ID FEDORA:7E322309BE26 Type fedora Reporter Fedora Modified 2020-09-25T17:18:08
Description
.NET Core is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET Core contains a runtime conforming to .NET Standards a set of framework libraries, an SDK containing compilers and a 'dotnet' application to drive everything.
{"id": "FEDORA:7E322309BE26", "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 33 Update: dotnet3.1-3.1.107-1.fc33", "description": ".NET Core is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET Core contains a runtime conforming to .NET Standards a set of framework libraries, an SDK containing compilers and a 'dotnet' application to drive everything. ", "published": "2020-09-25T17:18:08", "modified": "2020-09-25T17:18:08", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2020-1597"], "lastseen": "2020-12-21T08:17:56", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-1597"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-3422"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2020-3422.NASL", "ORACLELINUX_ELSA-2020-3422.NASL", "SMB_NT_MS20_AUG_VISUAL_STUDIO.NASL", "REDHAT-RHSA-2020-3421.NASL", "SMB_NT_MS20_AUG_ASPDOTNET_CORE.NASL", "FEDORA_2020-CAD5D17C6D.NASL"]}, {"type": "mscve", "idList": ["MS:CVE-2020-1597"]}, {"type": "redhat", "idList": ["RHSA-2020:3421", "RHSA-2020:3422"]}, {"type": "kaspersky", "idList": ["KLA11934"]}, {"type": "avleonov", "idList": ["AVLEONOV:F17F36C3CC642EBDC27E43900FE3905E"]}], "modified": "2020-12-21T08:17:56", "rev": 2}, "score": {"value": 3.9, "vector": "NONE", "modified": "2020-12-21T08:17:56", "rev": 2}, "vulnersScore": 3.9}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "33", "arch": "any", "packageName": "dotnet3.1", "packageVersion": "3.1.107", "packageFilename": "UNKNOWN", "operator": "lt"}]}
{"cve": [{"lastseen": "2020-12-09T22:03:09", "description": "A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.", "edition": 10, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-08-17T19:15:00", "title": "CVE-2020-1597", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1597"], "modified": "2020-09-25T20:15:00", "cpe": ["cpe:/a:microsoft:visual_studio_2019:16.6", "cpe:/a:microsoft:visual_studio_2017:15.8", "cpe:/a:microsoft:asp.net_core:2.1", "cpe:/a:microsoft:visual_studio_2019:16.3", "cpe:/a:microsoft:asp.net_core:3.1"], "id": "CVE-2020-1597", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1597", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:visual_studio_2019:16.6:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:visual_studio_2017:15.8:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:visual_studio_2019:16.3:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2020-09-14T18:19:23", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:3421 advisory.\n\n - dotnet: ASP.NET Core Resource Consumption Denial of\n Service (CVE-2020-1597)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 3, "cvss3": {}, "published": "2020-08-11T00:00:00", "title": "RHEL 7 : .NET Core 3.1 security and bugfix update for Red Hat Enterprise Linux (Important) (RHSA-2020:3421)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1597"], "modified": "2020-08-11T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-aspnetcore-targeting-pack-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-hostfxr-3.1", "cpe:/a:redhat:rhel_dotnet:3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-host", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-aspnetcore-runtime-3.1", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-sdk-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-runtime-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-templates-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-apphost-pack-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-netstandard-targeting-pack-2.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-targeting-pack-3.1", "cpe:/a:redhat:rhel_dotnet:3.1::el7"], "id": "REDHAT-RHSA-2020-3421.NASL", "href": "https://www.tenable.com/plugins/nessus/139511", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3421. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139511);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/11\");\n\n script_cve_id(\"CVE-2020-1597\");\n script_xref(name:\"RHSA\", value:\"2020:3421\");\n\n script_name(english:\"RHEL 7 : .NET Core 3.1 security and bugfix update for Red Hat Enterprise Linux (Important) (RHSA-2020:3421)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:3421 advisory.\n\n - dotnet: ASP.NET Core Resource Consumption Denial of\n Service (CVE-2020-1597)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-1597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3421\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861110\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n script_cwe_id(400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_dotnet:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_dotnet:3.1::el7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-aspnetcore-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-aspnetcore-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-apphost-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-hostfxr-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-sdk-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-templates-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-netstandard-targeting-pack-2.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\npkgs = [\n {'reference':'rh-dotnet31-aspnetcore-runtime-3.1-3.1.7-1.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'rh-dotnet31-aspnetcore-targeting-pack-3.1-3.1.7-1.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'rh-dotnet31-dotnet-3.1.107-1.