorization header\nallow for credential exposure (CVE-2018-20060)\n\n * python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence\nleading to possible attack on internal service (CVE-2019-11236)\n\n * python-requests: Redirect from HTTPS to HTTP does not remove\nAuthorization header (CVE-2018-18074)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\");\n\n script_tag(name:\"affected\", value:\"'python-virtualenv' package(s) on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-virtualenv\", rpm:\"python-virtualenv~15.1.0~4.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-29T19:29:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-26T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for python3.4 (DLA-1835-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947", "CVE-2018-14647"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891835", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891835", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891835\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-14647\", \"CVE-2019-9636\", \"CVE-2019-9740\", \"CVE-2019-9947\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-26 02:00:25 +0000 (Wed, 26 Jun 2019)\");\n script_name(\"Debian LTS: Security Advisory for python3.4 (DLA-1835-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1835-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/921039\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/924072\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python3.4'\n package(s) announced via the DLA-1835-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were discovered in Python, an interactive\nhigh-level object-oriented language, including\n\nCVE-2018-14647\n\nPython's elementtree C accelerator failed to initialise Expat's hash\nsalt during initialization. This could make it easy to conduct\ndenial of service attacks against Expat by constructing an XML\ndocument that would cause pathological hash collisions in Expat's\ninternal data structures, consuming large amounts CPU and RAM.\n\nCVE-2019-9636\n\nImproper Handling of Unicode Encoding (with an incorrect netloc)\nduring NFKC normalization resulting in information disclosure\n(credentials, cookies, etc. that are cached against a given\nhostname). A specially crafted URL could be incorrectly parsed to\nlocate cookies or authentication data and send that information to\na different host than when parsed correctly.\n\nCVE-2019-9740\n\nAn issue was discovered in urllib where CRLF injection is possible\nif the attacker controls a url parameter, as demonstrated by the\nfirst argument to urllib.request.urlopen with \\r\\n (specifically in\nthe query string after a ? character) followed by an HTTP header or\na Redis command.\n\nCVE-2019-9947\n\nAn issue was discovered in urllib where CRLF injection is possible\nif the attacker controls a url parameter, as demonstrated by the\nfirst argument to urllib.request.urlopen with \\r\\n (specifically in\nthe path component of a URL that lacks a ? character) followed by an\nHTTP header or a Redis command. This is similar to the CVE-2019-9740\nquery string issue.\");\n\n script_tag(name:\"affected\", value:\"'python3.4' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n3.4.2-1+deb8u3.\n\nWe recommend that you upgrade your python3.4 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"idle-python3.4\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpython3.4\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpython3.4-dbg\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpython3.4-dev\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpython3.4-minimal\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpython3.4-stdlib\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpython3.4-testsuite\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3.4\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3.4-dbg\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3.4-dev\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3.4-doc\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3.4-examples\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3.4-minimal\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3.4-venv\", ver:\"3.4.2-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-07T14:13:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-28T00:00:00", "type": "openvas", "title": "Fedora Update for python3 FEDORA-2019-ec26883852", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947", "CVE-2019-5010"], "modified": "2019-05-31T00:00:00", "id": "OPENVAS:1361412562310876424", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876424", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876424\");\n script_version(\"2019-05-31T13:18:49+0000\");\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-9947\", \"CVE-2019-9636\", \"CVE-2019-5010\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-31 13:18:49 +0000 (Fri, 31 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-28 02:12:06 +0000 (Tue, 28 May 2019)\");\n script_name(\"Fedora Update for python3 FEDORA-2019-ec26883852\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-ec26883852\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python3'\n package(s) announced via the FEDORA-2019-ec26883852 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python is an accessible, high-level, dynamically typed, interpreted programming\nlanguage, designed with an emphasis on code readability.\nIt includes an extensive standard library, and has a vast ecosystem of\nthird-party libraries.\n\nThe python3 package provides the 'python3' executable: the reference\ninterpreter for the Python language, version 3.\nThe majority of its standard library is provided in the python3-libs package,\nwhich should be installed automatically along with python3.\nThe remaining parts of the Python standard library are broken out into the\npython3-tkinter and python3-test packages, which may need to be installed\nseparately.\n\nDocumentation for Python is provided in the python3-docs package.\n\nPackages containing additional libraries for Python are generally named with\nthe 'python3-' prefix.\");\n\n script_tag(name:\"affected\", value:\"'python3' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python3\", rpm:\"python3~3.7.3~3.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-08T21:54:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-26T00:00:00", "type": "openvas", "title": "CentOS: Security Advisory for python3-pip (CESA-2020:0850)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11324", "CVE-2019-11236", "CVE-2018-18074"], "modified": "2020-06-05T00:00:00", "id": "OPENVAS:1361412562310883207", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883207", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883207\");\n script_version(\"2020-06-05T06:49:56+0000\");\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\", \"CVE-2019-11324\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-05 06:49:56 +0000 (Fri, 05 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-26 04:01:07 +0000 (Thu, 26 Mar 2020)\");\n script_name(\"CentOS: Security Advisory for python3-pip (CESA-2020:0850)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2020:0850\");\n script_xref(name:\"URL\", value:\"https://lists.centos.org/pipermail/centos-announce/2020-March/035663.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python3-pip'\n package(s) announced via the CESA-2020:0850 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"TODO: add package description\n\nSecurity Fix(es):\n\n * python-urllib3: Cross-host redirect does not remove Authorization header\nallow for credential exposure (CVE-2018-20060)\n\n * python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence\nleading to possible attack on internal service (CVE-2019-11236)\n\n * python-urllib3: Certification mishandle when error should be thrown\n(CVE-2019-11324)\n\n * python-requests: Redirect from HTTPS to HTTP does not remove\nAuthorization header (CVE-2018-18074)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\");\n\n script_tag(name:\"affected\", value:\"'python3-pip' package(s) on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-pip\", rpm:\"python3-pip~9.0.3~7.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-pip\", rpm:\"python-pip~9.0.3~7.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-07-19T21:44:18", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-07-13T00:00:00", "type": "openvas", "title": "Fedora Update for python36 FEDORA-2019-7df59302e0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2018-14647", "CVE-2019-5010", "CVE-2019-10160"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310876576", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876576", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876576\");\n script_version(\"2019-07-17T08:19:47+0000\");\n script_cve_id(\"CVE-2019-9636\", \"CVE-2019-9740\", \"CVE-2019-10160\", \"CVE-2019-5010\", \"CVE-2018-14647\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:19:47 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-07-13 02:14:38 +0000 (Sat, 13 Jul 2019)\");\n script_name(\"Fedora Update for python36 FEDORA-2019-7df59302e0\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-7df59302e0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'python36' package(s) announced via the FEDORA-2019-7df59302e0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python 3.6 package for developers.\n\nThis package exists to allow developers to test their code against an older\nversion of Python. This is not a full Python stack and if you wish to run\nyour applications with Python 3.6, see other distributions\nthat support it, such as CentOS or RHEL with Software Collections\nor older Fedora releases.\");\n\n script_tag(name:\"affected\", value:\"'python36' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python36\", rpm:\"python36~3.6.9~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-14T14:48:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for python35 FEDORA-2019-57462fa10d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16935", "CVE-2019-18348", "CVE-2019-9636", "CVE-2019-16056", "CVE-2019-9740", "CVE-2019-10160"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877282", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877282", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877282\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-10160\", \"CVE-2019-16935\", \"CVE-2019-18348\", \"CVE-2019-16056\", \"CVE-2019-9636\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:35:52 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for python35 FEDORA-2019-57462fa10d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-57462fa10d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python35'\n package(s) announced via the FEDORA-2019-57462fa10d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python 3.5 package for developers.\n\nThis package exists to allow developers to test their code against an older\nversion of Python. This is not a full Python stack and if you wish to run\nyour applications with Python 3.5, see other distributions\nthat support it, such as CentOS or RHEL with Software Collections\nor older Fedora releases.\");\n\n script_tag(name:\"affected\", value:\"'python35' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python35\", rpm:\"python35~3.5.8~2.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:36:41", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python (EulerOS-SA-2019-2442)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16935", "CVE-2019-17514", "CVE-2019-16056", "CVE-2018-20852", "CVE-2019-9740", "CVE-2019-11340"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192442", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192442", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2442\");\n script_version(\"2020-01-23T15:42:05+0000\");\n script_cve_id(\"CVE-2018-20852\", \"CVE-2019-16056\", \"CVE-2019-16935\", \"CVE-2019-17514\", \"CVE-2019-9740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:42:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:57:53 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python (EulerOS-SA-2019-2442)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2442\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2442\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python' package(s) announced via the EulerOS-SA-2019-2442 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that security-relevant code elsewhere is affected. This issue is not a Python implementation bug, and there are no reports that NMR researchers were specifically relying on library/glob.html. In other words, because the older documentation stated 'finds all the pathnames matching a specified pattern according to the rules used by the Unix shell, ' one might have incorrectly inferred that the sorting that occurs in a Unix shell also occurred for glob.glob. There is a workaround in newer versions of Willoughby nmr-data_compilation-p2.py and nmr-data_compilation-p3.py, which call sort() directly.(CVE-2019-17514)\n\nThe documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.(CVE-2019-16935)\n\nAn issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.(CVE-2019-9740)\n\nAn issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340, however, this CVE applies to Python more generally.(CVE-2019-16056)\n\nhttp.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-cont ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'python' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.5~58.h20\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.7.5~58.h20\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.7.5~58.h20\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.7.5~58.h20\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-23T14:56:49", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-19T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python (EulerOS-SA-2020-1275)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16935", "CVE-2019-17514", "CVE-2019-16056", "CVE-2019-9740", "CVE-2019-9947", "CVE-2019-11340"], "modified": "2020-03-19T00:00:00", "id": "OPENVAS:1361412562311220201275", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201275", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1275\");\n script_version(\"2020-03-19T13:43:26+0000\");\n script_cve_id(\"CVE-2019-16056\", \"CVE-2019-16935\", \"CVE-2019-17514\", \"CVE-2019-9740\", \"CVE-2019-9947\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-19 13:43:26 +0000 (Thu, 19 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-19 13:43:26 +0000 (Thu, 19 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python (EulerOS-SA-2020-1275)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1275\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1275\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python' package(s) announced via the EulerOS-SA-2020-1275 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340, however, this CVE applies to Python more generally.(CVE-2019-16056)\n\nAn issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue.(CVE-2019-9947)\n\nAn issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.(CVE-2019-9740)\n\nThe documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.(CVE-2019-16935)\n\nlibrary/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that security-relevant code elsewhere is affected. This issue is not a Python implementation bug, and there are no reports that NMR researchers were specifically relying on library/glob.html. In other words, because the older documentation stated 'finds all the pathnames matching a specified pattern according to the rules used by the Unix shell' one might have incorrectly inferred that the sorting that occurs in a Unix shell also occurred for glob.glob. There is a workaround in newer versions of Willoughby nmr-data_compilation-p2.py and nmr-data_compilation-p3.py, which call sort() directly.(CVE-2019-17514)\");\n\n script_tag(name:\"affected\", value:\"'python' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.5~69.h23\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.7.5~69.h23\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.7.5~69.h23\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.7.5~69.h23\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.7.5~69.h23\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-11-13T19:28:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-10T00:00:00", "type": "openvas", "title": "Fedora Update for python35 FEDORA-2019-b06ec6159b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16935", "CVE-2019-18348", "CVE-2019-9636", "CVE-2019-16056", "CVE-2019-9740", "CVE-2019-10160"], "modified": "2019-11-12T00:00:00", "id": "OPENVAS:1361412562310876974", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876974", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876974\");\n script_version(\"2019-11-12T09:30:57+0000\");\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-10160\", \"CVE-2019-16935\", \"CVE-2019-18348\", \"CVE-2019-16056\", \"CVE-2019-9636\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-11-12 09:30:57 +0000 (Tue, 12 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-10 03:24:17 +0000 (Sun, 10 Nov 2019)\");\n script_name(\"Fedora Update for python35 FEDORA-2019-b06ec6159b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-b06ec6159b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python35'\n package(s) announced via the FEDORA-2019-b06ec6159b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python 3.5 package for developers.\n\nThis package exists to allow developers to test their code against an older\nversion of Python. This is not a full Python stack and if you wish to run\nyour applications with Python 3.5, see other distributions\nthat support it, such as CentOS or RHEL with Software Collections\nor older Fedora releases.\");\n\n script_tag(name:\"affected\", value:\"'python35' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python35\", rpm:\"python35~3.5.8~2.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2022-05-19T15:20:28", "description": "According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3.\n CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.(CVE-2019-9740)\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : python-urllib3 (EulerOS-SA-2020-1643)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-9740"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-urllib3", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1643.NASL", "href": "https://www.tenable.com/plugins/nessus/137485", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137485);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-11236\",\n \"CVE-2019-9740\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : python-urllib3 (EulerOS-SA-2020-1643)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python-urllib3 package installed,\nthe EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An issue was discovered in urllib2 in Python 2.x\n through 2.7.16 and urllib in Python 3.x through 3.7.3.\n CRLF injection is possible if the attacker controls a\n url parameter, as demonstrated by the first argument to\n urllib.request.urlopen with \\r\\n (specifically in the\n query string after a ? character) followed by an HTTP\n header or a Redis command.(CVE-2019-9740)\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1643\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?70781783\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-urllib3 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-urllib3-1.15.1-2.h5\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:17:57", "description": "According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\n - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3.\n CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.(CVE-2019-9740)\n\n - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.(CVE-2018-20060)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : python-urllib3 (EulerOS-SA-2019-2239)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236", "CVE-2019-9740"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-urllib3", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2239.NASL", "href": "https://www.tenable.com/plugins/nessus/130701", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130701);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-20060\",\n \"CVE-2019-11236\",\n \"CVE-2019-9740\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : python-urllib3 (EulerOS-SA-2019-2239)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python-urllib3 package installed,\nthe EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter.(CVE-2019-11236)\n\n - An issue was discovered in urllib2 in Python 2.x\n through 2.7.16 and urllib in Python 3.x through 3.7.3.\n CRLF injection is possible if the attacker controls a\n url parameter, as demonstrated by the first argument to\n urllib.request.urlopen with \\r\\n (specifically in the\n query string after a ? character) followed by an HTTP\n header or a Redis command.(CVE-2019-9740)\n\n - urllib3 before version 1.23 does not remove the\n Authorization HTTP header when following a cross-origin\n redirect (i.e., a redirect that differs in host, port,\n or scheme). This can allow for credentials in the\n Authorization header to be exposed to unintended hosts\n or transmitted in cleartext.(CVE-2018-20060)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2239\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?056cfb07\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-urllib3 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-urllib3-1.10.2-2.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-05-19T17:04:12", "description": "This update for python-urllib3 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9740: Fixed CRLF injection issue (bsc#1129071).\n\n - CVE-2019-11324: Fixed invalid CA certificat verification (bsc#1132900).\n\n - CVE-2019-11236: Fixed CRLF injection via request parameter (bsc#1132663).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2019-09-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : python-urllib3 (openSUSE-2019-2133)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324", "CVE-2019-9740"], "modified": "2019-12-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:python2-urllib3", "p-cpe:/a:novell:opensuse:python2-urllib3-test", "p-cpe:/a:novell:opensuse:python3-urllib3", "p-cpe:/a:novell:opensuse:python3-urllib3-test", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2133.NASL", "href": "https://www.tenable.com/plugins/nessus/128865", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2133.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128865);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/27\");\n\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\", \"CVE-2019-9740\");\n\n script_name(english:\"openSUSE Security Update : python-urllib3 (openSUSE-2019-2133)\");\n script_summary(english:\"Check for the openSUSE-2019-2133 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for python-urllib3 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9740: Fixed CRLF injection issue (bsc#1129071).\n\n - CVE-2019-11324: Fixed invalid CA certificat verification\n (bsc#1132900).\n\n - CVE-2019-11236: Fixed CRLF injection via request\n parameter (bsc#1132663).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1129071\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1132663\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1132900\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-urllib3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python2-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python2-urllib3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-urllib3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"python2-urllib3-1.24-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"python2-urllib3-test-1.24-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"python3-urllib3-1.24-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"python3-urllib3-test-1.24-lp151.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2-urllib3 / python3-urllib3 / python2-urllib3-test / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-02-19T13:28:55", "description": "This update for python-urllib3 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9740: Fixed CRLF injection issue (bsc#1129071).\n\n - CVE-2019-11324: Fixed invalid CA certificat verification (bsc#1132900).\n\n - CVE-2019-11236: Fixed CRLF injection via request parameter (bsc#1132663).\n\n - CVE-2018-20060: Remove Authorization header when redirecting cross-host (bsc#1119376).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2019-09-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : python-urllib3 (openSUSE-2019-2131)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236", "CVE-2019-11324", "CVE-2019-9740"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:python2-urllib3", "p-cpe:/a:novell:opensuse:python3-urllib3", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2131.NASL", "href": "https://www.tenable.com/plugins/nessus/128864", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2131.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128864);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\", \"CVE-2019-11324\", \"CVE-2019-9740\");\n\n script_name(english:\"openSUSE Security Update : python-urllib3 (openSUSE-2019-2131)\");\n script_summary(english:\"Check for the openSUSE-2019-2131 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for python-urllib3 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9740: Fixed CRLF injection issue (bsc#1129071).