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'rh-dotnet31-dotnet-apphost-pack-3.1-3.1.7-1.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'rh-dotnet31-dotnet-host-3.1.7-1.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'rh-dotnet31-dotnet-hostfxr-3.1-3.1.7-1.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'rh-dotnet31-dotnet-runtime-3.1-3.1.7-1.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'rh-dotnet31-dotnet-sdk-3.1-3.1.107-1.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'rh-dotnet31-dotnet-targeting-pack-3.1-3.1.7-1.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'rh-dotnet31-dotnet-templates-3.1-3.1.107-1.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'rh-dotnet31-netstandard-targeting-pack-2.1-3.1.107-1.el7', 'cpu':'x86_64', 'release':'7'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-dotnet31-aspnetcore-runtime-3.1 / rh-dotnet31-aspnetcore-targeting-pack-3.1 / rh-dotnet31-dotnet / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-14T17:31:25", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2020-3422 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's\nself-reported version number.", "edition": 3, "cvss3": {}, "published": "2020-08-17T00:00:00", "title": "Oracle Linux 8 : .NET / Core / 3.1 (ELSA-2020-3422)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1597"], "modified": "2020-08-17T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:dotnet-targeting-pack-3.1", "p-cpe:/a:oracle:linux:dotnet-apphost-pack-3.1", "p-cpe:/a:oracle:linux:netstandard-targeting-pack-2.1", "p-cpe:/a:oracle:linux:dotnet-templates-3.1", "p-cpe:/a:oracle:linux:dotnet-host", "p-cpe:/a:oracle:linux:dotnet-sdk-3.1", "p-cpe:/a:oracle:linux:dotnet-hostfxr-3.1", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:dotnet", "p-cpe:/a:oracle:linux:aspnetcore-targeting-pack-3.1", "p-cpe:/a:oracle:linux:dotnet-runtime-3.1", "p-cpe:/a:oracle:linux:aspnetcore-runtime-3.1"], "id": "ORACLELINUX_ELSA-2020-3422.NASL", "href": "https://www.tenable.com/plugins/nessus/139613", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-3422.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139613);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/17\");\n\n script_cve_id(\"CVE-2020-1597\");\n\n script_name(english:\"Oracle Linux 8 : .NET / Core / 3.1 (ELSA-2020-3422)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2020-3422 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's\nself-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://linux.oracle.com/errata/ELSA-2020-3422.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:aspnetcore-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:aspnetcore-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-apphost-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-hostfxr-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-sdk-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-templates-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netstandard-targeting-pack-2.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\npkgs = [\n {'reference':'aspnetcore-runtime-3.1-3.1.7-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'},\n {'reference':'aspnetcore-targeting-pack-3.1-3.1.7-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-3.1.107-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-apphost-pack-3.1-3.1.7-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-host-3.1.7-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-hostfxr-3.1-3.1.7-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-runtime-3.1-3.1.7-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-sdk-3.1-3.1.107-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-targeting-pack-3.1-3.1.7-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-templates-3.1-3.1.107-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'},\n {'reference':'netstandard-targeting-pack-2.1-3.1.107-1.0.1.el8_2', 'cpu':'x86_64', 'release':'8'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aspnetcore-runtime-3.1 / aspnetcore-targeting-pack-3.1 / dotnet / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-17T06:24:19", "description": "Update to .NET Core SDK 3.1.107 and Runtime 3.1.7.\n\nThis fixes CVE-2020-1597\n\n - Release Notes:\n https://github.com/dotnet/core/blob/master/release-notes\n /3.1/3.1.7/3.1.7.md\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 2, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-09-14T00:00:00", "title": "Fedora 32 : dotnet-build-reference-packages / dotnet3.1 (2020-cad5d17c6d)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1597"], "modified": "2020-09-14T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "p-cpe:/a:fedoraproject:fedora:dotnet3.1", "p-cpe:/a:fedoraproject:fedora:dotnet-build-reference-packages"], "id": "FEDORA_2020-CAD5D17C6D.NASL", "href": "https://www.tenable.com/plugins/nessus/140555", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-cad5d17c6d.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140555);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/16\");\n\n script_cve_id(\"CVE-2020-1597\");\n script_xref(name:\"FEDORA\", value:\"2020-cad5d17c6d\");\n\n script_name(english:\"Fedora 32 : dotnet-build-reference-packages / dotnet3.1 (2020-cad5d17c6d)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to .NET Core SDK 3.1.107 and Runtime 3.1.7.