\n\n - CVE-2019-11324: Fixed invalid CA certificat verification\n (bsc#1132900).\n\n - CVE-2019-11236: Fixed CRLF injection via request\n parameter (bsc#1132663).\n\n - CVE-2018-20060: Remove Authorization header when\n redirecting cross-host (bsc#1119376).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119376\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1129071\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1132663\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1132900\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-urllib3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11324\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python2-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python2-urllib3-1.22-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python3-urllib3-1.22-lp150.5.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2-urllib3 / python3-urllib3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T16:08:57", "description": "According to the version of the python2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3.\n CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.(CVE-2019-9740)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-06-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : python2 (EulerOS-SA-2019-1657)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-unversioned-command", "p-cpe:/a:huawei:euleros:python2", "p-cpe:/a:huawei:euleros:python2-devel", "p-cpe:/a:huawei:euleros:python2-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1657.NASL", "href": "https://www.tenable.com/plugins/nessus/126284", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126284);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-9740\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : python2 (EulerOS-SA-2019-1657)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the python2 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - An issue was discovered in urllib2 in Python 2.x\n through 2.7.16 and urllib in Python 3.x through 3.7.3.\n CRLF injection is possible if the attacker controls a\n url parameter, as demonstrated by the first argument to\n urllib.request.urlopen with \\r\\n (specifically in the\n query string after a ? character) followed by an HTTP\n header or a Redis command.(CVE-2019-9740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1657\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c422b38f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-unversioned-command\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-unversioned-command-2.7.15-10.h5.eulerosv2r8\",\n \"python2-2.7.15-10.h5.eulerosv2r8\",\n \"python2-devel-2.7.15-10.h5.eulerosv2r8\",\n \"python2-libs-2.7.15-10.h5.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-20T14:59:44", "description": "An update of the python2 package has been released.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-06-25T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Python2 PHSA-2019-1.0-0237", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:python2", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0237_PYTHON2.NASL", "href": "https://www.tenable.com/plugins/nessus/126200", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0237. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126200);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-9740\");\n script_bugtraq_id(106358);\n\n script_name(english:\"Photon OS 1.0: Python2 PHSA-2019-1.0-0237\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the python2 package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-237.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9740\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:python2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python2-2.7.15-7.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python2-debuginfo-2.7.15-7.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python2-devel-2.7.15-7.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python2-libs-2.7.15-7.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python2-tools-2.7.15-7.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-04-12T16:03:00", "description": "The version of Ansible Tower running on the remote web server is 3.3.x prior to 3.3.6, 3.4.x prior to 3.4.4, or 3.5.x prior to 3.5.1. It is, therefore, affected by a CRLF injection vulnerability in the urllib2 library of python 2.x through 2.7.16 & python 3.x through 3.7.3.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-08-05T00:00:00", "type": "nessus", "title": "Ansible Tower 3.3.x < 3.3.6 / 3.4.x < 3.4.4 / 3.5.x < 3.5.1 CRLF Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:ansible:tower"], "id": "ANSIBLE_TOWER_3_5_1.NASL", "href": "https://www.tenable.com/plugins/nessus/127127", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127127);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2019-9740\");\n script_bugtraq_id(107466);\n\n script_name(english:\"Ansible Tower 3.3.x < 3.3.6 / 3.4.x < 3.4.4 / 3.5.x < 3.5.1 CRLF Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An IT monitoring application running on the remote host is affected by\na Unauthorized Access vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Ansible Tower running on the remote web server is 3.3.x\nprior to 3.3.6, 3.4.x prior to 3.4.4, or 3.5.x prior to 3.5.1. It is, \ntherefore, affected by a CRLF injection vulnerability in the urllib2 library\nof python 2.x through 2.7.16 & python 3.x through 3.7.3.\");\n # https://docs.ansible.com/ansible-tower/3.5.1/html/release-notes/relnotes.html#ansible-tower-version-3-5-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b98ff3bb\");\n # https://docs.ansible.com/ansible-tower/3.4.4/html/release-notes/relnotes.html#ansible-tower-version-3-4-4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a90b57b1\");\n # https://docs.ansible.com/ansible-tower/3.3.6/html/release-notes/relnotes.html#ansible-tower-version-3-3-6\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e42f9a1e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Ansible Tower version 3.3.6, 3.4.4, 3.5.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9740\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ansible:tower\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ansible_tower_installed.nbin\", \"ansible_tower_detect.nbin\");\n script_require_ports(\"installed_sw/Ansible Tower\", \"installed_sw/Ansible Tower WebUI\", 80, 443);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"vcf.inc\");\n\nif(!isnull(get_kb_item(\"installed_sw/Ansible Tower\")))\n app = vcf::get_app_info(app:\"Ansible Tower\");\nelse\n{\n port = get_http_port(default:443);\n app = vcf::get_app_info(app:\"Ansible Tower WebUI\", webapp:TRUE, port:port);\n}\n\nconstraints = \n[\n {\"min_version\" : \"3.0.0\", \"fixed_version\" : \"3.3.6\"},\n {\"min_version\" : \"3.4.0\", \"fixed_version\" : \"3.4.4\"},\n {\"min_version\" : \"3.5.0\", \"fixed_version\" : \"3.5.1\"}\n];\n\nvcf::check_version_and_report(app_info:app, constraints:constraints, severity:SECURITY_WARNING, strict:FALSE);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T16:54:49", "description": "In the urllib3 library for Python, CRLF injection is possible if the attacker controls the request parameter. (CVE-2019-11236)", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-07-26T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python-urllib3 (ALAS-2019-1236)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python27-urllib3", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1236.NASL", "href": "https://www.tenable.com/plugins/nessus/127064", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1236.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127064);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-11236\");\n script_xref(name:\"ALAS\", value:\"2019-1236\");\n\n script_name(english:\"Amazon Linux AMI : python-urllib3 (ALAS-2019-1236)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"In the urllib3 library for Python, CRLF injection is possible if the\nattacker controls the request parameter. (CVE-2019-11236)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1236.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python-urllib3' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python27-urllib3-1.24.3-1.8.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python27-urllib3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T15:16:12", "description": "According to the version of the python-urllib3 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-04-02T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : python-urllib3 (EulerOS-SA-2020-1340)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python2-urllib3", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2020-1340.NASL", "href": "https://www.tenable.com/plugins/nessus/135127", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135127);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-11236\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : python-urllib3 (EulerOS-SA-2020-1340)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the python-urllib3 package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1340\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9dfcec52\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-urllib3 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python2-urllib3-1.23-4.h4.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T16:51:05", "description": "A vulnerability was discovered in python-urllib3, an HTTP library with thread-safe connection pooling, whereby an attacker can inject CRLF characters in the request parameter.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 1.9.1-3+deb8u1.\n\nWe recommend that you upgrade your python-urllib3 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-06-21T00:00:00", "type": "nessus", "title": "Debian DLA-1828-1 : python-urllib3 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:python-urllib3", "p-cpe:/a:debian:debian_linux:python-urllib3-whl", "p-cpe:/a:debian:debian_linux:python3-urllib3", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1828.NASL", "href": "https://www.tenable.com/plugins/nessus/126077", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1828-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126077);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-11236\");\n\n script_name(english:\"Debian DLA-1828-1 : python-urllib3 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered in python-urllib3, an HTTP library with\nthread-safe connection pooling, whereby an attacker can inject CRLF\ncharacters in the request parameter.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n1.9.1-3+deb8u1.\n\nWe recommend that you upgrade your python-urllib3 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/06/msg00016.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/python-urllib3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-urllib3-whl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"python-urllib3\", reference:\"1.9.1-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-urllib3-whl\", reference:\"1.9.1-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-urllib3\", reference:\"1.9.1-3+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T15:14:06", "description": "According to the version of the python-urllib3 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-03-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : python-urllib3 (EulerOS-SA-2020-1213)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-urllib3", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1213.NASL", "href": "https://www.tenable.com/plugins/nessus/134502", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134502);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-11236\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : python-urllib3 (EulerOS-SA-2020-1213)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the python-urllib3 package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1213\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d54c3f61\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-urllib3 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-urllib3-1.10.2-2.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T16:50:28", "description": "Update to v1.24.3\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-06-13T00:00:00", "type": "nessus", "title": "Fedora 29 : python-urllib3 (2019-fbda9f1e49)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2020-01-10T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python-urllib3", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-FBDA9F1E49.NASL", "href": "https://www.tenable.com/plugins/nessus/125870", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-fbda9f1e49.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125870);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/10\");\n\n script_cve_id(\"CVE-2019-11236\");\n script_xref(name:\"FEDORA\", value:\"2019-fbda9f1e49\");\n\n script_name(english:\"Fedora 29 : python-urllib3 (2019-fbda9f1e49)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to v1.24.3\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-fbda9f1e49\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-urllib3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"python-urllib3-1.24.3-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T16:51:04", "description": "Update to v1.24.3\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-06-13T00:00:00", "type": "nessus", "title": "Fedora 30 : python-urllib3 (2019-20bc611b61)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2020-01-10T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python-urllib3", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-20BC611B61.NASL", "href": "https://www.tenable.com/plugins/nessus/125860", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-20bc611b61.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125860);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/10\");\n\n script_cve_id(\"CVE-2019-11236\");\n script_xref(name:\"FEDORA\", value:\"2019-20bc611b61\");\n\n script_name(english:\"Fedora 30 : python-urllib3 (2019-20bc611b61)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to v1.24.3\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-20bc611b61\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-urllib3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"python-urllib3-1.24.3-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T15:11:22", "description": "According to the version of the python-urllib3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-02-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : python-urllib3 (EulerOS-SA-2020-1177)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python2-urllib3", "p-cpe:/a:huawei:euleros:python3-urllib3", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1177.NASL", "href": "https://www.tenable.com/plugins/nessus/134011", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134011);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-11236\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : python-urllib3 (EulerOS-SA-2020-1177)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the python-urllib3 packages installed,\nthe EulerOS installation on the remote host is affected by the\nfollowing vulnerability :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1177\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4bbb3bf4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-urllib3 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python2-urllib3-1.23-4.h4.eulerosv2r8\",\n \"python3-urllib3-1.23-4.h4.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T15:12:38", "description": "According to the version of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-03-20T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.2 : python-urllib3 (EulerOS-SA-2020-1277)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-urllib3", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "id": "EULEROS_SA-2020-1277.NASL", "href": "https://www.tenable.com/plugins/nessus/134743", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134743);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-11236\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : python-urllib3 (EulerOS-SA-2020-1277)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the python-urllib3 package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1277\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dce0617f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-urllib3 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-urllib3-1.10.2-2.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-02-19T13:19:18", "description": "According to the version of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : python-urllib3 (EulerOS-SA-2019-2184)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-urllib3", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2184.NASL", "href": "https://www.tenable.com/plugins/nessus/130646", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130646);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-11236\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : python-urllib3 (EulerOS-SA-2019-2184)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the python-urllib3 package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2184\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?82cecca9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-urllib3 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-urllib3-1.10.2-2.h3.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-02T16:05:06", "description": "An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing.\n\nSecurity Fix(es) :\n\n* numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code execution (CVE-2019-6446)\n\n* python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740)\n\n* python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947)\n\n* python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948)\n\n* python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n* python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-11-06T00:00:00", "type": "nessus", "title": "RHEL 8 : python27:2.7 (RHSA-2019:3335)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324", "CVE-2019-6446", "CVE-2019-9740", "CVE-2019-9947", "CVE-2019-9948"], "modified": "2021-03-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:Cython-debugsource", "p-cpe:/a:redhat:enterprise_linux:PyYAML-debugsource", "p-cpe:/a:redhat:enterprise_linux:babel", "p-cpe:/a:redhat:enterprise_linux:numpy-debugsource", "p-cpe:/a:redhat:enterprise_linux:python-coverage-debugsource", "p-cpe:/a:redhat:enterprise_linux:python-lxml-debugsource", "p-cpe:/a:redhat:enterprise_linux:python-nose-docs", "p-cpe:/a:redhat:enterprise_linux:python-psycopg2-debugsource", "p-cpe:/a:redhat:enterprise_linux:python-psycopg2-doc", "p-cpe:/a:redhat:enterprise_linux:python-pymongo-debugsource", "p-cpe:/a:redhat:enterprise_linux:python-sqlalchemy-doc", "p-cpe:/a:redhat:enterprise_linux:python2", "p-cpe:/a:redhat:enterprise_linux:python2-Cython", "p-cpe:/a:redhat:enterprise_linux:python2-PyMySQL", "p-cpe:/a:redhat:enterprise_linux:python2-attrs", "p-cpe:/a:redhat:enterprise_linux:python2-babel", "p-cpe:/a:redhat:enterprise_linux:python2-backports", "p-cpe:/a:redhat:enterprise_linux:python2-backports-ssl_match_hostname", "p-cpe:/a:redhat:enterprise_linux:python2-bson", "p-cpe:/a:redhat:enterprise_linux:python2-chardet", "p-cpe:/a:redhat:enterprise_linux:python2-coverage", "p-cpe:/a:redhat:enterprise_linux:python2-debug", "p-cpe:/a:redhat:enterprise_linux:python2-debugsource", "p-cpe:/a:redhat:enterprise_linux:python2-devel", "p-cpe:/a:redhat:enterprise_linux:python2-dns", "p-cpe:/a:redhat:enterprise_linux:python2-docs", "p-cpe:/a:redhat:enterprise_linux:python2-docs-info", "p-cpe:/a:redhat:enterprise_linux:python2-docutils", "p-cpe:/a:redhat:enterprise_linux:python2-funcsigs", "p-cpe:/a:redhat:enterprise_linux:python2-idna", "p-cpe:/a:redhat:enterprise_linux:python2-ipaddress", "p-cpe:/a:redhat:enterprise_linux:python2-jinja2", "p-cpe:/a:redhat:enterprise_linux:python2-libs", "p-cpe:/a:redhat:enterprise_linux:python2-lxml", "p-cpe:/a:redhat:enterprise_linux:python2-markupsafe", "p-cpe:/a:redhat:enterprise_linux:python2-mock", "p-cpe:/a:redhat:enterprise_linux:python2-nose", "p-cpe:/a:redhat:enterprise_linux:python2-numpy", "p-cpe:/a:redhat:enterprise_linux:python2-numpy-doc", "p-cpe:/a:redhat:enterprise_linux:python2-numpy-f2py", "p-cpe:/a:redhat:enterprise_linux:python2-pip", "p-cpe:/a:redhat:enterprise_linux:python2-pip-wheel", "p-cpe:/a:redhat:enterprise_linux:python2-pluggy", "p-cpe:/a:redhat:enterprise_linux:python2-psycopg2", "p-cpe:/a:redhat:enterprise_linux:python2-psycopg2-debug", "p-cpe:/a:redhat:enterprise_linux:python2-psycopg2-tests", "p-cpe:/a:redhat:enterprise_linux:python2-py", "p-cpe:/a:redhat:enterprise_linux:python2-pygments", "p-cpe:/a:redhat:enterprise_linux:python2-pymongo", "p-cpe:/a:redhat:enterprise_linux:python2-pymongo-gridfs", "p-cpe:/a:redhat:enterprise_linux:python2-pysocks", "p-cpe:/a:redhat:enterprise_linux:python2-pytest", "p-cpe:/a:redhat:enterprise_linux:python2-pytest-mock", "p-cpe:/a:redhat:enterprise_linux:python2-pytz", "p-cpe:/a:redhat:enterprise_linux:python2-pyyaml", "p-cpe:/a:redhat:enterprise_linux:python2-requests", "p-cpe:/a:redhat:enterprise_linux:python2-rpm-macros", "p-cpe:/a:redhat:enterprise_linux:python2-scipy", "p-cpe:/a:redhat:enterprise_linux:python2-setuptools", "p-cpe:/a:redhat:enterprise_linux:python2-setuptools-wheel", "p-cpe:/a:redhat:enterprise_linux:python2-setuptools_scm", "p-cpe:/a:redhat:enterprise_linux:python2-six", "p-cpe:/a:redhat:enterprise_linux:python2-sqlalchemy", "p-cpe:/a:redhat:enterprise_linux:python2-test", "p-cpe:/a:redhat:enterprise_linux:python2-tkinter", "p-cpe:/a:redhat:enterprise_linux:python2-tools", "p-cpe:/a:redhat:enterprise_linux:python2-urllib3", "p-cpe:/a:redhat:enterprise_linux:python2-virtualenv", "p-cpe:/a:redhat:enterprise_linux:python2-wheel", "p-cpe:/a:redhat:enterprise_linux:python2-wheel-wheel", "p-cpe:/a:redhat:enterprise_linux:scipy-debugsource", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-3335.NASL", "href": "https://www.tenable.com/plugins/nessus/130527", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:3335. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130527);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/24\");\n\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\", \"CVE-2019-6446\", \"CVE-2019-9740\", \"CVE-2019-9947\", \"CVE-2019-9948\");\n script_xref(name:\"RHSA\", value:\"2019:3335\");\n\n script_name(english:\"RHEL 8 : python27:2.7 (RHSA-2019:3335)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for the python27:2.7 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage that supports modules, classes, exceptions, high-level\ndynamic data types, and dynamic typing.\n\nSecurity Fix(es) :\n\n* numpy: crafted serialized object passed in numpy.load() in pickle\npython module allows arbitrary code execution (CVE-2019-6446)\n\n* python: CRLF injection via the query part of the url passed to\nurlopen() (CVE-2019-9740)\n\n* python: CRLF injection via the path part of the url passed to\nurlopen() (CVE-2019-9947)\n\n* python: Undocumented local_file protocol allows remote attackers to\nbypass protection mechanisms (CVE-2019-9948)\n\n* python-urllib3: CRLF injection due to not encoding the '\\r\\n'\nsequence leading to possible attack on internal service\n(CVE-2019-11236)\n\n* python-urllib3: Certification mishandle when error should be thrown\n(CVE-2019-11324)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.1 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?774148ae\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-6446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9947\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9948\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11324\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6446\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:Cython-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:PyYAML-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:numpy-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-coverage-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-lxml-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-nose-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-psycopg2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pymongo-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-sqlalchemy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-backports\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-backports-ssl_match_hostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-coverage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-dns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-docs-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-docutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-funcsigs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-ipaddress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-markupsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-mock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-nose\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-psycopg2-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pygments\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pymongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pymongo-gridfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pytest-mock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pytz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-setuptools_scm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-sqlalchemy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-virtualenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-wheel-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:scipy-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/python27');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python27:2.7');\nif ('2.7' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module python27:' + module_ver);\n\nappstreams = {\n 'python27:2.7': [\n {'reference':'babel-2.5.1-9.