\n\nThis fixes CVE-2020-1597\n\n - Release Notes:\n https://github.com/dotnet/core/blob/master/release-notes\n /3.1/3.1.7/3.1.7.md\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-cad5d17c6d\"\n );\n # https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.7/3.1.7.md\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ef4d39f9\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected dotnet-build-reference-packages and / or dotnet3.1\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dotnet-build-reference-packages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dotnet3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"dotnet-build-reference-packages-0-5.20200608git1b1a695.fc32\")) flag++;\nif (rpm_check(release:\"FC32\", reference:\"dotnet3.1-3.1.107-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dotnet-build-reference-packages / dotnet3.1\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-14T05:30:54", "description": "The Microsoft ASP.NET Core installation on the remote host is version 2.1.x < 2.1.21, or 3.1.x < 3.1.7. It is,\ntherefore, affected by a denial of service (DoS) vulnerability when ASP.NET Core improperly handles web requests. An\nunauthenticated, remote attacker can exploit this issue, via sending a specially crafted requests to the ASP.NET Core\napplication to cause the application to stop responding.", "edition": 3, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-08-11T00:00:00", "title": "Security Update for Microsoft ASP.NET Core (DoS) (August 2020)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1597"], "modified": "2020-08-11T00:00:00", "cpe": ["cpe:/a:microsoft:aspnet_core"], "id": "SMB_NT_MS20_AUG_ASPDOTNET_CORE.NASL", "href": "https://www.tenable.com/plugins/nessus/139496", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139496);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/11\");\n\n script_cve_id(\"CVE-2020-1597\");\n script_xref(name:\"IAVA\", value:\"2020-A-0354-S\");\n\n script_name(english:\"Security Update for Microsoft ASP.NET Core (DoS) (August 2020)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft ASP.NET Core installations on the remote host contain vulnerable packages.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft ASP.NET Core installation on the remote host is version 2.1.x < 2.1.21, or 3.1.x < 3.1.7. It is,\ntherefore, affected by a denial of service (DoS) vulnerability when ASP.NET Core improperly handles web requests. An\nunauthenticated, remote attacker can exploit this issue, via sending a specially crafted requests to the ASP.NET Core\napplication to cause the application to stop responding.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/2.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/3.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/dotnet/announcements/issues/162\");\n # https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e208efc4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update ASP.NET Core, remove vulnerable packages and refer to vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1597\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:aspnet_core\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_asp_dotnet_core_win.nbin\");\n script_require_keys(\"installed_sw/ASP .NET Core Windows\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'ASP .NET Core Windows';\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '3.1', 'fixed_version' : '3.1.7'},\n { 'min_version' : '2.1', 'fixed_version' : '2.1.21'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-19T05:33:42", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3422 advisory.\n\n - dotnet: ASP.NET Core Resource Consumption Denial of Service (CVE-2020-1597)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 4, "cvss3": {}, "published": "2020-08-11T00:00:00", "title": "RHEL 8 : .NET Core 3.1 (RHSA-2020:3422)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1597"], "modified": "2020-08-11T00:00:00", "cpe": ["cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:dotnet-targeting-pack-3.1", "cpe:/a:redhat:rhel_e4s:8.2::appstream", "p-cpe:/a:redhat:enterprise_linux:dotnet3.1-debugsource", "cpe:/o:redhat:rhel_eus:8.4", "p-cpe:/a:redhat:enterprise_linux:aspnetcore-targeting-pack-3.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-3.1", "cpe:/a:redhat:rhel_eus:8.4::appstream", "p-cpe:/a:redhat:enterprise_linux:aspnetcore-runtime-3.1", "cpe:/o:redhat:rhel_e4s:8.2", "p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-3.1", "cpe:/a:redhat:rhel_tus:8.2::appstream", "p-cpe:/a:redhat:enterprise_linux:dotnet-hostfxr-3.1", "cpe:/a:redhat:enterprise_linux:8::appstream", "p-cpe:/a:redhat:enterprise_linux:dotnet-apphost-pack-3.1", "p-cpe:/a:redhat:enterprise_linux:dotnet", "p-cpe:/a:redhat:enterprise_linux:dotnet-host", "cpe:/o:redhat:rhel_aus:8.2", "p-cpe:/a:redhat:enterprise_linux:netstandard-targeting-pack-2.1", "cpe:/a:redhat:rhel_aus:8.2::appstream", "p-cpe:/a:redhat:enterprise_linux:dotnet-templates-3.1", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/a:redhat:rhel_eus:8.2::appstream"], "id": "REDHAT-RHSA-2020-3422.NASL", "href": "https://www.tenable.com/plugins/nessus/139515", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3422. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139515);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/18\");\n\n script_cve_id(\"CVE-2020-1597\");\n script_xref(name:\"RHSA\", value:\"2020:3422\");\n\n script_name(english:\"RHEL 8 : .NET Core 3.1 (RHSA-2020:3422)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3422 advisory.\n\n - dotnet: ASP.NET Core Resource Consumption Denial of Service (CVE-2020-1597)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-1597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3422\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861110\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1597\");\n script_cwe_id(400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:enterprise_linux:8::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_aus:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_e4s:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_eus:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_eus:8.4::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_tus:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:aspnetcore-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:aspnetcore-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-apphost-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-hostfxr-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-templates-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet3.1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netstandard-targeting-pack-2.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:3422');\n}\n\npkgs = [\n {'reference':'aspnetcore-runtime-3.1-3.1.7-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'aspnetcore-targeting-pack-3.1-3.1.7-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'dotnet-3.1.107-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'dotnet-apphost-pack-3.1-3.1.7-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'dotnet-host-3.1.7-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'dotnet-hostfxr-3.1-3.1.7-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'dotnet-runtime-3.1-3.1.7-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'dotnet-sdk-3.1-3.1.107-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'dotnet-targeting-pack-3.1-3.1.7-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'dotnet-templates-3.1-3.1.107-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'dotnet3.1-debugsource-3.1.107-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'netstandard-targeting-pack-2.1-3.1.107-1.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aspnetcore-runtime-3.1 / aspnetcore-targeting-pack-3.1 / dotnet / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-14T05:30:55", "description": "The Microsoft Visual Studio Products are missing security\nupdates. It is, therefore, affected by a denial-of-service\nvulnerability:\n\n - A denial of service vulnerability exists when ASP.NET\n Core improperly handles web requests. An attacker who\n successfully exploited this vulnerability could cause a\n denial of service against an ASP.NET Core web\n application. The vulnerability can be exploited\n remotely, without authentication. A remote\n unauthenticated attacker could exploit this\n vulnerability by issuing specially crafted requests to\n the ASP.NET Core application. The update addresses the\n vulnerability by correcting how the ASP.NET Core web\n application handles web requests. (CVE-2020-1597)", "edition": 4, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-08-11T00:00:00", "title": "Security Updates for Microsoft Visual Studio Products (August 2020)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1597"], "modified": "2020-08-11T00:00:00", "cpe": ["cpe:/a:microsoft:visual_studio"], "id": "SMB_NT_MS20_AUG_VISUAL_STUDIO.NASL", "href": "https://www.tenable.com/plugins/nessus/139506", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139506);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/11\");\n\n script_cve_id(\"CVE-2020-1597\");\n script_xref(name:\"IAVA\", value:\"2020-A-0377-S\");\n\n script_name(english:\"Security Updates for Microsoft Visual Studio Products (August 2020)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Visual Studio Products are affected by a denial-of-service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Visual Studio Products are missing security\nupdates. It is, therefore, affected by a denial-of-service\nvulnerability:\n\n - A denial of service vulnerability exists when ASP.NET\n Core improperly handles web requests. An attacker who\n successfully exploited this vulnerability could cause a\n denial of service against an ASP.NET Core web\n application. The vulnerability can be exploited\n remotely, without authentication. A remote\n unauthenticated attacker could exploit this\n vulnerability by issuing specially crafted requests to\n the ASP.NET Core application. The update addresses the\n vulnerability by correcting how the ASP.NET Core web\n application handles web requests. (CVE-2020-1597)\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released 15.9.26, 16.0.17, 16.4.12, and 16.7.1 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1597\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:visual_studio\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ms_bulletin_checks_possible.nasl\", \"microsoft_visual_studio_installed.nbin\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\", \"installed_sw/Microsoft Visual Studio\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('misc_func.inc');\ninclude('install_func.inc');\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\n\nget_kb_item_or_exit('installed_sw/Microsoft Visual Studio');\n\nport = get_kb_item(\"SMB/transport\");\nappname = 'Microsoft Visual Studio';\n\ninstalls = get_installs(app_name:appname, exit_if_not_found:TRUE);\n\nreport = '';\n\nforeach install (installs[1])\n{\n version = install['version'];\n path = install['path'];\n prod = install['Product'];\n\n fix = '';\n\n # https://docs.microsoft.com/en-us/visualstudio/releases/2019/history\n # VS 2017 (15.9)\n if (prod == '2017' && version =~ '^15\\\\.[1-9]\\\\.')\n {\n fix = '15.9.28307.1234';\n\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n # VS 2019 Version 16.0\n else if (prod == '2019' && version =~ '^16\\\\.0\\\\.')\n {\n fix = '16.0.28803.806';\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n # VS 2019 Version 16.4\n else if (prod == '2019' && version =~ '^16\\\\.[1-4]\\\\.')\n {\n fix = '16.4.30406.169';\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n # VS 2019 Version 16.7\n else if (prod == '2019' && version =~ '^16\\\\.