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'numpy-debugsource-1.14.2-13.module+el8.1.0+3323+7ac3e00f', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'numpy-debugsource-1.14.2-13.module+el8.1.0+3323+7ac3e00f', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'numpy-debugsource-1.14.2-13.module+el8.1.0+3323+7ac3e00f', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python-lxml-debugsource-4.2.3-3.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python-lxml-debugsource-4.2.3-3.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python-lxml-debugsource-4.2.3-3.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python-nose-docs-1.3.7-30.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python-pymongo-debugsource-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python-pymongo-debugsource-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'s390x', 'release':'8'},\n {'reference':'python-pymongo-debugsource-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python-sqlalchemy-doc-1.3.2-1.module+el8.1.0+2994+98e054d6', 'release':'8'},\n {'reference':'python2-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-attrs-17.4.0-10.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-babel-2.5.1-9.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-backports-1.0-15.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-backports-1.0-15.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-backports-1.0-15.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-backports-ssl_match_hostname-3.5.0.1-11.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-bson-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-bson-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-bson-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-chardet-3.0.4-10.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-debug-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-debug-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-debug-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-debugsource-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-debugsource-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-debugsource-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-devel-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-devel-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-devel-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-dns-1.15.0-10.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-docs-2.7.16-2.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-docs-info-2.7.16-2.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-docutils-0.14-12.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-funcsigs-1.0.2-13.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-idna-2.5-7.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-ipaddress-1.0.18-6.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-jinja2-2.10-8.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-libs-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-libs-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-libs-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-lxml-4.2.3-3.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-lxml-4.2.3-3.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-lxml-4.2.3-3.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-mock-2.0.0-13.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-nose-1.3.7-30.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-numpy-1.14.2-13.module+el8.1.0+3323+7ac3e00f', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'python2-numpy-1.14.2-13.module+el8.1.0+3323+7ac3e00f', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'python2-numpy-1.14.2-13.module+el8.1.0+3323+7ac3e00f', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'python2-numpy-doc-1.14.2-13.module+el8.1.0+3323+7ac3e00f', 'release':'8', 'epoch':'1'},\n {'reference':'python2-numpy-f2py-1.14.2-13.module+el8.1.0+3323+7ac3e00f', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'python2-numpy-f2py-1.14.2-13.module+el8.1.0+3323+7ac3e00f', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'python2-numpy-f2py-1.14.2-13.module+el8.1.0+3323+7ac3e00f', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'python2-pip-9.0.3-14.module+el8.1.0+3446+c3d52da3', 'release':'8'},\n {'reference':'python2-pip-wheel-9.0.3-14.module+el8.1.0+3446+c3d52da3', 'release':'8'},\n {'reference':'python2-pluggy-0.6.0-8.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-py-1.5.3-6.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-pygments-2.2.0-20.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-pymongo-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-pymongo-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-pymongo-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-pymongo-gridfs-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-pymongo-gridfs-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-pymongo-gridfs-3.6.1-11.module+el8.1.0+3446+c3d52da3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-PyMySQL-0.8.0-10.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-pysocks-1.6.8-6.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-pytest-3.4.2-13.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-pytest-mock-1.9.0-4.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-pytz-2017.2-12.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-requests-2.20.0-2.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-rpm-macros-3-38.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-scipy-1.0.0-20.module+el8.1.0+3323+7ac3e00f', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-scipy-1.0.0-20.module+el8.1.0+3323+7ac3e00f', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-scipy-1.0.0-20.module+el8.1.0+3323+7ac3e00f', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-setuptools-39.0.1-11.module+el8.1.0+3446+c3d52da3', 'release':'8'},\n {'reference':'python2-setuptools-wheel-39.0.1-11.module+el8.1.0+3446+c3d52da3', 'release':'8'},\n {'reference':'python2-setuptools_scm-1.15.7-6.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-six-1.11.0-5.module+el8.1.0+3111+de3f2d8e', 'release':'8'},\n {'reference':'python2-sqlalchemy-1.3.2-1.module+el8.1.0+2994+98e054d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-sqlalchemy-1.3.2-1.module+el8.1.0+2994+98e054d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-sqlalchemy-1.3.2-1.module+el8.1.0+2994+98e054d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-test-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-test-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-test-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-tkinter-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-tkinter-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-tkinter-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-tools-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python2-tools-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'s390x', 'release':'8'},\n {'reference':'python2-tools-2.7.16-12.module+el8.1.0+4148+33a50073', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python2-urllib3-1.24.2-1.module+el8.1.0+3280+19512f10', 'release':'8'},\n {'reference':'python2-virtualenv-15.1.0-19.module+el8.1.0+3507+d69c168d', 'release':'8'},\n {'reference':'python2-wheel-0.31.1-2.module+el8.1.0+3725+aac5cd17', 'release':'8', 'epoch':'1'},\n {'reference':'python2-wheel-wheel-0.31.1-2.module+el8.1.0+3725+aac5cd17', 'release':'8', 'epoch':'1'},\n {'reference':'PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e', 'cpu':'s390x', 'release':'8'},\n {'reference':'PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e', 'cpu':'x86_64', 'release':'8'},\n {'reference':'scipy-debugsource-1.0.0-20.module+el8.1.0+3323+7ac3e00f', 'cpu':'aarch64', 'release':'8'},\n {'reference':'scipy-debugsource-1.0.0-20.module+el8.1.0+3323+7ac3e00f', 'cpu':'s390x', 'release':'8'},\n {'reference':'scipy-debugsource-1.0.0-20.module+el8.1.0+3323+7ac3e00f', 'cpu':'x86_64', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python27:2.7');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Cython-debugsource / PyYAML-debugsource / babel / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:24:28", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3335 advisory.\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\n - numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code execution (CVE-2019-6446)\n\n - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740)\n\n - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947)\n\n - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : python27:2.7 (CESA-2019:3335)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324", "CVE-2019-6446", "CVE-2019-9740", "CVE-2019-9947", "CVE-2019-9948"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:babel", "p-cpe:/a:centos:centos:python-nose-docs", "p-cpe:/a:centos:centos:python-psycopg2-doc", "p-cpe:/a:centos:centos:python-sqlalchemy-doc", "p-cpe:/a:centos:centos:python2", "p-cpe:/a:centos:centos:python2-Cython", "p-cpe:/a:centos:centos:python2-PyMySQL", "p-cpe:/a:centos:centos:python2-attrs", "p-cpe:/a:centos:centos:python2-babel", "p-cpe:/a:centos:centos:python2-backports", "p-cpe:/a:centos:centos:python2-backports-ssl_match_hostname", "p-cpe:/a:centos:centos:python2-bson", "p-cpe:/a:centos:centos:python2-chardet", "p-cpe:/a:centos:centos:python2-coverage", "p-cpe:/a:centos:centos:python2-debug", "p-cpe:/a:centos:centos:python2-devel", "p-cpe:/a:centos:centos:python2-dns", "p-cpe:/a:centos:centos:python2-docs", "p-cpe:/a:centos:centos:python2-docs-info", "p-cpe:/a:centos:centos:python2-docutils", "p-cpe:/a:centos:centos:python2-funcsigs", "p-cpe:/a:centos:centos:python2-idna", "p-cpe:/a:centos:centos:python2-ipaddress", "p-cpe:/a:centos:centos:python2-jinja2", "p-cpe:/a:centos:centos:python2-libs", "p-cpe:/a:centos:centos:python2-lxml", "p-cpe:/a:centos:centos:python2-markupsafe", "p-cpe:/a:centos:centos:python2-mock", "p-cpe:/a:centos:centos:python2-nose", "p-cpe:/a:centos:centos:python2-numpy", "p-cpe:/a:centos:centos:python2-numpy-doc", "p-cpe:/a:centos:centos:python2-numpy-f2py", "p-cpe:/a:centos:centos:python2-pip", "p-cpe:/a:centos:centos:python2-pip-wheel", "p-cpe:/a:centos:centos:python2-pluggy", "p-cpe:/a:centos:centos:python2-psycopg2", "p-cpe:/a:centos:centos:python2-psycopg2-debug", "p-cpe:/a:centos:centos:python2-psycopg2-tests", "p-cpe:/a:centos:centos:python2-py", "p-cpe:/a:centos:centos:python2-pygments", "p-cpe:/a:centos:centos:python2-pymongo", "p-cpe:/a:centos:centos:python2-pymongo-gridfs", "p-cpe:/a:centos:centos:python2-pysocks", "p-cpe:/a:centos:centos:python2-pytest", "p-cpe:/a:centos:centos:python2-pytest-mock", "p-cpe:/a:centos:centos:python2-pytz", "p-cpe:/a:centos:centos:python2-pyyaml", "p-cpe:/a:centos:centos:python2-requests", "p-cpe:/a:centos:centos:python2-rpm-macros", "p-cpe:/a:centos:centos:python2-scipy", "p-cpe:/a:centos:centos:python2-setuptools", "p-cpe:/a:centos:centos:python2-setuptools-wheel", "p-cpe:/a:centos:centos:python2-setuptools_scm", "p-cpe:/a:centos:centos:python2-six", "p-cpe:/a:centos:centos:python2-sqlalchemy", "p-cpe:/a:centos:centos:python2-test", "p-cpe:/a:centos:centos:python2-tkinter", "p-cpe:/a:centos:centos:python2-tools", "p-cpe:/a:centos:centos:python2-urllib3", "p-cpe:/a:centos:centos:python2-virtualenv", "p-cpe:/a:centos:centos:python2-wheel", "p-cpe:/a:centos:centos:python2-wheel-wheel"], "id": "CENTOS8_RHSA-2019-3335.NASL", "href": "https://www.tenable.com/plugins/nessus/145618", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:3335. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145618);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\n \"CVE-2019-6446\",\n \"CVE-2019-9740\",\n \"CVE-2019-9947\",\n \"CVE-2019-9948\",\n \"CVE-2019-11236\",\n \"CVE-2019-11324\"\n );\n script_bugtraq_id(\n 106670,\n 107466,\n 107549,\n 107555,\n 108815\n );\n script_xref(name:\"RHSA\", value:\"2019:3335\");\n\n script_name(english:\"CentOS 8 : python27:2.7 (CESA-2019:3335)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:3335 advisory.\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on\n internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\n - numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code\n execution (CVE-2019-6446)\n\n - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740)\n\n - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947)\n\n - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms\n (CVE-2019-9948)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3335\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6446\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-nose-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-sqlalchemy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-backports\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-backports-ssl_match_hostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-coverage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-dns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-docs-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-docutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-funcsigs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-ipaddress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-markupsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-mock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-nose\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-psycopg2-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pygments\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pymongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pymongo-gridfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pytest-mock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pytz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-setuptools_scm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-sqlalchemy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-virtualenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-wheel-wheel\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/python27');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python27:2.7');\nif ('2.7' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module python27:' + module_ver);\n\nappstreams = {\n 'python27:2.7': [\n {'reference':'babel-2.5.1-9.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'babel-2.5.1-9.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-nose-docs-1.3.7-30.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-nose-docs-1.3.7-30.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-psycopg2-doc-2.7.5-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-psycopg2-doc-2.7.5-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-sqlalchemy-doc-1.3.2-1.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-sqlalchemy-doc-1.3.2-1.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-2.7.16-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-2.7.16-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-attrs-17.4.0-10.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-attrs-17.4.0-10.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-babel-2.5.1-9.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-babel-2.5.1-9.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-1.0-15.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-1.0-15.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-ssl_match_hostname-3.5.0.1-11.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-ssl_match_hostname-3.5.0.1-11.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-bson-3.6.1-11.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-bson-3.6.1-11.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-chardet-3.0.4-10.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-chardet-3.0.4-10.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-coverage-4.5.1-4.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-coverage-4.5.1-4.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-Cython-0.28.1-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-Cython-0.28.1-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-debug-2.7.16-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-debug-2.7.16-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-devel-2.7.16-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-devel-2.7.16-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-dns-1.15.0-10.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-dns-1.15.0-10.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-2.7.16-2.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-2.7.16-2.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-info-2.7.16-2.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-info-2.7.16-2.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docutils-0.14-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docutils-0.14-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-funcsigs-1.0.2-13.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-funcsigs-1.0.2-13.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-idna-2.5-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-idna-2.5-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-ipaddress-1.0.18-6.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-ipaddress-1.0.18-6.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-jinja2-2.10-8.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-jinja2-2.10-8.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-libs-2.7.16-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-libs-2.7.16-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-lxml-4.2.3-3.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-lxml-4.2.3-3.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-markupsafe-0.23-19.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-markupsafe-0.23-19.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-mock-2.0.0-13.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-mock-2.0.0-13.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-nose-1.3.7-30.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-nose-1.3.7-30.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-1.14.2-13.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-1.14.2-13.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-doc-1.14.2-13.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-doc-1.14.2-13.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-f2py-1.14.2-13.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-f2py-1.14.2-13.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-9.0.3-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-9.0.3-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-wheel-9.0.3-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-wheel-9.0.3-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pluggy-0.6.0-8.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pluggy-0.6.0-8.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-2.7.5-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-2.7.5-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-py-1.5.3-6.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-py-1.5.3-6.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pygments-2.2.0-20.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pygments-2.2.0-20.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-3.6.1-11.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-3.6.1-11.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-gridfs-3.6.1-11.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-gridfs-3.6.1-11.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-PyMySQL-0.8.0-10.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-PyMySQL-0.8.0-10.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pysocks-1.6.8-6.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pysocks-1.6.8-6.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-3.4.2-13.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-3.4.2-13.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-mock-1.9.0-4.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-mock-1.9.0-4.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytz-2017.2-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytz-2017.2-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pyyaml-3.12-16.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pyyaml-3.12-16.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-requests-2.20.0-2.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-requests-2.20.0-2.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-rpm-macros-3-38.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-rpm-macros-3-38.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-scipy-1.0.0-20.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-scipy-1.0.0-20.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-39.0.1-11.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-39.0.1-11.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-wheel-39.0.1-11.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-wheel-39.0.1-11.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools_scm-1.15.7-6.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools_scm-1.15.7-6.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-six-1.11.0-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-six-1.11.0-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-sqlalchemy-1.3.2-1.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-sqlalchemy-1.3.2-1.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-test-2.7.16-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-test-2.7.16-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tkinter-2.7.16-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tkinter-2.7.16-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tools-2.7.16-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tools-2.7.16-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-urllib3-1.24.2-1.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-urllib3-1.24.2-1.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-virtualenv-15.1.0-19.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-virtualenv-15.1.0-19.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-wheel-0.31.1-2.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-wheel-0.31.1-2.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-wheel-wheel-0.31.1-2.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-wheel-wheel-0.31.1-2.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python27:2.7');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'babel / python-nose-docs / python-psycopg2-doc / python-sqlalchemy-doc / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-20T14:59:45", "description": "An update of the python2 package has been released.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-06-24T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Python2 PHSA-2019-1.0-0236", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740", "CVE-2019-9947"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:python2", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0236_PYTHON2.NASL", "href": "https://www.tenable.com/plugins/nessus/126123", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0236. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126123);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-9947\");\n script_bugtraq_id(107466, 107555);\n\n script_name(english:\"Photon OS 1.0: Python2 PHSA-2019-1.0-0236\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the python2 package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-236.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9947\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:python2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python2-2.7.15-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python2-debuginfo-2.7.15-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python2-devel-2.7.15-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python2-libs-2.7.15-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python2-tools-2.7.15-6.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T16:14:26", "description": "An issue was discovered in urllib2 in Python 2.x and urllib in Python 3.x. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. (CVE-2019-9947 , CVE-2019-9740)", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-07-24T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : python3 (ALAS-2019-1247)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740", "CVE-2019-9947"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python3", "p-cpe:/a:amazon:linux:python3-debug", "p-cpe:/a:amazon:linux:python3-debuginfo", "p-cpe:/a:amazon:linux:python3-devel", "p-cpe:/a:amazon:linux:python3-libs", "p-cpe:/a:amazon:linux:python3-test", "p-cpe:/a:amazon:linux:python3-tkinter", "p-cpe:/a:amazon:linux:python3-tools", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1247.NASL", "href": "https://www.tenable.com/plugins/nessus/126959", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1247.