[5-7]\\\\.')\n {\n fix = '16.7.30406.217';\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n}\n\nif (empty(report))\n audit(AUDIT_INST_VER_NOT_VULN, appname);\n\nsecurity_report_v4(port:port, severity:SECURITY_WARNING, extra:report);\n\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2020-10-22T17:10:45", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1597"], "description": "[3.1.107-1.0.1]\n- Update patch to support 8.2 (alexander.burmashev@oracle.com)\n- support OL release scheme (alexander.burmashev@oracle.com)\n[3.1.107-1]\n- Update to .NET Core Runtime 3.1.7 and SDK 3.1.107\n- Resolves: RHBZ#1862593\n- Resolves: RHBZ#1861113", "edition": 3, "modified": "2020-08-16T00:00:00", "published": "2020-08-16T00:00:00", "id": "ELSA-2020-3422", "href": "http://linux.oracle.com/errata/ELSA-2020-3422.html", "title": ".NET Core 3.1 security and bugfix update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mscve": [{"lastseen": "2020-08-26T13:47:54", "bulletinFamily": "microsoft", "cvelist": ["CVE-2020-1597"], "description": "A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.\n\nA remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application.\n\nThe update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.\n", "edition": 3, "modified": "2020-08-12T07:00:00", "id": "MS:CVE-2020-1597", "href": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597", "published": "2020-08-12T07:00:00", "title": "ASP.NET Core Denial of Service Vulnerability", "type": "mscve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2020-08-26T10:09:07", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1597"], "description": ".NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.107 and .NET Core Runtime 3.1.7.\n\nSecurity Fixes:\n\n* .NET Core: ASP.NET Core Resource Consumption Denial of Service (CVE-2020-1597)\n\nDefault inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-08-12T00:24:57", "published": "2020-08-12T00:00:21", "id": "RHSA-2020:3422", "href": "https://access.redhat.com/errata/RHSA-2020:3422", "type": "redhat", "title": "(RHSA-2020:3422) Important: .NET Core 3.1 security and bugfix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-26T10:06:52", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1597"], "description": ".NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.107 and .NET Core Runtime 3.1.7.\n\nSecurity Fix(es):\n\n* .NET Core: ASP.NET Core Resource Consumption Denial of Service (CVE-2020-1597)\n\nDefault inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-08-12T00:23:08", "published": "2020-08-11T23:58:55", "id": "RHSA-2020:3421", "href": "https://access.redhat.com/errata/RHSA-2020:3421", "type": "redhat", "title": "(RHSA-2020:3421) Important: .NET Core 3.1 security and bugfix update for Red Hat Enterprise Linux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "kaspersky": [{"lastseen": "2020-09-02T11:49:55", "bulletinFamily": "info", "cvelist": ["CVE-2020-1476", "CVE-2020-1046", "CVE-2020-0604", "CVE-2020-1597"], "description": "### *Detect date*:\n08/11/2020\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges.\n\n### *Affected products*:\nMicrosoft .NET Framework 3.5.1 \nMicrosoft .NET Framework 3.5 AND 4.7.1/4.7.2 \nMicrosoft .NET Framework 4.8 \nMicrosoft Visual Studio 2019 version 16.0 \nMicrosoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 \nMicrosoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) \nMicrosoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2 \nMicrosoft .NET Framework 4.6 \nASP.NET Core 3.1 \nMicrosoft .NET Framework 2.0 Service Pack 2 \nVisual Studio Code \nASP.NET Core 2.1 \nMicrosoft .NET Framework 3.5 AND 4.8 \nMicrosoft .NET Framework 3.5 AND 4.7.2 \nMicrosoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 \nMicrosoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6) \nMicrosoft .NET Framework 4.5.2 \nMicrosoft .NET Framework 3.5 \nMicrosoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2020-1597](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1597>) \n[CVE-2020-1046](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1046>) \n[CVE-2020-0604](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-0604>) \n[CVE-2020-1476](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1476>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft .NET Framework](<https://threats.kaspersky.com/en/product/Microsoft-.NET-Framework/>)\n\n### *CVE-IDS*:\n[CVE-2020-1597](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1597>)0.0Unknown \n[CVE-2020-1046](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1046>)0.0Unknown \n[CVE-2020-0604](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0604>)0.0Unknown \n[CVE-2020-1476](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1476>)0.0Unknown\n\n### *KB list*:\n[4571692](<http://support.microsoft.com/kb/4571692>) \n[4571694](<http://support.microsoft.com/kb/4571694>) \n[4571709](<http://support.microsoft.com/kb/4571709>) \n[4571741](<http://support.microsoft.com/kb/4571741>) \n[4569751](<http://support.microsoft.com/kb/4569751>) \n[4569748](<http://support.microsoft.com/kb/4569748>) \n[4569749](<http://support.microsoft.com/kb/4569749>) \n[4569746](<http://support.microsoft.com/kb/4569746>) \n[4569745](<http://support.microsoft.com/kb/4569745>) \n[4570506](<http://support.microsoft.com/kb/4570506>) \n[4570507](<http://support.microsoft.com/kb/4570507>) \n[4570502](<http://support.microsoft.com/kb/4570502>) \n[4570500](<http://support.microsoft.com/kb/4570500>) \n[4570501](<http://support.microsoft.com/kb/4570501>) \n[4570505](<http://support.microsoft.com/kb/4570505>) \n[4570509](<http://support.microsoft.com/kb/4570509>) \n[4570508](<http://support.microsoft.com/kb/4570508>) \n[4570503](<http://support.microsoft.com/kb/4570503>)", "edition": 1, "modified": "2020-08-18T00:00:00", "published": "2020-08-11T00:00:00", "id": "KLA11934", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11934", "title": "\r KLA11934Multiple vulnerabilities in Microsoft Developer Tools ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "avleonov": [{"lastseen": "2020-08-30T20:06:45", "bulletinFamily": "blog", "cvelist": ["CVE-2020-0604", "CVE-2020-1046", "CVE-2020-1182", "CVE-2020-1337", "CVE-2020-1339", "CVE-2020-1341", "CVE-2020-1377", "CVE-2020-1378", "CVE-2020-1379", "CVE-2020-1380", "CVE-2020-1383", "CVE-2020-1417", "CVE-2020-1455", "CVE-2020-1459", "CVE-2020-1464", "CVE-2020-1466", "CVE-2020-1467", "CVE-2020-1470", "CVE-2020-1472", "CVE-2020-1473", "CVE-2020-1474", "CVE-2020-1475", "CVE-2020-1476", "CVE-2020-1477", "CVE-2020-1478", "CVE-2020-1479", "CVE-2020-1480", "CVE-2020-1483", "CVE-2020-1484", "CVE-2020-1485", "CVE-2020-1486", "CVE-2020-1487", "CVE-2020-1488", "CVE-2020-1489", "CVE-2020-1490", "CVE-2020-1492", "CVE-2020-1493", "CVE-2020-1494", "CVE-2020-1495", "CVE-2020-1496", "CVE-2020-1497", "CVE-2020-1498", "CVE-2020-1499", "CVE-2020-1500", "CVE-2020-1501", "CVE-2020-1502", "CVE-2020-1503", "CVE-2020-1504", "CVE-2020-1505", "CVE-2020-1509", "CVE-2020-1510", "CVE-2020-1511", "CVE-2020-1512", "CVE-2020-1513", "CVE-2020-1515", "CVE-2020-1516", "CVE-2020-1517", "CVE-2020-1518", "CVE-2020-1519", "CVE-2020-1520", "CVE-2020-1521", "CVE-2020-1522", "CVE-2020-1524", "CVE-2020-1525", "CVE-2020-1526", "CVE-2020-1527", "CVE-2020-1528", "CVE-2020-1529", "CVE-2020-1530", "CVE-2020-1531", "CVE-2020-1533", "CVE-2020-1534", "CVE-2020-1535", "CVE-2020-1536", "CVE-2020-1537", "CVE-2020-1538", "CVE-2020-1539", "CVE-2020-1540", "CVE-2020-1541", "CVE-2020-1542", "CVE-2020-1543", "CVE-2020-1544", "CVE-2020-1545", "CVE-2020-1546", "CVE-2020-1547", "CVE-2020-1548", "CVE-2020-1549", "CVE-2020-1550", "CVE-2020-1551", "CVE-2020-1552", "CVE-2020-1553", "CVE-2020-1554", "CVE-2020-1555", "CVE-2020-1556", "CVE-2020-1557", "CVE-2020-1558", "CVE-2020-1560", "CVE-2020-1561", "CVE-2020-1562", "CVE-2020-1563", "CVE-2020-1564", "CVE-2020-1565", "CVE-2020-1566", "CVE-2020-1567", "CVE-2020-1568", "CVE-2020-1569", "CVE-2020-1570", "CVE-2020-1571", "CVE-2020-1573", "CVE-2020-1574", "CVE-2020-1577", "CVE-2020-1578", "CVE-2020-1579", "CVE-2020-1580", "CVE-2020-1581", "CVE-2020-1582", "CVE-2020-1583", "CVE-2020-1584", "CVE-2020-1585", "CVE-2020-1587", "CVE-2020-1591", "CVE-2020-1597"], "description": "This time I would like to review not only the vulnerabilities that were published in the last August Microsoft Patch Tuesday, but also the CVEs that were published on other, not Patch Tuesday, days. Of course, if there are any.\n\n\n\nBut let's start with the vulnerabilities that were presented on MS Patch Tuesday on August 11th. There were 120 vulnerabilities: 17 of them are Critical and 103 Important. My [vulristics script](<https://github.com/leonov-av/vulristics/blob/master/report_ms_patch_tuesday_exploits.py>) could not find public exploits for these vulnerabilities on Vulners.com.\n\nFor the first time in a long time, there were 2 Exploitation Detected vulnerabilities.\n\n### Exploitation detected (2)\n\n#### Remote Code Execution\n\n * Internet Explorer ([CVE-2020-1380](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380>))\n\n#### Spoofing\n\n * Windows ([CVE-2020-1464](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464>))\n\nWindows spoofing ([CVE-2020-1464](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464>)) is good for phishing. "In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded."\n\nRCE in Internet Explorer ([CVE-2020-1380](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380>)) might be interesting in the context of "An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine". \n\n### Exploitation more likely (8)\n\n#### Remote Code Execution\n\n * Internet Explorer ([CVE-2020-1570](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1570>))\n * MSHTML Engine ([CVE-2020-1567](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1567>))\n\n#### Elevation of Privilege\n\n * Windows Ancillary Function Driver for WinSock ([CVE-2020-1587](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1587>))\n * Windows GDI ([CVE-2020-1480](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1480>), [CVE-2020-1529](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1529>))\n * Windows Kernel ([CVE-2020-1566](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1566>))\n * Windows dnsrslvr.dll ([CVE-2020-1584](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1584>))\n\n#### Information Disclosure\n\n * Windows Kernel ([CVE-2020-1578](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1578>))\n\nFor some reason, all VM vendors ignored Exploitation more likely vulnerabilities this time. Although RCE in Internet Explorer ([CVE-2020-1570](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1570>)) and MSHTML Engine ([CVE-2020-1567](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1567>)) may be interesting.