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126959);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-9947\");\n script_xref(name:\"ALAS\", value:\"2019-1247\");\n\n script_name(english:\"Amazon Linux 2 : python3 (ALAS-2019-1247)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An issue was discovered in urllib2 in Python 2.x and urllib in Python\n3.x. CRLF injection is possible if the attacker controls a url\nparameter, as demonstrated by the first argument to\nurllib.request.urlopen with \\r\\n (specifically in the path component\nof a URL that lacks a ? character) followed by an HTTP header or a\nRedis command. This is similar to the CVE-2019-9740 query string\nissue. (CVE-2019-9947 , CVE-2019-9740)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1247.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python3' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"python3-3.7.3-1.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"python3-debug-3.7.3-1.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"python3-debuginfo-3.7.3-1.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"python3-devel-3.7.3-1.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"python3-libs-3.7.3-1.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"python3-test-3.7.3-1.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"python3-tkinter-3.7.3-1.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"python3-tools-3.7.3-1.amzn2.0.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3 / python3-debug / python3-debuginfo / python3-devel / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-10T20:38:28", "description": "According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3.\n CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.(CVE-2019-9740)\n\n - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3.\n CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue.(CVE-2019-9947)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-06-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : python3 (EulerOS-SA-2019-1658)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740", "CVE-2019-9947"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python3", "p-cpe:/a:huawei:euleros:python3-libs", "p-cpe:/a:huawei:euleros:python3-test", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1658.NASL", "href": "https://www.tenable.com/plugins/nessus/126285", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126285);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-9740\",\n \"CVE-2019-9947\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : python3 (EulerOS-SA-2019-1658)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python3 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - An issue was discovered in urllib2 in Python 2.x\n through 2.7.16 and urllib in Python 3.x through 3.7.3.\n CRLF injection is possible if the attacker controls a\n url parameter, as demonstrated by the first argument to\n urllib.request.urlopen with \\r\\n (specifically in the\n query string after a ? character) followed by an HTTP\n header or a Redis command.(CVE-2019-9740)\n\n - An issue was discovered in urllib2 in Python 2.x\n through 2.7.16 and urllib in Python 3.x through 3.7.3.\n CRLF injection is possible if the attacker controls a\n url parameter, as demonstrated by the first argument to\n urllib.request.urlopen with \\r\\n (specifically in the\n path component of a URL that lacks a ? character)\n followed by an HTTP header or a Redis command. This is\n similar to the CVE-2019-9740 query string\n issue.(CVE-2019-9947)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1658\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?92f3879a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python3-3.7.0-9.h5.eulerosv2r8\",\n \"python3-libs-3.7.0-9.h5.eulerosv2r8\",\n \"python3-test-3.7.0-9.h5.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T16:13:49", "description": "An issue was discovered in urllib2 in Python 2.x and urllib in Python 3.x. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.\n(CVE-2019-9740 , CVE-2019-9947)", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-07-26T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python34 (ALAS-2019-1242)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740", "CVE-2019-9947"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python34", "p-cpe:/a:amazon:linux:python34-debuginfo", "p-cpe:/a:amazon:linux:python34-devel", "p-cpe:/a:amazon:linux:python34-libs", "p-cpe:/a:amazon:linux:python34-test", "p-cpe:/a:amazon:linux:python34-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1242.NASL", "href": "https://www.tenable.com/plugins/nessus/127070", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1242.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127070);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-9947\");\n script_xref(name:\"ALAS\", value:\"2019-1242\");\n\n script_name(english:\"Amazon Linux AMI : python34 (ALAS-2019-1242)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An issue was discovered in urllib2 in Python 2.x and urllib in Python\n3.x. CRLF injection is possible if the attacker controls a url\nparameter, as demonstrated by the first argument to\nurllib.request.urlopen with \\r\\n (specifically in the query string\nafter a ? character) followed by an HTTP header or a Redis command.\n(CVE-2019-9740 , CVE-2019-9947)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1242.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python34' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python34-3.4.10-1.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python34-debuginfo-3.4.10-1.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python34-devel-3.4.10-1.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python34-libs-3.4.10-1.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python34-test-3.4.10-1.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python34-tools-3.4.10-1.45.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python34 / python34-debuginfo / python34-devel / python34-libs / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-10T20:37:54", "description": "The update issued as DLA-1835-1 caused a regression in the http.client library in Python 3.4 which was broken by the patch intended to fix CVE-2019-9740 and CVE-2019-9947.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 3.4.2-1+deb8u4.\n\nWe recommend that you upgrade your python3.4 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-06-25T00:00:00", "type": "nessus", "title": "Debian DLA-1835-2 : python3.4 regression update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740", "CVE-2019-9947"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:idle-python3.4", "p-cpe:/a:debian:debian_linux:libpython3.4", "p-cpe:/a:debian:debian_linux:libpython3.4-dbg", "p-cpe:/a:debian:debian_linux:libpython3.4-dev", "p-cpe:/a:debian:debian_linux:libpython3.4-minimal", "p-cpe:/a:debian:debian_linux:libpython3.4-stdlib", "p-cpe:/a:debian:debian_linux:libpython3.4-testsuite", "p-cpe:/a:debian:debian_linux:python3.4", "p-cpe:/a:debian:debian_linux:python3.4-dbg", "p-cpe:/a:debian:debian_linux:python3.4-dev", "p-cpe:/a:debian:debian_linux:python3.4-doc", "p-cpe:/a:debian:debian_linux:python3.4-examples", "p-cpe:/a:debian:debian_linux:python3.4-minimal", "p-cpe:/a:debian:debian_linux:python3.4-venv", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1835.NASL", "href": "https://www.tenable.com/plugins/nessus/126223", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1835-2. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126223);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-9947\");\n\n script_name(english:\"Debian DLA-1835-2 : python3.4 regression update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The update issued as DLA-1835-1 caused a regression in the http.client\nlibrary in Python 3.4 which was broken by the patch intended to fix\nCVE-2019-9740 and CVE-2019-9947.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n3.4.2-1+deb8u4.\n\nWe recommend that you upgrade your python3.4 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/python3.4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:idle-python3.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.4-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.4-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.4-stdlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.4-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.4-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.4-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.4-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.4-venv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"idle-python3.4\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpython3.4\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpython3.4-dbg\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpython3.4-dev\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpython3.4-minimal\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpython3.4-stdlib\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpython3.4-testsuite\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3.4\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3.4-dbg\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3.4-dev\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3.4-doc\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3.4-examples\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3.4-minimal\", reference:\"3.4.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3.4-venv\", reference:\"3.4.2-1+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-20T15:01:09", "description": "An update of the python3 package has been released.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-06-25T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Python3 PHSA-2019-1.0-0237", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740", "CVE-2019-9947"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:python3", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0237_PYTHON3.NASL", "href": "https://www.tenable.com/plugins/nessus/126201", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0237. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126201);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-9947\");\n script_bugtraq_id(106358);\n\n script_name(english:\"Photon OS 1.0: Python3 PHSA-2019-1.0-0237\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the python3 package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-237.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9947\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python3-3.5.6-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python3-debuginfo-3.5.6-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python3-devel-3.5.6-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python3-libs-3.5.6-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"python3-tools-3.5.6-6.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-02T15:37:58", "description": "Python changelog :\n\nbpo-37463: ssl.match_hostname() no longer accepts IPv4 addresses with additional text after the address and only quad-dotted notation without trailing whitespaces. Some inet_aton() implementations ignore whitespace and all data after whitespace, e.g.'127.0.0.1 whatever'.\n\nbpo-35907: CVE-2019-9948: Avoid file reading by disallowing local-file:// and local_file:// URL schemes in URLopener().open() and URLopener().retrieve() of urllib.request.\n\nbpo-36742: Fixes mishandling of pre-normalization characters in urlsplit().\n\nbpo-30458: Address CVE-2019-9740 by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause an http.client.InvalidURL exception to be raised.\n\nbpo-33529: Prevent fold function used in email header encoding from entering infinite loop when there are too many non-ASCII characters in a header.\n\nbpo-35755: shutil.which() now uses os.confstr('CS_PATH') if available and if the PATH environment variable is not set. Remove also the current directory from posixpath.defpath. On Unix, shutil.which() and the subprocess module no longer search the executable in the current directory if the PATH environment variable is not set.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2019-07-15T00:00:00", "type": "nessus", "title": "FreeBSD : python 3.7 -- multiple vulnerabilities (a449c604-a43a-11e9-b422-fcaa147e860e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740", "CVE-2019-9948"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:python37", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_A449C604A43A11E9B422FCAA147E860E.NASL", "href": "https://www.tenable.com/plugins/nessus/126667", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126667);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-9948\");\n\n script_name(english:\"FreeBSD : python 3.7 -- multiple vulnerabilities (a449c604-a43a-11e9-b422-fcaa147e860e)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Python changelog :\n\nbpo-37463: ssl.match_hostname() no longer accepts IPv4 addresses with\nadditional text after the address and only quad-dotted notation\nwithout trailing whitespaces. Some inet_aton() implementations ignore\nwhitespace and all data after whitespace, e.g.'127.0.0.1 whatever'.\n\nbpo-35907: CVE-2019-9948: Avoid file reading by disallowing\nlocal-file:// and local_file:// URL schemes in URLopener().open() and\nURLopener().retrieve() of urllib.request.\n\nbpo-36742: Fixes mishandling of pre-normalization characters in\nurlsplit().\n\nbpo-30458: Address CVE-2019-9740 by disallowing URL paths with\nembedded whitespace or control characters through into the underlying\nhttp client request. Such potentially malicious header injection URLs\nnow cause an http.client.InvalidURL exception to be raised.\n\nbpo-33529: Prevent fold function used in email header encoding from\nentering infinite loop when there are too many non-ASCII characters in\na header.\n\nbpo-35755: shutil.which() now uses os.confstr('CS_PATH') if available\nand if the PATH environment variable is not set. Remove also the\ncurrent directory from posixpath.defpath. On Unix, shutil.which() and\nthe subprocess module no longer search the executable in the current\ndirectory if the PATH environment variable is not set.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-4-final\"\n );\n # https://vuxml.freebsd.org/freebsd/a449c604-a43a-11e9-b422-fcaa147e860e.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7be70c19\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"python37<3.7.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-07-02T15:38:38", "description": "Python changelog :\n\nbpo-35907: CVE-2019-9948: Avoid file reading by disallowing local-file:// and local_file:// URL schemes in URLopener().open() and URLopener().retrieve() of urllib.request.\n\nbpo-36742: Fixes mishandling of pre-normalization characters in urlsplit().\n\nbpo-30458: Address CVE-2019-9740 by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause an http.client.InvalidURL exception to be raised.\n\nbpo-36216: Changes urlsplit() to raise ValueError when the URL contains characters that decompose under IDNA encoding (NFKC-normalization) into characters that affect how the URL is parsed.\n\nbpo-33529: Prevent fold function used in email header encoding from entering infinite loop when there are too many non-ASCII characters in a header.\n\nbpo-35121: Don't send cookies of domain A without Domain attribute to domain B when domain A is a suffix match of domain B while using a cookiejar with http.cookiejar.DefaultCookiePolicy policy. Patch by Karthikeyan Singaravelan.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "FreeBSD : python 3.6 -- multiple vulnerabilities (18ed9650-a1d6-11e9-9b17-fcaa147e860e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9740", "CVE-2019-9948"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:python36", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_18ED9650A1D611E99B17FCAA147E860E.NASL", "href": "https://www.tenable.com/plugins/nessus/126534", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126534);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-9740\", \"CVE-2019-9948\");\n\n script_name(english:\"FreeBSD : python 3.6 -- multiple vulnerabilities (18ed9650-a1d6-11e9-9b17-fcaa147e860e)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Python changelog :\n\nbpo-35907: CVE-2019-9948: Avoid file reading by disallowing\nlocal-file:// and local_file:// URL schemes in URLopener().open() and\nURLopener().retrieve() of urllib.request.\n\nbpo-36742: Fixes mishandling of pre-normalization characters in\nurlsplit().\n\nbpo-30458: Address CVE-2019-9740 by disallowing URL paths with\nembedded whitespace or control characters through into the underlying\nhttp client request. Such potentially malicious header injection URLs\nnow cause an http.client.InvalidURL exception to be raised.\n\nbpo-36216: Changes urlsplit() to raise ValueError when the URL\ncontains characters that decompose under IDNA encoding\n(NFKC-normalization) into characters that affect how the URL is\nparsed.\n\nbpo-33529: Prevent fold function used in email header encoding from\nentering infinite loop when there are too many non-ASCII characters in\na header.\n\nbpo-35121: Don't send cookies of domain A without Domain attribute to\ndomain B when domain A is a suffix match of domain B while using a\ncookiejar with http.cookiejar.DefaultCookiePolicy policy. Patch by\nKarthikeyan Singaravelan.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-9-final\"\n );\n # https://vuxml.freebsd.org/freebsd/18ed9650-a1d6-11e9-9b17-fcaa147e860e.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1a784875\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python36\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"python36<3.6.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-08-19T12:20:34", "description": "Security Fix(es) :\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-27T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : python-urllib3 on SL7.x x86_64 (20190806)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:python-urllib3", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190806_PYTHON_URLLIB3_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/128256", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128256);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\");\n\n script_name(english:\"Scientific Linux Security Update : python-urllib3 on SL7.x x86_64 (20190806)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - python-urllib3: Cross-host redirect does not remove\n Authorization header allow for credential exposure\n (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the\n '\\r\\n' sequence leading to possible attack on internal\n service (CVE-2019-11236)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1908&L=SCIENTIFIC-LINUX-ERRATA&P=13066\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1b4985a0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-urllib3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", reference:\"python-urllib3-1.10.2-7.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-urllib3-1.10.2-7.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-05-19T15:07:54", "description": "Upgrade bundled urllib3 to 1.25.3, requests to 2.22.0. Security fix for CVE-2019-11324, CVE-2019-11236.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-01-09T00:00:00", "type": "nessus", "title": "Fedora 31 : python-pip (2020-6148c44137)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324"], "modified": "2020-01-13T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python-pip", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-6148C44137.NASL", "href": "https://www.tenable.com/plugins/nessus/132738", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-6148c44137.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132738);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/13\");\n\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\");\n script_xref(name:\"FEDORA\", value:\"2020-6148c44137\");\n\n script_name(english:\"Fedora 31 : python-pip (2020-6148c44137)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upgrade bundled urllib3 to 1.25.3, requests to 2.22.0. Security fix\nfor CVE-2019-11324, CVE-2019-11236.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-6148c44137\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-pip package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"python-pip-19.1.1-7.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pip\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T15:11:20", "description": "In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.\n(CVE-2019-11236)\n\nThe urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome.\nThis is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. (CVE-2019-11324)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-02-10T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python-pip (ALAS-2020-1340)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324"], "modified": "2020-02-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python26-pip", "p-cpe:/a:amazon:linux:python27-pip", "p-cpe:/a:amazon:linux:python34-pip", "p-cpe:/a:amazon:linux:python35-pip", "p-cpe:/a:amazon:linux:python36-pip", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2020-1340.NASL", "href": "https://www.tenable.com/plugins/nessus/133559", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1340.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133559);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/12\");\n\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\");\n script_xref(name:\"ALAS\", value:\"2020-1340\");\n\n script_name(english:\"Amazon Linux AMI : python-pip (ALAS-2020-1340)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"In the urllib3 library through 1.24.1 for Python, CRLF injection is\npossible if the attacker controls the request parameter.\n(CVE-2019-11236)\n\nThe urllib3 library before 1.24.2 for Python mishandles certain cases\nwhere the desired set of CA certificates is different from the OS\nstore of CA certificates, which results in SSL connections succeeding\nin situations where a verification failure is the correct outcome.\nThis is related to use of the ssl_context, ca_certs, or ca_certs_dir\nargument. (CVE-2019-11324)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2020-1340.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python-pip' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python26-pip-9.0.3-1.27.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-pip-9.0.3-1.27.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python34-pip-9.0.3-1.27.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python35-pip-9.0.3-1.27.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python36-pip-9.0.3-1.27.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python26-pip / python27-pip / python34-pip / python35-pip / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T15:15:35", "description": "According to the versions of the python-pip package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\n - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.(CVE-2019-11324)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-04-02T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : python-pip (EulerOS-SA-2020-1354)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-pip-wheel", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2020-1354.NASL", "href": "https://www.tenable.com/plugins/nessus/135141", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135141);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-11236\",\n \"CVE-2019-11324\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : python-pip (EulerOS-SA-2020-1354)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python-pip package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter.(CVE-2019-11236)\n\n - The urllib3 library before 1.24.2 for Python mishandles\n certain cases where the desired set of CA certificates\n is different from the OS store of CA certificates,\n which results in SSL connections succeeding in\n situations where a verification failure is the correct\n outcome. This is related to use of the ssl_context,\n ca_certs, or ca_certs_dir argument.(CVE-2019-11324)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1354\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?17b08cb0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-pip packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-pip-wheel-18.0-4.h7.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pip\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T15:09:44", "description": "According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.(CVE-2019-11324)\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-02-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : python-pip (EulerOS-SA-2020-1176)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324"], "modified": "2021-02-05T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-pip", "p-cpe:/a:huawei:euleros:python-pip-wheel", "p-cpe:/a:huawei:euleros:python2-pip", "p-cpe:/a:huawei:euleros:python3-pip", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1176.NASL", "href": "https://www.tenable.com/plugins/nessus/134010", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134010);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\n \"CVE-2019-11236\",\n \"CVE-2019-11324\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : python-pip (EulerOS-SA-2020-1176)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python-pip packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The urllib3 library before 1.24.2 for Python mishandles\n certain cases where the desired set of CA certificates\n is different from the OS store of CA certificates,\n which results in SSL connections succeeding in\n situations where a verification failure is the correct\n outcome. This is related to use of the ssl_context,\n ca_certs, or ca_certs_dir argument.(CVE-2019-11324)\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter.(CVE-2019-11236)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1176\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e74fce27\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-pip packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-pip-18.0-4.h7.eulerosv2r8\",\n \"python-pip-wheel-18.0-4.h7.eulerosv2r8\",\n \"python2-pip-18.0-4.h7.eulerosv2r8\",\n \"python3-pip-18.0-4.h7.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pip\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T14:34:46", "description": "The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:3590 advisory.\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : python-urllib3 (CESA-2019:3590)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:python3-urllib3"], "id": "CENTOS8_RHSA-2019-3590.NASL", "href": "https://www.tenable.com/plugins/nessus/145580", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:3590. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145580);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\");\n script_bugtraq_id(108815);\n script_xref(name:\"RHSA\", value:\"2019:3590\");\n\n script_name(english:\"CentOS 8 : python-urllib3 (CESA-2019:3590)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2019:3590 advisory.\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on\n internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3590\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-urllib3 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11324\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-urllib3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'python3-urllib3-1.24.2-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-urllib3');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-19T15:10:54", "description": "In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.\n(CVE-2019-11236)\n\nThe urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome.\nThis is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. (CVE-2019-11324)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-02-10T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : python-pip (ALAS-2020-1389)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324"], "modified": "2020-02-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python2-pip", "p-cpe:/a:amazon:linux:python3-pip", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1389.NASL", "href": "https://www.tenable.com/plugins/nessus/133553", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1389.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133553);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/12\");\n\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\");\n script_xref(name:\"ALAS\", value:\"2020-1389\");\n\n script_name(english:\"Amazon Linux 2 : python-pip (ALAS-2020-1389)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"In the urllib3 library through 1.24.1 for Python, CRLF injection is\npossible if the attacker controls the request parameter.\n(CVE-2019-11236)\n\nThe urllib3 library before 1.24.2 for Python mishandles certain cases\nwhere the desired set of CA certificates is different from the OS\nstore of CA certificates, which results in SSL connections succeeding\nin situations where a verification failure is the correct outcome.\nThis is related to use of the ssl_context, ca_certs, or ca_certs_dir\nargument. (CVE-2019-11324)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1389.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python-pip' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python2-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"python2-pip-9.0.3-1.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"python3-pip-9.0.3-1.amzn2.0.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2-pip / python3-pip\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-09T00:17:51", "description": "An update for python-urllib3 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities.\n\nSecurity Fix(es) :\n\n* python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n* python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-30T00:00:00", "type": "nessus", "title": "CentOS 7 : python-urllib3 (CESA-2019:2272)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:python-urllib3", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-2272.NASL", "href": "https://www.tenable.com/plugins/nessus/128379", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2272 and \n# CentOS Errata and Security Advisory 2019:2272 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128379);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\");\n script_xref(name:\"RHSA\", value:\"2019:2272\");\n\n script_name(english:\"CentOS 7 : python-urllib3 (CESA-2019:2272)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for python-urllib3 is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe python-urllib3 package provides the Python HTTP module with\nconnection pooling and file POST abilities.\n\nSecurity Fix(es) :\n\n* python-urllib3: Cross-host redirect does not remove Authorization\nheader allow for credential exposure (CVE-2018-20060)\n\n* python-urllib3: CRLF injection due to not encoding the '\\r\\n'\nsequence leading to possible attack on internal service\n(CVE-2019-11236)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006077.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12127a78\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-urllib3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20060\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-urllib3-1.10.2-7.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-05-19T15:07:26", "description": "Upgrade bundled urllib3 to 1.25.3, requests to 2.22.0. Security fix for CVE-2019-11324, CVE-2019-11236.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-01-21T00:00:00", "type": "nessus", "title": "Fedora 30 : python-pip (2020-d0d9ad17d8)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324"], "modified": "2020-01-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python-pip", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2020-D0D9AD17D8.NASL", "href": "https://www.tenable.com/plugins/nessus/133119", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-d0d9ad17d8.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133119);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/23\");\n\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\");\n script_xref(name:\"FEDORA\", value:\"2020-d0d9ad17d8\");\n\n script_name(english:\"Fedora 30 : python-pip (2020-d0d9ad17d8)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upgrade bundled urllib3 to 1.25.3, requests to 2.22.0. Security fix\nfor CVE-2019-11324, CVE-2019-11236.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-d0d9ad17d8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-pip package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"python-pip-19.0.3-6.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pip\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:19:02", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-urllib3 packages installed that are affected by multiple vulnerabilities:\n\n - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. (CVE-2018-20060)\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. (CVE-2019-11236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-24T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : python-urllib3 Multiple Vulnerabilities (NS-SA-2019-0199)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0199_PYTHON-URLLIB3.NASL", "href": "https://www.tenable.com/plugins/nessus/130202", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0199. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130202);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : python-urllib3 Multiple Vulnerabilities (NS-SA-2019-0199)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-urllib3 packages installed that are\naffected by multiple vulnerabilities:\n\n - urllib3 before version 1.23 does not remove the\n Authorization HTTP header when following a cross-origin\n redirect (i.e., a redirect that differs in host, port,\n or scheme). This can allow for credentials in the\n Authorization header to be exposed to unintended hosts\n or transmitted in cleartext. (CVE-2018-20060)\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter. (CVE-2019-11236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0199\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL python-urllib3 packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20060\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"python-urllib3-1.10.2-7.el7\"\n ],\n \"CGSL MAIN 5.04\": [\n \"python-urllib3-1.10.2-7.el7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-09T00:11:06", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-urllib3 packages installed that are affected by multiple vulnerabilities:\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. (CVE-2019-11236)\n\n - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. (CVE-2018-20060)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-31T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : python-urllib3 Multiple Vulnerabilities (NS-SA-2019-0246)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0246_PYTHON-URLLIB3.NASL", "href": "https://www.tenable.com/plugins/nessus/132512", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0246. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132512);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\");\n script_bugtraq_id(108793, 108815);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : python-urllib3 Multiple Vulnerabilities (NS-SA-2019-0246)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-urllib3 packages installed that are\naffected by multiple vulnerabilities:\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter. (CVE-2019-11236)\n\n - urllib3 before version 1.23 does not remove the\n Authorization HTTP header when following a cross-origin\n redirect (i.e., a redirect that differs in host, port,\n or scheme). This can allow for credentials in the\n Authorization header to be exposed to unintended hosts\n or transmitted in cleartext. (CVE-2018-20060)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0246\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL python-urllib3 packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20060\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.05\": [\n \"python-urllib3-1.10.2-7.el7\"\n ],\n \"CGSL MAIN 5.05\": [\n \"python-urllib3-1.10.2-7.el7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:20:51", "description": "An update for python-urllib3 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities.\n\nSecurity Fix(es) :\n\n* python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n* python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 7 : python-urllib3 (RHSA-2019:2272)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-urllib3", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-2272.NASL", "href": "https://www.tenable.com/plugins/nessus/127701", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2272. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127701);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\");\n script_xref(name:\"RHSA\", value:\"2019:2272\");\n\n script_name(english:\"RHEL 7 : python-urllib3 (RHSA-2019:2272)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for python-urllib3 is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe python-urllib3 package provides the Python HTTP module with\nconnection pooling and file POST abilities.\n\nSecurity Fix(es) :\n\n* python-urllib3: Cross-host redirect does not remove Authorization\nheader allow for credential exposure (CVE-2018-20060)\n\n* python-urllib3: CRLF injection due to not encoding the '\\r\\n'\nsequence leading to possible attack on internal service\n(CVE-2019-11236)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3395ff0b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-20060\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11236\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-urllib3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2272\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"python-urllib3-1.10.2-7.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-02-19T13:17:37", "description": "An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities.\n\nSecurity Fix(es) :\n\n* python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n* python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2019-11-06T00:00:00", "type": "nessus", "title": "RHEL 8 : python-urllib3 (RHSA-2019:3590)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python3-urllib3", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-3590.NASL", "href": "https://www.tenable.com/plugins/nessus/130556", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3590. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130556);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\");\n script_xref(name:\"RHSA\", value:\"2019:3590\");\n\n script_name(english:\"RHEL 8 : python-urllib3 (RHSA-2019:3590)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for python-urllib3 is now available for Red Hat Enterprise\nLinux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe python-urllib3 package provides the Python HTTP module with\nconnection pooling and file POST abilities.\n\nSecurity Fix(es) :\n\n* python-urllib3: CRLF injection due to not encoding the '\\r\\n'\nsequence leading to possible attack on internal service\n(CVE-2019-11236)\n\n* python-urllib3: Certification mishandle when error should be thrown\n(CVE-2019-11324)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.1 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?774148ae\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3590\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11324\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python3-urllib3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3590\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", reference:\"python3-urllib3-1.24.2-2.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3-urllib3\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:22:53", "description": "Security fix for CVE-2019-9740 and CVE-2019-9947. Fix a regression introduced by the fix for CVE-2019-9636. Add manual page link for python3.7m.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "Fedora 29 : python3 (2019-ec26883852)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python3", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-EC26883852.NASL", "href": "https://www.tenable.com/plugins/nessus/125434", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-ec26883852.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125434);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-9636\", \"CVE-2019-9740\", \"CVE-2019-9947\");\n script_xref(name:\"FEDORA\", value:\"2019-ec26883852\");\n\n script_name(english:\"Fedora 29 : python3 (2019-ec26883852)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2019-9740 and CVE-2019-9947. Fix a regression\nintroduced by the fix for CVE-2019-9636. Add manual page link for\npython3.7m.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-ec26883852\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"python3-3.7.3-3.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:49:13", "description": "An issue was discovered in urllib2 in Python 2.x and urllib in Python 3.x. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.\n(CVE-2019-9740 , CVE-2019-9947)\n\nPython 2.7.x and 3.x are affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are:\nurllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. (CVE-2019-9636)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-26T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python35 (ALAS-2019-1243)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python35", "p-cpe:/a:amazon:linux:python35-debuginfo", "p-cpe:/a:amazon:linux:python35-devel", "p-cpe:/a:amazon:linux:python35-libs", "p-cpe:/a:amazon:linux:python35-test", "p-cpe:/a:amazon:linux:python35-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1243.NASL", "href": "https://www.tenable.com/plugins/nessus/127071", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1243.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127071);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-9636\", \"CVE-2019-9740\", \"CVE-2019-9947\");\n script_xref(name:\"ALAS\", value:\"2019-1243\");\n\n script_name(english:\"Amazon Linux AMI : python35 (ALAS-2019-1243)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An issue was discovered in urllib2 in Python 2.x and urllib in Python\n3.x. CRLF injection is possible if the attacker controls a url\nparameter, as demonstrated by the first argument to\nurllib.request.urlopen with \\r\\n (specifically in the query string\nafter a ? character) followed by an HTTP header or a Redis command.\n(CVE-2019-9740 , CVE-2019-9947)\n\nPython 2.7.x and 3.x are affected by: Improper Handling of Unicode\nEncoding (with an incorrect netloc) during NFKC normalization. The\nimpact is: Information disclosure (credentials, cookies, etc. that are\ncached against a given hostname). The components are:\nurllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A\nspecially crafted URL could be incorrectly parsed to locate cookies or\nauthentication data and send that information to a different host than\nwhen parsed correctly. (CVE-2019-9636)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1243.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python35' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python35-3.5.7-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python35-debuginfo-3.5.7-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python35-devel-3.5.7-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python35-libs-3.5.7-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python35-test-3.5.7-1.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python35-tools-3.5.7-1.22.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python35 / python35-debuginfo / python35-devel / python35-libs / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:45:39", "description": "Python 2.7.x through 2.7.16 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization.\nThe impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are:\nurllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. (CVE-2019-9636).\n\nAn issue was discovered in urllib2 in Python 2.x through 2.7.16. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. (CVE-2019-9740)\n\nAn issue was discovered in urllib2 in Python 2.x through 2.7.16 . CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. (CVE-2019-9947)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-01T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python27 (ALAS-2019-1230)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python27", "p-cpe:/a:amazon:linux:python27-debuginfo", "p-cpe:/a:amazon:linux:python27-devel", "p-cpe:/a:amazon:linux:python27-libs", "p-cpe:/a:amazon:linux:python27-test", "p-cpe:/a:amazon:linux:python27-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1230.NASL", "href": "https://www.tenable.com/plugins/nessus/126346", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1230.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126346);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-9636\", \"CVE-2019-9740\", \"CVE-2019-9947\");\n script_xref(name:\"ALAS\", value:\"2019-1230\");\n\n script_name(english:\"Amazon Linux AMI : python27 (ALAS-2019-1230)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Python 2.7.x through 2.7.16 is affected by: Improper Handling of\nUnicode Encoding (with an incorrect netloc) during NFKC normalization.\nThe impact is: Information disclosure (credentials, cookies, etc. that\nare cached against a given hostname). The components are:\nurllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A\nspecially crafted URL could be incorrectly parsed to locate cookies or\nauthentication data and send that information to a different host than\nwhen parsed correctly. (CVE-2019-9636).\n\nAn issue was discovered in urllib2 in Python 2.x through 2.7.16. CRLF\ninjection is possible if the attacker controls a url parameter, as\ndemonstrated by the first argument to urllib.request.urlopen with \\r\\n\n(specifically in the query string after a ? character) followed by an\nHTTP header or a Redis command. (CVE-2019-9740)\n\nAn issue was discovered in urllib2 in Python 2.x through 2.7.16 . CRLF\ninjection is possible if the attacker controls a url parameter, as\ndemonstrated by the first argument to urllib.request.urlopen with \\r\\n\n(specifically in the path component of a URL that lacks a ? character)\nfollowed by an HTTP header or a Redis command. This is similar to the\nCVE-2019-9740 query string issue. (CVE-2019-9947)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1230.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python27' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python27-2.7.16-1.127.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-debuginfo-2.7.16-1.127.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-devel-2.7.16-1.127.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-libs-2.7.16-1.127.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-test-2.7.16-1.127.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-tools-2.7.16-1.127.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python27 / python27-debuginfo / python27-devel / python27-libs / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:48:11", "description": "Update Python 3.6 to [3.6.9](https://www.python.org/downloads/release/python-369/), the latest security release of the 3.6 branch. [Changelog for 3.6.9 final](https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6- 9-final) and [3.6.9 release candidate 1](https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-9-re lease-candidate-1). Includes security fixes for CVE-2019-9636, CVE-2019-9740, CVE-2019-10160.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-15T00:00:00", "type": "nessus", "title": "Fedora 30 : python36 (2019-7723d4774a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10160", "CVE-2019-9636", "CVE-2019-9740"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python36", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-7723D4774A.NASL", "href": "https://www.tenable.com/plugins/nessus/126658", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-7723d4774a.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126658);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-10160\", \"CVE-2019-9636\", \"CVE-2019-9740\");\n script_xref(name:\"FEDORA\", value:\"2019-7723d4774a\");\n\n script_name(english:\"Fedora 30 : python36 (2019-7723d4774a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update Python 3.6 to\n[3.6.9](https://www.python.org/downloads/release/python-369/), the\nlatest security release of the 3.6 branch. [Changelog for 3.6.9\nfinal](https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-\n9-final) and [3.6.9 release candidate\n1](https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-9-re\nlease-candidate-1). Includes security fixes for CVE-2019-9636,\nCVE-2019-9740, CVE-2019-10160.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-7723d4774a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-9-final\"\n );\n # https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-9-release-candidate-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f60517a0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.python.org/downloads/release/python-369/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python36 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python36\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"python36-3.6.9-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python36\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:22:45", "description": "Security fix for CVE-2019-9740 and CVE-2019-9947. Fix a regression introduced by the fix for CVE-2019-9636. Add manual page link for python3.7m.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-17T00:00:00", "type": "nessus", "title": "Fedora 30 : python3 (2019-1ffd6b6064)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python3", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-1FFD6B6064.NASL", "href": "https://www.tenable.com/plugins/nessus/125229", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-1ffd6b6064.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125229);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-9636\", \"CVE-2019-9740\", \"CVE-2019-9947\");\n script_xref(name:\"FEDORA\", value:\"2019-1ffd6b6064\");\n\n script_name(english:\"Fedora 30 : python3 (2019-1ffd6b6064)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2019-9740 and CVE-2019-9947. Fix a regression\nintroduced by the fix for CVE-2019-9636. Add manual page link for\npython3.7m.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-1ffd6b6064\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"python3-3.7.3-3.