\n\n### Other Product based (31)\n\n#### Media Foundation\n\n * Memory Corruption ([CVE-2020-1478](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1478>), [CVE-2020-1379](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1379>), [CVE-2020-1477](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1477>), [CVE-2020-1492](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1492>), [CVE-2020-1525](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1525>), [CVE-2020-1554](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1554>))\n * Information Disclosure ([CVE-2020-1487](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1487>))\n\n#### Microsoft Excel\n\n * Remote Code Execution ([CVE-2020-1494](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1494>), [CVE-2020-1495](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1495>), [CVE-2020-1496](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1496>), [CVE-2020-1498](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1498>), [CVE-2020-1504](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1504>))\n * Information Disclosure ([CVE-2020-1497](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1497>))\n\n#### Microsoft SharePoint\n\n * Information Disclosure ([CVE-2020-1505](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1505>))\n * Cross Site Scripting ([CVE-2020-1573](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1573>), [CVE-2020-1580](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1580>))\n * Spoofing ([CVE-2020-1499](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1499>), [CVE-2020-1500](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1500>), [CVE-2020-1501](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1501>))\n\n#### Windows Backup Engine\n\n * Elevation of Privilege ([CVE-2020-1535](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1535>), [CVE-2020-1536](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1536>), [CVE-2020-1539](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1539>), [CVE-2020-1540](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1540>), [CVE-2020-1541](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1541>), [CVE-2020-1542](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1542>), [CVE-2020-1543](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1543>), [CVE-2020-1544](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1544>), [CVE-2020-1545](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1545>), [CVE-2020-1546](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1546>), [CVE-2020-1547](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1547>), [CVE-2020-1551](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1551>))\n\nThis time, the products with the most vulnerabilities are Media Foundation, Microsoft Excel, Microsoft SharePoint and Windows Backup Engine. VM vendors pay attention to Memory Corruption (in fact RCE) in Media Foundation, RCE in Microsoft Excel and Elevation of Privilege in Windows Backup Engine.\n\n### Other Vulnerability Type based (79)\n\n#### Remote Code Execution\n\n * .NET Framework ([CVE-2020-1046](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1046>))\n * Jet Database Engine ([CVE-2020-1473](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1473>), [CVE-2020-1557](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1557>), [CVE-2020-1558](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1558>), [CVE-2020-1564](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1564>))\n * Microsoft Access ([CVE-2020-1582](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1582>))\n * Microsoft Edge ([CVE-2020-1569](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1569>))\n * Microsoft Edge PDF ([CVE-2020-1568](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1568>))\n * Microsoft Graphics Components ([CVE-2020-1561](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1561>), [CVE-2020-1562](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1562>))\n * Microsoft Office ([CVE-2020-1563](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1563>))\n * Microsoft Outlook ([CVE-2020-1483](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1483>))\n * Microsoft Windows Codecs Library ([CVE-2020-1560](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1560>), [CVE-2020-1574](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1574>), [CVE-2020-1585](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1585>))\n * Scripting Engine ([CVE-2020-1555](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1555>))\n * Visual Studio Code ([CVE-2020-0604](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0604>))\n * Windows Font Driver Host ([CVE-2020-1520](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1520>))\n * Windows Media ([CVE-2020-1339](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1339>))\n\n#### Denial of Service\n\n * ASP.NET Core ([CVE-2020-1597](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597>))\n * Microsoft SQL Server Management Studio ([CVE-2020-1455](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1455>))\n * Windows Remote Desktop Gateway (RD Gateway) ([CVE-2020-1466](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1466>))\n\n#### Elevation of Privilege\n\n * ASP.NET and .NET ([CVE-2020-1476](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1476>))\n * Connected User Experiences and Telemetry Service ([CVE-2020-1511](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1511>))\n * DirectX ([CVE-2020-1479](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1479>))\n * Local Security Authority Subsystem Service ([CVE-2020-1509](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1509>))\n * Microsoft Office Click-to-Run ([CVE-2020-1581](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1581>))\n * Netlogon ([CVE-2020-1472](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472>))\n * Windows ([CVE-2020-1565](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1565>))\n * Windows Accounts Control ([CVE-2020-1531](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1531>))\n * Windows AppX Deployment Extensions ([CVE-2020-1488](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1488>))\n * Windows Backup Service ([CVE-2020-1534](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1534>))\n * Windows CDP