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:49:36", "description": "Update Python 3.6 to [3.6.9](https://www.python.org/downloads/release/python-369/), the latest security release of the 3.6 branch. [Changelog for 3.6.9 final](https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6- 9-final) and [3.6.9 release candidate 1](https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-9-re lease-candidate-1). Includes security fixes for CVE-2019-9636, CVE-2019-9740, CVE-2019-10160.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-15T00:00:00", "type": "nessus", "title": "Fedora 29 : python36 (2019-7df59302e0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10160", "CVE-2019-9636", "CVE-2019-9740"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python36", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-7DF59302E0.NASL", "href": "https://www.tenable.com/plugins/nessus/126659", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-7df59302e0.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126659);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-10160\", \"CVE-2019-9636\", \"CVE-2019-9740\");\n script_xref(name:\"FEDORA\", value:\"2019-7df59302e0\");\n\n script_name(english:\"Fedora 29 : python36 (2019-7df59302e0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update Python 3.6 to\n[3.6.9](https://www.python.org/downloads/release/python-369/), the\nlatest security release of the 3.6 branch. [Changelog for 3.6.9\nfinal](https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-\n9-final) and [3.6.9 release candidate\n1](https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-9-re\nlease-candidate-1). Includes security fixes for CVE-2019-9636,\nCVE-2019-9740, CVE-2019-10160.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-7df59302e0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-9-final\"\n );\n # https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-9-release-candidate-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f60517a0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.python.org/downloads/release/python-369/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python36 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python36\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"python36-3.6.9-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python36\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:22:38", "description": "Python is affected by improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is:\nInformation disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. (CVE-2019-9636)\n\nAn issue was discovered in urllib2 in Python 3.6. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue.(CVE-2019-9740)\n\nAn issue was discovered in urllib2 in Python 3.6. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue.(CVE-2019-9947)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-31T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python36 (ALAS-2019-1204)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947"], "modified": "2020-01-13T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python36", "p-cpe:/a:amazon:linux:python36-debug", "p-cpe:/a:amazon:linux:python36-debuginfo", "p-cpe:/a:amazon:linux:python36-devel", "p-cpe:/a:amazon:linux:python36-libs", "p-cpe:/a:amazon:linux:python36-test", "p-cpe:/a:amazon:linux:python36-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1204.NASL", "href": "https://www.tenable.com/plugins/nessus/125604", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1204.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125604);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/13\");\n\n script_cve_id(\"CVE-2019-9636\", \"CVE-2019-9740\", \"CVE-2019-9947\");\n script_xref(name:\"ALAS\", value:\"2019-1204\");\n\n script_name(english:\"Amazon Linux AMI : python36 (ALAS-2019-1204)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Python is affected by improper Handling of Unicode Encoding (with an\nincorrect netloc) during NFKC normalization. The impact is:\nInformation disclosure (credentials, cookies, etc. that are cached\nagainst a given hostname). The components are: urllib.parse.urlsplit,\nurllib.parse.urlparse. The attack vector is: A specially crafted URL\ncould be incorrectly parsed to locate cookies or authentication data\nand send that information to a different host than when parsed\ncorrectly. (CVE-2019-9636)\n\nAn issue was discovered in urllib2 in Python 3.6. CRLF injection is\npossible if the attacker controls a url parameter, as demonstrated by\nthe first argument to urllib.request.urlopen with \\r\\n (specifically\nin the path component of a URL that lacks a ? character) followed by\nan HTTP header or a Redis command. This is similar to the\nCVE-2019-9740 query string issue.(CVE-2019-9740)\n\nAn issue was discovered in urllib2 in Python 3.6. CRLF injection is\npossible if the attacker controls a url parameter, as demonstrated by\nthe first argument to urllib.request.urlopen with \\r\\n (specifically\nin the path component of a URL that lacks a ? character) followed by\nan HTTP header or a Redis command. This is similar to the\nCVE-2019-9740 query string issue.(CVE-2019-9947)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1204.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python36' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python36-3.6.8-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python36-debug-3.6.8-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python36-debuginfo-3.6.8-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python36-devel-3.6.8-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python36-libs-3.6.8-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python36-test-3.6.8-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python36-tools-3.6.8-1.13.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python36 / python36-debug / python36-debuginfo / python36-devel / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T15:58:57", "description": "New python packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2019-10-21T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2019-293-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15903", "CVE-2019-9740", "CVE-2019-9948"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:python", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2019-293-01.NASL", "href": "https://www.tenable.com/plugins/nessus/130079", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2019-293-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130079);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2019-15903\", \"CVE-2019-9740\", \"CVE-2019-9948\");\n script_xref(name:\"SSA\", value:\"2019-293-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2019-293-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New python packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.467193\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3776837b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"python\", pkgver:\"2.7.17\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"python\", pkgver:\"2.7.17\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"python\", pkgver:\"2.7.17\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"python\", pkgver:\"2.7.17\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"python\", pkgver:\"2.7.17\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"python\", pkgver:\"2.7.17\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"python\", pkgver:\"2.7.17\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"python\", pkgver:\"2.7.17\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-10-13T00:15:06", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0851 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-26T00:00:00", "type": "nessus", "title": "CentOS 7 : python-virtualenv (CESA-2020:0851)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236"], "modified": "2020-06-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:python-virtualenv", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2020-0851.NASL", "href": "https://www.tenable.com/plugins/nessus/134904", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:0851 and \n# CentOS Errata and Security Advisory 2020:0851 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134904);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/05\");\n\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\");\n script_xref(name:\"RHSA\", value:\"2020:0851\");\n\n script_name(english:\"CentOS 7 : python-virtualenv (CESA-2020:0851)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0851 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not\n remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove\n Authorization header allow for credential exposure\n (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the\n '\\r\\n' sequence leading to possible attack on internal\n service (CVE-2019-11236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2020-March/035680.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ea942c49\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected python-virtualenv package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-18074\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-virtualenv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-virtualenv-15.1.0-4.el7_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-virtualenv\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-12T23:56:11", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-virtualenv packages installed that are affected by multiple vulnerabilities:\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. (CVE-2019-11236)\n\n - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. (CVE-2018-20060)\n\n - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. (CVE-2018-18074)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : python-virtualenv Multiple Vulnerabilities (NS-SA-2020-0118)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0118_PYTHON-VIRTUALENV.NASL", "href": "https://www.tenable.com/plugins/nessus/143977", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0118. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143977);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\");\n script_bugtraq_id(108793, 108815);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : python-virtualenv Multiple Vulnerabilities (NS-SA-2020-0118)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-virtualenv packages installed that are\naffected by multiple vulnerabilities:\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the\n request parameter. (CVE-2019-11236)\n\n - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin\n redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the\n Authorization header to be exposed to unintended hosts or transmitted in cleartext. (CVE-2018-20060)\n\n - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon\n receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover\n credentials by sniffing the network. (CVE-2018-18074)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0118\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL python-virtualenv packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20060\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.05': [\n 'python-virtualenv-15.1.0-4.el7_7'\n ],\n 'CGSL MAIN 5.05': [\n 'python-virtualenv-15.1.0-4.el7_7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-virtualenv');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-13T00:15:33", "description": "From Red Hat Security Advisory 2020:0851 :\n\nThe remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0851 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-19T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : python-virtualenv (ELSA-2020-0851)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236"], "modified": "2020-06-05T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:python-virtualenv", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2020-0851.NASL", "href": "https://www.tenable.com/plugins/nessus/134689", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0851 and \n# Oracle Linux Security Advisory ELSA-2020-0851 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134689);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/05\");\n\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\");\n script_xref(name:\"RHSA\", value:\"2020:0851\");\n\n script_name(english:\"Oracle Linux 7 : python-virtualenv (ELSA-2020-0851)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2020:0851 :\n\nThe remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0851 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not\n remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove\n Authorization header allow for credential exposure\n (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the\n '\\r\\n' sequence leading to possible attack on internal\n service (CVE-2019-11236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2020-March/009719.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected python-virtualenv package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-virtualenv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"python-virtualenv-15.1.0-4.el7_7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-virtualenv\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-02-19T12:40:26", "description": "Security Fix(es) :\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-06-02T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : python-virtualenv on SL7.x (noarch) (20200512)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236"], "modified": "2020-12-28T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:python-virtualenv", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20200512_PYTHON_VIRTUALENV_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/137039", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137039);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/28\");\n\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\");\n\n script_name(english:\"Scientific Linux Security Update : python-virtualenv on SL7.x (noarch) (20200512)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security Fix(es) :\n\n - python-urllib3: Cross-host redirect does not remove\n Authorization header allow for credential exposure\n (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the\n '\\r\\n' sequence leading to possible attack on internal\n service (CVE-2019-11236)\n\n - python-requests: Redirect from HTTPS to HTTP does not\n remove Authorization header (CVE-2018-18074)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2006&L=SCIENTIFIC-LINUX-ERRATA&P=696\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?544b615e\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected python-virtualenv package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20060\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-virtualenv\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", reference:\"python-virtualenv-15.1.0-4.el7_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-virtualenv\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-05-19T17:10:22", "description": "NIST reports: (by search in the range 2018/01/01 - 2019/11/10) :\n\nurllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.\n\nIn the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.\n\nThe urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome.\nThis is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-11-27T00:00:00", "type": "nessus", "title": "FreeBSD : urllib3 -- multiple vulnerabilities (87270ba5-03d3-11ea-b81f-3085a9a95629)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236", "CVE-2019-11324"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:py27-urllib3", "p-cpe:/a:freebsd:freebsd:py35-urllib3", "p-cpe:/a:freebsd:freebsd:py36-urllib3", "p-cpe:/a:freebsd:freebsd:py37-urllib3", "p-cpe:/a:freebsd:freebsd:py38-urllib3", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_87270BA503D311EAB81F3085A9A95629.NASL", "href": "https://www.tenable.com/plugins/nessus/131340", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131340);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\", \"CVE-2019-11324\");\n\n script_name(english:\"FreeBSD : urllib3 -- multiple vulnerabilities (87270ba5-03d3-11ea-b81f-3085a9a95629)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"NIST reports: (by search in the range 2018/01/01 - 2019/11/10) :\n\nurllib3 before version 1.23 does not remove the Authorization HTTP\nheader when following a cross-origin redirect (i.e., a redirect that\ndiffers in host, port, or scheme). This can allow for credentials in\nthe Authorization header to be exposed to unintended hosts or\ntransmitted in cleartext.\n\nIn the urllib3 library through 1.24.1 for Python, CRLF injection is\npossible if the attacker controls the request parameter.\n\nThe urllib3 library before 1.24.2 for Python mishandles certain cases\nwhere the desired set of CA certificates is different from the OS\nstore of CA certificates, which results in SSL connections succeeding\nin situations where a verification failure is the correct outcome.\nThis is related to use of the ssl_context, ca_certs, or ca_certs_dir\nargument.\"\n );\n # https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&query=urllib3&search_type=all&pub_start_date=01%2F01%2F2018&pub_end_date=11%2F10%2F2019\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d2aec89f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229322\"\n );\n # https://vuxml.freebsd.org/freebsd/87270ba5-03d3-11ea-b81f-3085a9a95629.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?99a4291d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11324\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py27-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py35-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py36-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py37-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py38-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"py27-urllib3<1.24.3,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py35-urllib3<1.24.3,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py36-urllib3<1.24.3,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py37-urllib3<1.24.3,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py38-urllib3<1.24.3,1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-13T00:15:06", "description": "Security Fix(es) :\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-18T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : python-virtualenv on SL7.x (noarch) (20200317)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236"], "modified": "2020-03-20T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:python-virtualenv", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20200317_PYTHON_VIRTUALENV_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/134650", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134650);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/20\");\n\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\");\n\n script_name(english:\"Scientific Linux Security Update : python-virtualenv on SL7.x (noarch) (20200317)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - python-urllib3: Cross-host redirect does not remove\n Authorization header allow for credential exposure\n (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the\n '\\r\\n' sequence leading to possible attack on internal\n service (CVE-2019-11236)\n\n - python-requests: Redirect from HTTPS to HTTP does not\n remove Authorization header (CVE-2018-18074)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2003&L=SCIENTIFIC-LINUX-ERRATA&P=9155\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?30e8ef49\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-virtualenv package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-virtualenv\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", reference:\"python-virtualenv-15.1.0-4.el7_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-virtualenv\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-14T00:19:59", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2081 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-05-12T00:00:00", "type": "nessus", "title": "RHEL 7 : python-virtualenv (RHSA-2020:2081)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:python-virtualenv"], "id": "REDHAT-RHSA-2020-2081.NASL", "href": "https://www.tenable.com/plugins/nessus/136517", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2081. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136517);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\");\n script_bugtraq_id(108793, 108815);\n script_xref(name:\"RHSA\", value:\"2020:2081\");\n\n script_name(english:\"RHEL 7 : python-virtualenv (RHSA-2020:2081)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2081 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure\n (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on\n internal service (CVE-2019-11236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/113.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/522.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-18074\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-20060\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2081\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1643829\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1649153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1700824\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-virtualenv package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20060\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(113, 522);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-virtualenv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_7_client': [\n 'rhel-7-desktop-debug-rpms',\n 'rhel-7-desktop-fastrack-debug-rpms',\n 'rhel-7-desktop-fastrack-rpms',\n 'rhel-7-desktop-fastrack-source-rpms',\n 'rhel-7-desktop-optional-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-rpms',\n 'rhel-7-desktop-optional-fastrack-source-rpms',\n 'rhel-7-desktop-optional-rpms',\n 'rhel-7-desktop-optional-source-rpms',\n 'rhel-7-desktop-rpms',\n 'rhel-7-desktop-source-rpms'\n ],\n 'enterprise_linux_7_computenode': [\n 'rhel-7-for-hpc-node-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-fastrack-rpms',\n 'rhel-7-for-hpc-node-fastrack-source-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-source-rpms',\n 'rhel-7-hpc-node-debug-rpms',\n 'rhel-7-hpc-node-optional-debug-rpms',\n 'rhel-7-hpc-node-optional-rpms',\n 'rhel-7-hpc-node-optional-source-rpms',\n 'rhel-7-hpc-node-rpms',\n 'rhel-7-hpc-node-source-rpms'\n ],\n 'enterprise_linux_7_server': [\n 'rhel-7-server-debug-rpms',\n 'rhel-7-server-fastrack-debug-rpms',\n 'rhel-7-server-fastrack-rpms',\n 'rhel-7-server-fastrack-source-rpms',\n 'rhel-7-server-optional-debug-rpms',\n 'rhel-7-server-optional-fastrack-debug-rpms',\n 'rhel-7-server-optional-fastrack-rpms',\n 'rhel-7-server-optional-fastrack-source-rpms',\n 'rhel-7-server-optional-rpms',\n 'rhel-7-server-optional-source-rpms',\n 'rhel-7-server-rpms',\n 'rhel-7-server-source-rpms',\n 'rhel-ha-for-rhel-7-server-debug-rpms',\n 'rhel-ha-for-rhel-7-server-rpms',\n 'rhel-ha-for-rhel-7-server-source-rpms',\n 'rhel-rs-for-rhel-7-server-debug-rpms',\n 'rhel-rs-for-rhel-7-server-rpms',\n 'rhel-rs-for-rhel-7-server-source-rpms'\n ],\n 'enterprise_linux_7_workstation': [\n 'rhel-7-workstation-debug-rpms',\n 'rhel-7-workstation-fastrack-debug-rpms',\n 'rhel-7-workstation-fastrack-rpms',\n 'rhel-7-workstation-fastrack-source-rpms',\n 'rhel-7-workstation-optional-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-rpms',\n 'rhel-7-workstation-optional-fastrack-source-rpms',\n 'rhel-7-workstation-optional-rpms',\n 'rhel-7-workstation-optional-source-rpms',\n 'rhel-7-workstation-rpms',\n 'rhel-7-workstation-source-rpms'\n ],\n 'rhel_extras_7': [\n 'rhel-7-desktop-supplementary-rpms',\n 'rhel-7-desktop-supplementary-source-rpms',\n 'rhel-7-for-hpc-node-supplementary-rpms',\n 'rhel-7-for-hpc-node-supplementary-source-rpms',\n 'rhel-7-hpc-node-eus-supplementary-rpms',\n 'rhel-7-server-eus-supplementary-rpms',\n 'rhel-7-server-supplementary-rpms',\n 'rhel-7-server-supplementary-source-rpms',\n 'rhel-7-workstation-supplementary-rpms',\n 'rhel-7-workstation-supplementary-source-rpms'\n ],\n 'rhel_extras_oracle_java_7': [\n 'rhel-7-desktop-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-for-hpc-node-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-hpc-node-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-source-rpms',\n 'rhel-7-server-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-workstation-restricted-maintenance-oracle-java-rpms'\n ],\n 'rhel_extras_rt_7': [\n 'rhel-7-server-nfv-debug-rpms',\n 'rhel-7-server-nfv-rpms',\n 'rhel-7-server-nfv-source-rpms',\n 'rhel-7-server-rt-debug-rpms',\n 'rhel-7-server-rt-rpms',\n 'rhel-7-server-rt-source-rpms'\n ],\n 'rhel_extras_sap_7': [\n 'rhel-sap-for-rhel-7-server-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-rpms',\n 'rhel-sap-for-rhel-7-server-source-rpms'\n ],\n 'rhel_extras_sap_hana_7': [\n 'rhel-sap-hana-for-rhel-7-server-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-rpms',\n 'rhel-sap-hana-for-rhel-7-server-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'python-virtualenv-15.1.0-4.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-virtualenv');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-13T00:00:49", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-virtualenv packages installed that are affected by multiple vulnerabilities:\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. (CVE-2019-11236)\n\n - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. (CVE-2018-20060)\n\n - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. (CVE-2018-18074)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-09-07T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : python-virtualenv Multiple Vulnerabilities (NS-SA-2020-0044)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0044_PYTHON-VIRTUALENV.NASL", "href": "https://www.tenable.com/plugins/nessus/140276", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0044. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140276);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\");\n script_bugtraq_id(108793, 108815);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : python-virtualenv Multiple Vulnerabilities (NS-SA-2020-0044)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-virtualenv packages installed that are\naffected by multiple vulnerabilities:\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the\n request parameter. (CVE-2019-11236)\n\n - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin\n redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the\n Authorization header to be exposed to unintended hosts or transmitted in cleartext. (CVE-2018-20060)\n\n - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon\n receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover\n credentials by sniffing the network. (CVE-2018-18074)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0044\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL python-virtualenv packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20060\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'python-virtualenv-15.1.0-4.el7_7'\n ],\n 'CGSL MAIN 5.04': [\n 'python-virtualenv-15.1.0-4.el7_7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-virtualenv');\n}\n\n\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:22:57", "description": "It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-20060)\n\nIt was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. (CVE-2019-11236)\n\nIt was discovered that urllib3 incorrectly handled situations where a desired set of CA certificates were specified. This could result in certificates being accepted by the default CA certificates contrary to expectatons. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. (CVE-2019-11324).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2019-05-22T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : urllib3 vulnerabilities (USN-3990-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236", "CVE-2019-11324"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-urllib3", "p-cpe:/a:canonical:ubuntu_linux:python3-urllib3", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-3990-1.NASL", "href": "https://www.tenable.com/plugins/nessus/125338", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3990-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125338);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\", \"CVE-2019-11324\");\n script_xref(name:\"USN\", value:\"3990-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : urllib3 vulnerabilities (USN-3990-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that urllib3 incorrectly removed Authorization HTTP\nheaders when handled cross-origin redirects. This could result in\ncredentials being sent to unintended hosts. This issue only affected\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-20060)\n\nIt was discovered that urllib3 incorrectly stripped certain characters\nfrom requests. A remote attacker could use this issue to perform CRLF\ninjection. (CVE-2019-11236)\n\nIt was discovered that urllib3 incorrectly handled situations where a\ndesired set of CA certificates were specified. This could result in\ncertificates being accepted by the default CA certificates contrary to\nexpectatons. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10,\nand Ubuntu 19.04. (CVE-2019-11324).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3990-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected python-urllib3 and / or python3-urllib3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11324\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|18\\.10|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 18.10 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python-urllib3\", pkgver:\"1.13.1-2ubuntu0.16.04.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python3-urllib3\", pkgver:\"1.13.1-2ubuntu0.16.04.3\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"python-urllib3\", pkgver:\"1.22-1ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"python3-urllib3\", pkgver:\"1.22-1ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"python-urllib3\", pkgver:\"1.22-1ubuntu0.18.10.1\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"python3-urllib3\", pkgver:\"1.22-1ubuntu0.18.10.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"python-urllib3\", pkgver:\"1.24.1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"python3-urllib3\", pkgver:\"1.24.1-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-urllib3 / python3-urllib3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-14T00:24:05", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0851 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-18T00:00:00", "type": "nessus", "title": "RHEL 7 : python-virtualenv (RHSA-2020:0851)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:rhel_aus:7.7", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_e4s:7.7", "cpe:/o:redhat:rhel_eus:7.7", "cpe:/o:redhat:rhel_tus:7.7", "p-cpe:/a:redhat:enterprise_linux:python-virtualenv"], "id": "REDHAT-RHSA-2020-0851.NASL", "href": "https://www.tenable.com/plugins/nessus/134676", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0851. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134676);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\");\n script_bugtraq_id(108793, 108815);\n script_xref(name:\"RHSA\", value:\"2020:0851\");\n\n script_name(english:\"RHEL 7 : python-virtualenv (RHSA-2020:0851)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0851 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure\n (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on\n internal service (CVE-2019-11236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/113.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/522.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-18074\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-20060\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1643829\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1649153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1700824\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-virtualenv package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20060\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(113, 522);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-virtualenv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_7_client': [\n 'rhel-7-desktop-debug-rpms',\n 'rhel-7-desktop-fastrack-debug-rpms',\n 'rhel-7-desktop-fastrack-rpms',\n 'rhel-7-desktop-fastrack-source-rpms',\n 'rhel-7-desktop-optional-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-rpms',\n 'rhel-7-desktop-optional-fastrack-source-rpms',\n 'rhel-7-desktop-optional-rpms',\n 'rhel-7-desktop-optional-source-rpms',\n 'rhel-7-desktop-rpms',\n 'rhel-7-desktop-source-rpms'\n ],\n 'enterprise_linux_7_computenode': [\n 'rhel-7-for-hpc-node-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-fastrack-rpms',\n 'rhel-7-for-hpc-node-fastrack-source-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-source-rpms',\n 'rhel-7-hpc-node-debug-rpms',\n 'rhel-7-hpc-node-optional-debug-rpms',\n 'rhel-7-hpc-node-optional-rpms',\n 'rhel-7-hpc-node-optional-source-rpms',\n 'rhel-7-hpc-node-rpms',\n 'rhel-7-hpc-node-source-rpms'\n ],\n 'enterprise_linux_7_server': [\n 'rhel-7-server-debug-rpms',\n 'rhel-7-server-fastrack-debug-rpms',\n 'rhel-7-server-fastrack-rpms',\n 'rhel-7-server-fastrack-source-rpms',\n 'rhel-7-server-optional-debug-rpms',\n 'rhel-7-server-optional-fastrack-debug-rpms',\n 'rhel-7-server-optional-fastrack-rpms',\n 'rhel-7-server-optional-fastrack-source-rpms',\n 'rhel-7-server-optional-rpms',\n 'rhel-7-server-optional-source-rpms',\n 'rhel-7-server-rpms',\n 'rhel-7-server-source-rpms',\n 'rhel-ha-for-rhel-7-server-debug-rpms',\n 'rhel-ha-for-rhel-7-server-rpms',\n 'rhel-ha-for-rhel-7-server-source-rpms',\n 'rhel-rs-for-rhel-7-server-debug-rpms',\n 'rhel-rs-for-rhel-7-server-rpms',\n 'rhel-rs-for-rhel-7-server-source-rpms'\n ],\n 'enterprise_linux_7_workstation': [\n 'rhel-7-workstation-debug-rpms',\n 'rhel-7-workstation-fastrack-debug-rpms',\n 'rhel-7-workstation-fastrack-rpms',\n 'rhel-7-workstation-fastrack-source-rpms',\n 'rhel-7-workstation-optional-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-rpms',\n 'rhel-7-workstation-optional-fastrack-source-rpms',\n 'rhel-7-workstation-optional-rpms',\n 'rhel-7-workstation-optional-source-rpms',\n 'rhel-7-workstation-rpms',\n 'rhel-7-workstation-source-rpms'\n ],\n 'rhel_aus_7_7_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-aus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_e4s_7_6_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_e4s_7_7_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms'\n ],\n 'rhel_eus_7_7_computenode': [\n 'rhel-7-hpc-node-eus-debug-rpms',\n 'rhel-7-hpc-node-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-optional-debug-rpms',\n 'rhel-7-hpc-node-eus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-optional-rpms',\n 'rhel-7-hpc-node-eus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-optional-source-rpms',\n 'rhel-7-hpc-node-eus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-rpms',\n 'rhel-7-hpc-node-eus-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-source-rpms',\n 'rhel-7-hpc-node-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_eus_7_7_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-eus-debug-rpms',\n 'rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-optional-debug-rpms',\n 'rhel-7-server-eus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-optional-rpms',\n 'rhel-7-server-eus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-optional-source-rpms',\n 'rhel-7-server-eus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-rpms',\n 'rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-source-rpms',\n 'rhel-7-server-eus-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-rpms',\n 'rhel-ha-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-rpms',\n 'rhel-rs-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_7': [\n 'rhel-7-desktop-supplementary-rpms',\n 'rhel-7-desktop-supplementary-source-rpms',\n 'rhel-7-for-hpc-node-supplementary-rpms',\n 'rhel-7-for-hpc-node-supplementary-source-rpms',\n 'rhel-7-hpc-node-eus-supplementary-rpms',\n 'rhel-7-server-eus-supplementary-rpms',\n 'rhel-7-server-supplementary-rpms',\n 'rhel-7-server-supplementary-source-rpms',\n 'rhel-7-workstation-supplementary-rpms',\n 'rhel-7-workstation-supplementary-source-rpms'\n ],\n 'rhel_extras_oracle_java_7': [\n 'rhel-7-desktop-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-for-hpc-node-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-hpc-node-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-source-rpms',\n 'rhel-7-server-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-workstation-restricted-maintenance-oracle-java-rpms'\n ],\n 'rhel_extras_rt_7': [\n 'rhel-7-server-nfv-debug-rpms',\n 'rhel-7-server-nfv-rpms',\n 'rhel-7-server-nfv-source-rpms',\n 'rhel-7-server-rt-debug-rpms',\n 'rhel-7-server-rt-rpms',\n 'rhel-7-server-rt-source-rpms'\n ],\n 'rhel_extras_sap_7': [\n 'rhel-sap-for-rhel-7-server-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-rpms',\n 'rhel-sap-for-rhel-7-server-source-rpms'\n ],\n 'rhel_extras_sap_e4s_7_7': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_sap_eus_7_7': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_sap_hana_7': [\n 'rhel-sap-hana-for-rhel-7-server-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-rpms',\n 'rhel-sap-hana-for-rhel-7-server-source-rpms'\n ],\n 'rhel_extras_sap_hana_e4s_7_7': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_sap_hana_eus_7_7': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_tus_7_7_server': [\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-7-server-tus-source-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms__7_DOT_7__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'python-virtualenv-15.1.0-4.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-virtualenv');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-05-19T14:54:16", "description": "An update of the python package has been released.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2021-06-04T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Python PHSA-2021-3.0-0246", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11236", "CVE-2019-11324", "CVE-2020-26137"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:python", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2021-3_0-0246_PYTHON.NASL", "href": "https://www.tenable.com/plugins/nessus/150239", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-3.0-0246. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150239);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\"CVE-2019-11236\", \"CVE-2019-11324\", \"CVE-2020-26137\");\n\n script_name(english:\"Photon OS 3.0: Python PHSA-2021-3.0-0246\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the python package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-246.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-26137\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-11324\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 3.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nflag = 0;\n\nif (rpm_check(release:'PhotonOS-3.0', reference:'python-urllib3-1.25.11-1.ph3')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python');\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-10-13T00:13:30", "description": "urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. (CVE-2018-20060)\n\nIn the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.\n(CVE-2019-11236)\n\nA credentials-exposure flaw was found in python-requests, where if a request with authentication is redirected (302) from an HTTPS endpoint to an HTTP endpoint on the same host, the Authorization header is not stripped and the credentials can be read in plain text. A man-in-the-middle attacker could exploit this flaw to obtain a user's valid credentials. (CVE-2018-18074)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-04-24T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : python-virtualenv (ALAS-2020-1413)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236"], "modified": "2020-04-28T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python-virtualenv", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1413.NASL", "href": "https://www.tenable.com/plugins/nessus/135931", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1413.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135931);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/28\");\n\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\");\n script_xref(name:\"ALAS\", value:\"2020-1413\");\n\n script_name(english:\"Amazon Linux 2 : python-virtualenv (ALAS-2020-1413)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"urllib3 before version 1.23 does not remove the Authorization HTTP\nheader when following a cross-origin redirect (i.e., a redirect that\ndiffers in host, port, or scheme). This can allow for credentials in\nthe Authorization header to be exposed to unintended hosts or\ntransmitted in cleartext. (CVE-2018-20060)\n\nIn the urllib3 library through 1.24.1 for Python, CRLF injection is\npossible if the attacker controls the request parameter.\n(CVE-2019-11236)\n\nA credentials-exposure flaw was found in python-requests, where if a\nrequest with authentication is redirected (302) from an HTTPS endpoint\nto an HTTP endpoint on the same host, the Authorization header is not\nstripped and the credentials can be read in plain text. A\nman-in-the-middle attacker could exploit this flaw to obtain a user's\nvalid credentials. (CVE-2018-18074)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1413.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python-virtualenv' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-virtualenv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"python-virtualenv-15.1.0-4.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-virtualenv\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T16:01:49", "description": "An update for python3 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es) :\n\n* python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010)\n\n* python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740)\n\n* python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947)\n\n* python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2019-11-06T00:00:00", "type": "nessus", "title": "RHEL 8 : python3 (RHSA-2019:3520)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5010", "CVE-2019-9740", "CVE-2019-9947", "CVE-2019-9948"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:platform-python", "p-cpe:/a:redhat:enterprise_linux:platform-python-debug", "p-cpe:/a:redhat:enterprise_linux:platform-python-devel", "p-cpe:/a:redhat:enterprise_linux:python3-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python3-debugsource", "p-cpe:/a:redhat:enterprise_linux:python3-idle", "p-cpe:/a:redhat:enterprise_linux:python3-libs", "p-cpe:/a:redhat:enterprise_linux:python3-test", "p-cpe:/a:redhat:enterprise_linux:python3-tkinter", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-3520.NASL", "href": "https://www.tenable.com/plugins/nessus/130548", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3520. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130548);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-5010\", \"CVE-2019-9740\", \"CVE-2019-9947\", \"CVE-2019-9948\");\n script_xref(name:\"RHSA\", value:\"2019:3520\");\n\n script_name(english:\"RHEL 8 : python3 (RHSA-2019:3520)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for python3 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage, which includes modules, classes, exceptions, very high level\ndynamic data types and dynamic typing. Python supports interfaces to\nmany system calls and libraries, as well as to various windowing\nsystems.\n\nSecurity Fix(es) :\n\n* python: NULL pointer dereference using a specially crafted X509\ncertificate (CVE-2019-5010)\n\n* python: CRLF injection via the query part of the url passed to\nurlopen() (CVE-2019-9740)\n\n* python: CRLF injection via the path part of the url passed to\nurlopen() (CVE-2019-9947)\n\n* python: Undocumented local_file protocol allows remote attackers to\nbypass protection mechanisms (CVE-2019-9948)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.1 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?774148ae\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3520\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9947\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9948\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:platform-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:platform-python-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:platform-python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3520\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"platform-python-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"platform-python-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"platform-python-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"platform-python-debug-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"platform-python-debug-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"platform-python-debug-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"platform-python-devel-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"platform-python-devel-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"platform-python-devel-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"python3-debuginfo-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"python3-debuginfo-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"python3-debuginfo-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"python3-debugsource-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"python3-debugsource-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"python3-debugsource-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"python3-idle-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"python3-idle-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"python3-idle-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"python3-libs-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"python3-libs-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"python3-libs-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"python3-test-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"python3-test-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"python3-test-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"python3-tkinter-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"python3-tkinter-3.6.8-15.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"python3-tkinter-3.6.8-15.1.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"platform-python / platform-python-debug / platform-python-devel / etc\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-07-02T16:21:14", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3520 advisory.\n\n - python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010)\n\n - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740)\n\n - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947)\n\n - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : python3 (CESA-2019:3520)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5010", "CVE-2019-9740", "CVE-2019-9947", "CVE-2019-9948"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:platform-python", "p-cpe:/a:centos:centos:platform-python-debug", "p-cpe:/a:centos:centos:platform-python-devel", "p-cpe:/a:centos:centos:python3-idle", "p-cpe:/a:centos:centos:python3-libs", "p-cpe:/a:centos:centos:python3-test", "p-cpe:/a:centos:centos:python3-tkinter"], "id": "CENTOS8_RHSA-2019-3520.NASL", "href": "https://www.tenable.com/plugins/nessus/145658", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:3520. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145658);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\n \"CVE-2019-5010\",\n \"CVE-2019-9740\",\n \"CVE-2019-9947\",\n \"CVE-2019-9948\"\n );\n script_bugtraq_id(\n 106636,\n 107466,\n 107549,\n 107555\n );\n script_xref(name:\"RHSA\", value:\"2019:3520\");\n\n script_name(english:\"CentOS 8 : python3 (CESA-2019:3520)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:3520 advisory.\n\n - python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010)\n\n - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740)\n\n - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947)\n\n - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms\n (CVE-2019-9948)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3520\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9948\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:platform-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:platform-python-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:platform-python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-tkinter\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'platform-python-3.6.8-15.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-3.6.8-15.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-debug-3.6.8-15.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-debug-3.6.8-15.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-devel-3.6.8-15.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-devel-3.6.8-15.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-idle-3.6.8-15.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-idle-3.6.8-15.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.6.8-15.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.6.8-15.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.6.8-15.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.6.8-15.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tkinter-3.6.8-15.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tkinter-3.6.8-15.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'platform-python / platform-python-debug / platform-python-devel / etc');\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-07-02T18:52:39", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1462 advisory.\n\n - python: Missing salt initialization in _elementtree.c module (CVE-2018-14647)\n\n - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740)\n\n - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947)\n\n - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2020-04-14T00:00:00", "type": "nessus", "title": "RHEL 7 : python (RHSA-2020:1462)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14647", "CVE-2019-9740", "CVE-2019-9947", "CVE-2019-9948"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.6", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_eus:7.6", "cpe:/o:redhat:rhel_tus:7.6", "p-cpe:/a:redhat:enterprise_linux:python", "p-cpe:/a:redhat:enterprise_linux:python-debug", "p-cpe:/a:redhat:enterprise_linux:python-devel", "p-cpe:/a:redhat:enterprise_linux:python-libs", "p-cpe:/a:redhat:enterprise_linux:python-test", "p-cpe:/a:redhat:enterprise_linux:python-tools", "p-cpe:/a:redhat:enterprise_linux:tkinter"], "id": "REDHAT-RHSA-2020-1462.NASL", "href": "https://www.tenable.com/plugins/nessus/135459", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1462. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135459);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\n \"CVE-2018-14647\",\n \"CVE-2019-9740\",\n \"CVE-2019-9947\",\n \"CVE-2019-9948\"\n );\n script_bugtraq_id(\n 105396,\n 107466,\n 107549,\n 107555\n );\n script_xref(name:\"RHSA\", value:\"2020:1462\");\n\n script_name(english:\"RHEL 7 : python (RHSA-2020:1462)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1462 advisory.\n\n - python: Missing salt initialization in _elementtree.c module (CVE-2018-14647)\n\n - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740)\n\n - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947)\n\n - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms\n (CVE-2019-9948)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/113.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/335.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/665.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/749.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14647\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-9740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1631822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1688169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1695570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1695572\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9948\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(113, 335, 665, 749);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tkinter\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_aus_7_6_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-aus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_e4s_7_6_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_eus_7_6_computenode': [\n 'rhel-7-hpc-node-eus-debug-rpms',\n 'rhel-7-hpc-node-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-optional-debug-rpms',\n 'rhel-7-hpc-node-eus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-optional-rpms',\n 'rhel-7-hpc-node-eus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-optional-source-rpms',\n 'rhel-7-hpc-node-eus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-rpms',\n 'rhel-7-hpc-node-eus-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-source-rpms',\n 'rhel-7-hpc-node-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_eus_7_6_server': [\n 'rhel-7-for-system-z-a-debug-rpms',\n 'rhel-7-for-system-z-a-optional-debug-rpms',\n 'rhel-7-for-system-z-a-optional-rpms',\n 'rhel-7-for-system-z-a-optional-source-rpms',\n 'rhel-7-for-system-z-a-rpms',\n 'rhel-7-for-system-z-a-source-rpms',\n 'rhel-7-for-system-z-eus-debug-rpms',\n 'rhel-7-for-system-z-eus-debug-rpms__7_DOT_6__s390x',\n 'rhel-7-for-system-z-eus-optional-debug-rpms',\n 'rhel-7-for-system-z-eus-optional-debug-rpms__7_DOT_6__s390x',\n 'rhel-7-for-system-z-eus-optional-rpms',\n 'rhel-7-for-system-z-eus-optional-rpms__7_DOT_6__s390x',\n 'rhel-7-for-system-z-eus-optional-source-rpms',\n 'rhel-7-for-system-z-eus-optional-source-rpms__7_DOT_6__s390x',\n 'rhel-7-for-system-z-eus-rpms',\n 'rhel-7-for-system-z-eus-rpms__7_DOT_6__s390x',\n 'rhel-7-for-system-z-eus-source-rpms',\n 'rhel-7-for-system-z-eus-source-rpms__7_DOT_6__s390x',\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-eus-debug-rpms',\n 'rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-optional-debug-rpms',\n 'rhel-7-server-eus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-optional-rpms',\n 'rhel-7-server-eus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-optional-source-rpms',\n 'rhel-7-server-eus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-rpms',\n 'rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-source-rpms',\n 'rhel-7-server-eus-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-rpms',\n 'rhel-ha-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-rpms',\n 'rhel-rs-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_e4s_7_6': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_eus_7_6': [\n 'rhel-sap-for-rhel-7-for-system-z-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-debug-rpms__7_DOT_6__s390x',\n 'rhel-sap-for-rhel-7-for-system-z-eus-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-rpms__7_DOT_6__s390x',\n 'rhel-sap-for-rhel-7-for-system-z-eus-source-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-source-rpms__7_DOT_6__s390x',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_hana_e4s_7_6': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_hana_eus_7_6': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_tus_7_6_server': [\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-7-server-tus-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms__7_DOT_6__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'python-2.7.5-83.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-2.7.5-83.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-debug-2.7.5-83.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-debug-2.7.5-83.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-devel-2.7.5-83.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-devel-2.7.5-83.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-libs-2.7.5-83.el7_6', 'sp':'6', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-libs-2.7.5-83.el7_6', 'sp':'6', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-libs-2.7.5-83.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-libs-2.7.5-83.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-test-2.7.5-83.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-test-2.7.5-83.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-tools-2.7.5-83.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'python-tools-2.7.5-83.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'tkinter-2.7.5-83.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'tkinter-2.7.5-83.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python / python-debug / python-devel / python-libs / python-test / etc');\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-05-15T13:54:15", "description": "The remote NewStart CGSL host, running version MAIN 6.01, has python-pip packages installed that are affected by multiple vulnerabilities:\n\n - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome.\n This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. (CVE-2019-11324)\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. (CVE-2019-11236)\n\n - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. (CVE-2018-20060)\n\n - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. (CVE-2018-18074)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-07-21T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 6.01 : python-pip Multiple Vulnerabilities (NS-SA-2020-0035)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236", "CVE-2019-11324"], "modified": "2022-05-12T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0035_PYTHON-PIP.NASL", "href": "https://www.tenable.com/plugins/nessus/138769", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0035. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138769);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2018-18074\",\n \"CVE-2018-20060\",\n \"CVE-2019-11236\",\n \"CVE-2019-11324\"\n );\n script_bugtraq_id(108793, 108815);\n\n script_name(english:\"NewStart CGSL MAIN 6.01 : python-pip Multiple Vulnerabilities (NS-SA-2020-0035)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 6.01, has python-pip packages installed that are affected by\nmultiple vulnerabilities:\n\n - The urllib3 library before 1.24.2 for Python mishandles\n certain cases where the desired set of CA certificates\n is different from the OS store of CA certificates, which\n results in SSL connections succeeding in situations\n where a verification failure is the correct outcome.\n This is related to use of the ssl_context, ca_certs, or\n ca_certs_dir argument. (CVE-2019-11324)\n\n - In the urllib3 library through 1.24.1 for Python, CRLF\n injection is possible if the attacker controls the\n request parameter. (CVE-2019-11236)\n\n - urllib3 before version 1.23 does not remove the\n Authorization HTTP header when following a cross-origin\n redirect (i.e., a redirect that differs in host, port,\n or scheme). This can allow for credentials in the\n Authorization header to be exposed to unintended hosts\n or transmitted in cleartext. (CVE-2018-20060)\n\n - The Requests package before 2.20.0 for Python sends an\n HTTP Authorization header to an http URI upon receiving\n a same-hostname https-to-http redirect, which makes it\n easier for remote attackers to discover credentials by\n sniffing the network. (CVE-2018-18074)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0035\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL python-pip packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11324\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-20060\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 6.01\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.01');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 6.01\": [\n \"platform-python-pip-9.0.3-16.el8\",\n \"python-pip-doc-9.0.3-16.el8\",\n \"python3-pip-9.0.3-16.el8\",\n \"python3-pip-wheel-9.0.3-16.el8\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pip\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-10T21:04:36", "description": "Several vulnerabilities were discovered in python-urllib3, a HTTP client for Python. \n\nCVE-2018-20060\n\nUrllib3 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.\n\nCVE-2019-11236\n\nCRLF injection is possible if the attacker controls the request parameter.\n\nCVE-2019-11324\n\nUrllib3 mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.\n\nCVE-2020-26137\n\nUrllib3 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest().\n\nFor Debian 9 stretch, these problems have been fixed in version 1.19.1-1+deb9u1.\n\nWe recommend that you upgrade your python-urllib3 packages.\n\nFor the detailed security status of python-urllib3 please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/python-urllib3\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-06-16T00:00:00", "type": "nessus", "title": "Debian DLA-2686-1 : python-urllib3 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20060", "CVE-2019-11236", "CVE-2019-11324", "CVE-2020-26137"], "modified": "2022-05-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:python-urllib3", "p-cpe:/a:debian:debian_linux:python3-urllib3", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2686.NASL", "href": "https://www.tenable.com/plugins/nessus/150806", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2686-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(150806);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\"CVE-2018-20060\", \"CVE-2019-11236\", \"CVE-2019-11324\", \"CVE-2020-26137\");\n\n script_name(english:\"Debian DLA-2686-1 : python-urllib3 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were discovered in python-urllib3, a HTTP\nclient for Python. \n\nCVE-2018-20060\n\nUrllib3 does not remove the Authorization HTTP header when following a\ncross-origin redirect (i.e., a redirect that differs in host, port, or\nscheme). This can allow for credentials in the Authorization header to\nbe exposed to unintended hosts or transmitted in cleartext.\n\nCVE-2019-11236\n\nCRLF injection is possible if the attacker controls the request\nparameter.\n\nCVE-2019-11324\n\nUrllib3 mishandles certain cases where the desired set of CA\ncertificates is different from the OS store of CA certificates, which\nresults in SSL connections succeeding in situations where a\nverification failure is the correct outcome. This is related to use of\nthe ssl_context, ca_certs, or ca_certs_dir argument.\n\nCVE-2020-26137\n\nUrllib3 allows CRLF injection if the attacker controls the HTTP\nrequest method, as demonstrated by inserting CR and LF control\ncharacters in the first argument of putrequest().\n\nFor Debian 9 stretch, these problems have been fixed in version\n1.19.1-1+deb9u1.\n\nWe recommend that you upgrade your python-urllib3 packages.\n\nFor the detailed security status of python-urllib3 please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/python-urllib3\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/python-urllib3\"\n );\n # https://security-tracker.debian.org/tracker/source-package/python-urllib3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eb907009\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade the affected python-urllib3, and python3-urllib3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-26137\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"python-urllib3\", reference:\"1.19.1-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3-urllib3\", reference:\"1.19.1-1+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-05-20T20:48:04", "description": "From Red Hat Security Advisory 2020:0850 :\n\nThe remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0850 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r ' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-19T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : python-pip (ELSA-2020-0850)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236", "CVE-2019-11324"], "modified": "2022-05-18T00:00:00", "cpe": ["cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:python3-pip:*:*:*:*:*:*:*"], "id": "ORACLELINUX_ELSA-2020-0850.NASL", "href": "https://www.tenable.com/plugins/nessus/134688", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0850 and \n# Oracle Linux Security Advisory ELSA-2020-0850 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134688);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-18074\",\n \"CVE-2018-20060\",\n \"CVE-2019-11236\",\n \"CVE-2019-11324\"\n );\n script_xref(name:\"RHSA\", value:\"2020:0850\");\n\n script_name(english:\"Oracle Linux 7 : python-pip (ELSA-2020-0850)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2020:0850 :\n\nThe remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0850 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2020-March/009715.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-pip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11324\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-20060\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"python3-pip-9.0.3-7.el7_7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3-pip\");\n}\n", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-17T14:07:32", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0850 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r ' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-26T00:00:00", "type": "nessus", "title": "CentOS 7 : python-pip (CESA-2020:0850)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236", "CVE-2019-11324"], "modified": "2022-05-13T00:00:00", "cpe": ["cpe:2.3:o:centos:centos:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:python3-pip:*:*:*:*:*:*:*"], "id": "CENTOS_RHSA-2020-0850.NASL", "href": "https://www.tenable.com/plugins/nessus/134903", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:0850 and \n# CentOS Errata and Security Advisory 2020:0850 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134903);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2018-18074\",\n \"CVE-2018-20060\",\n \"CVE-2019-11236\",\n \"CVE-2019-11324\"\n );\n script_xref(name:\"RHSA\", value:\"2020:0850\");\n\n script_name(english:\"CentOS 7 : python-pip (CESA-2020:0850)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0850 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n # https://lists.centos.org/pipermail/centos-announce/2020-March/035663.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b59a5b58\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-pip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11324\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-20060\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python3-pip-9.0.3-7.el7_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3-pip\");\n}\n", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-15T14:36:53", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-pip packages installed that are affected by multiple vulnerabilities:\n\n - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. (CVE-2019-11324)\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. (CVE-2019-11236)\n\n - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. (CVE-2018-20060)\n\n - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. (CVE-2018-18074)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : python-pip Multiple Vulnerabilities (NS-SA-2020-0112)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236", "CVE-2019-11324"], "modified": "2022-05-11T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0112_PYTHON-PIP.NASL", "href": "https://www.tenable.com/plugins/nessus/143975", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0112. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143975);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\n \"CVE-2018-18074\",\n \"CVE-2018-20060\",\n \"CVE-2019-11236\",\n \"CVE-2019-11324\"\n );\n script_bugtraq_id(108793, 108815);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : python-pip Multiple Vulnerabilities (NS-SA-2020-0112)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-pip packages installed that are\naffected by multiple vulnerabilities:\n\n - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA\n certificates is different from the OS store of CA certificates, which results in SSL connections\n succeeding in situations where a verification failure is the correct outcome. This is related to use of\n the ssl_context, ca_certs, or ca_certs_dir argument. (CVE-2019-11324)\n\n - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the\n request parameter. (CVE-2019-11236)\n\n - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin\n redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the\n Authorization header to be exposed to unintended hosts or transmitted in cleartext. (CVE-2018-20060)\n\n - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon\n receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover\n credentials by sniffing the network. (CVE-2018-18074)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0112\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL python-pip packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11324\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-20060\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.05': [\n 'python3-pip-9.0.3-7.el7_7'\n ],\n 'CGSL MAIN 5.05': [\n 'python3-pip-9.0.3-7.el7_7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-pip');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-17T14:15:40", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2068 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r ' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-05-12T00:00:00", "type": "nessus", "title": "RHEL 7 : python-pip (RHSA-2020:2068)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236", "CVE-2019-11324"], "modified": "2022-05-13T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:python3-pip:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-2068.NASL", "href": "https://www.tenable.com/plugins/nessus/136519", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2068. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136519);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2018-18074\",\n \"CVE-2018-20060\",\n \"CVE-2019-11236\",\n \"CVE-2019-11324\"\n );\n script_bugtraq_id(108793, 108815);\n script_xref(name:\"RHSA\", value:\"2020:2068\");\n\n script_name(english:\"RHEL 7 : python-pip (RHSA-2020:2068)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2068 advisory.\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/113.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/295.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/522.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-18074\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-20060\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2068\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1643829\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1649153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1700824\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1702473\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-pip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11324\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-20060\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(113, 295, 522);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pip\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_7_client': [\n 'rhel-7-desktop-debug-rpms',\n 'rhel-7-desktop-fastrack-debug-rpms',\n 'rhel-7-desktop-fastrack-rpms',\n 'rhel-7-desktop-fastrack-source-rpms',\n 'rhel-7-desktop-optional-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-rpms',\n 'rhel-7-desktop-optional-fastrack-source-rpms',\n 'rhel-7-desktop-optional-rpms',\n 'rhel-7-desktop-optional-source-rpms',\n 'rhel-7-desktop-rpms',\n 'rhel-7-desktop-source-rpms'\n ],\n 'enterprise_linux_7_computenode': [\n 'rhel-7-for-hpc-node-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-fastrack-rpms',\n 'rhel-7-for-hpc-node-fastrack-source-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-source-rpms',\n 'rhel-7-hpc-node-debug-rpms',\n 'rhel-7-hpc-node-optional-debug-rpms',\n 'rhel-7-hpc-node-optional-rpms',\n 'rhel-7-hpc-node-optional-source-rpms',\n 'rhel-7-hpc-node-rpms',\n 'rhel-7-hpc-node-source-rpms'\n ],\n 'enterprise_linux_7_server': [\n 'rhel-7-server-debug-rpms',\n 'rhel-7-server-fastrack-debug-rpms',\n 'rhel-7-server-fastrack-rpms',\n 'rhel-7-server-fastrack-source-rpms',\n 'rhel-7-server-optional-debug-rpms',\n 'rhel-7-server-optional-fastrack-debug-rpms',\n 'rhel-7-server-optional-fastrack-rpms',\n 'rhel-7-server-optional-fastrack-source-rpms',\n 'rhel-7-server-optional-rpms',\n 'rhel-7-server-optional-source-rpms',\n 'rhel-7-server-rpms',\n 'rhel-7-server-source-rpms',\n 'rhel-ha-for-rhel-7-server-debug-rpms',\n 'rhel-ha-for-rhel-7-server-rpms',\n 'rhel-ha-for-rhel-7-server-source-rpms',\n 'rhel-rs-for-rhel-7-server-debug-rpms',\n 'rhel-rs-for-rhel-7-server-rpms',\n 'rhel-rs-for-rhel-7-server-source-rpms'\n ],\n 'enterprise_linux_7_workstation': [\n 'rhel-7-workstation-debug-rpms',\n 'rhel-7-workstation-fastrack-debug-rpms',\n 'rhel-7-workstation-fastrack-rpms',\n 'rhel-7-workstation-fastrack-source-rpms',\n 'rhel-7-workstation-optional-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-rpms',\n 'rhel-7-workstation-optional-fastrack-source-rpms',\n 'rhel-7-workstation-optional-rpms',\n 'rhel-7-workstation-optional-source-rpms',\n 'rhel-7-workstation-rpms',\n 'rhel-7-workstation-source-rpms'\n ],\n 'rhel_extras_7': [\n 'rhel-7-desktop-supplementary-rpms',\n 'rhel-7-desktop-supplementary-source-rpms',\n 'rhel-7-for-hpc-node-supplementary-rpms',\n 'rhel-7-for-hpc-node-supplementary-source-rpms',\n 'rhel-7-hpc-node-eus-supplementary-rpms',\n 'rhel-7-server-eus-supplementary-rpms',\n 'rhel-7-server-supplementary-rpms',\n 'rhel-7-server-supplementary-source-rpms',\n 'rhel-7-workstation-supplementary-rpms',\n 'rhel-7-workstation-supplementary-source-rpms'\n ],\n 'rhel_extras_oracle_java_7': [\n 'rhel-7-desktop-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-for-hpc-node-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-hpc-node-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-source-rpms',\n 'rhel-7-server-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-workstation-restricted-maintenance-oracle-java-rpms'\n ],\n 'rhel_extras_rt_7': [\n 'rhel-7-server-nfv-debug-rpms',\n 'rhel-7-server-nfv-rpms',\n 'rhel-7-server-nfv-source-rpms',\n 'rhel-7-server-rt-debug-rpms',\n 'rhel-7-server-rt-rpms',\n 'rhel-7-server-rt-source-rpms'\n ],\n 'rhel_extras_sap_7': [\n 'rhel-sap-for-rhel-7-server-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-rpms',\n 'rhel-sap-for-rhel-7-server-source-rpms'\n ],\n 'rhel_extras_sap_hana_7': [\n 'rhel-sap-hana-for-rhel-7-server-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-rpms',\n 'rhel-sap-hana-for-rhel-7-server-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'python3-pip-9.0.3-7.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-pip');\n}\n", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-17T14:19:30", "description": "Security Fix(es) :\n\n - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060)\n\n - python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service (CVE-2019-11236)\n\n - python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324)\n\n - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-06-02T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : python-pip on SL7.x (noarch) (20200512)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18074", "CVE-2018-20060", "CVE-2019-11236", "CVE-2019-11324"], "modified": "2022-05-16T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:python3-pip", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20200512_PYTHON_PIP_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/137038", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137038);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2018-18074\", \"CVE-2018-20060\", \"CVE-2019-11236\", \"CVE-2019-11324\");\n\n script_name(english:\"Scientific Linux Security Update : python-pip on SL7.x (noarch) (20200512)\");\n script_summary(english:\"Checks rpm output for the updated package\");\

[SECURITY] Fedora 29 Update: python-urllib3-1.24.3-1.fc29

Description

Affected Package

Related