User Components ([CVE-2020-1549](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1549>), [CVE-2020-1550](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1550>))\n * Windows CSC Service ([CVE-2020-1489](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1489>), [CVE-2020-1513](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1513>))\n * Windows Custom Protocol Engine ([CVE-2020-1527](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1527>))\n * Windows File Server Resource Management Service ([CVE-2020-1517](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1517>), [CVE-2020-1518](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1518>))\n * Windows Function Discovery SSDP Provider ([CVE-2020-1579](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1579>))\n * Windows Hard Link ([CVE-2020-1467](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1467>))\n * Windows Kernel ([CVE-2020-1417](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1417>), [CVE-2020-1486](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1486>))\n * Windows Network Connection Broker ([CVE-2020-1526](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1526>))\n * Windows Print Spooler ([CVE-2020-1337](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1337>))\n * Windows Radio Manager API ([CVE-2020-1528](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1528>))\n * Windows Registry ([CVE-2020-1377](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1377>), [CVE-2020-1378](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1378>))\n * Windows Remote Access ([CVE-2020-1530](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1530>), [CVE-2020-1537](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1537>))\n * Windows Runtime ([CVE-2020-1553](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1553>))\n * Windows Server Resource Management Service ([CVE-2020-1475](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1475>))\n * Windows Setup ([CVE-2020-1571](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1571>))\n * Windows Speech Runtime ([CVE-2020-1521](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1521>), [CVE-2020-1522](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1522>))\n * Windows Speech Shell Components ([CVE-2020-1524](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1524>))\n * Windows Storage Service ([CVE-2020-1490](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1490>))\n * Windows Telephony Server ([CVE-2020-1515](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1515>))\n * Windows UPnP Device Host ([CVE-2020-1519](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1519>), [CVE-2020-1538](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1538>))\n * Windows WalletService ([CVE-2020-1533](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1533>), [CVE-2020-1556](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1556>))\n * Windows Work Folder Service ([CVE-2020-1552](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1552>))\n * Windows Work Folders Service ([CVE-2020-1470](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1470>), [CVE-2020-1484](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1484>), [CVE-2020-1516](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1516>))\n\n#### Information Disclosure\n\n * DirectWrite ([CVE-2020-1577](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1577>))\n * Microsoft Outlook ([CVE-2020-1493](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1493>))\n * Microsoft Word ([CVE-2020-1502](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1502>), [CVE-2020-1503](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1503>), [CVE-2020-1583](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1583>))\n * Windows ARM ([CVE-2020-1459](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1459>))\n * Windows Image Acquisition Service ([CVE-2020-1474](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1474>), [CVE-2020-1485](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1485>))\n * Windows Kernel ([CVE-2020-1510](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1510>))\n * Windows RRAS Service ([CVE-2020-1383](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1383>))\n * Windows State Repository Service ([CVE-2020-1512](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1512>))\n * Windows WaasMedic Service ([CVE-2020-1548](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1548>))\n\n#### Cross Site Scripting\n\n * Microsoft Dynamics 365 (On-Premise) ([CVE-2020-1591](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1591>))\n\nIf we look at the rest of the vulnerabilities, the most interesting are RCEs in Jet Database Engine ([CVE-2020-1473](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1473>), [CVE-2020-1557](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1557>), [CVE-2020-1558](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1558>), [CVE-2020-1564](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1564>)), Microsoft Edge PDF ([CVE-2020-1568](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1568>)), Microsoft Windows Codecs Library ([CVE-2020-1560](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1560>), [CVE-2020-1574](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1574>), [CVE-2020-1585](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1585>)) and Windows Media ([CVE-2020-1339](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1339>)). \n\nThe second block is Elevation of Privilege in Local Security Authority Subsystem Service (LSASS) ([CVE-2020-1509](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1509>)), Windows Print Spooler ([CVE-2020-1337](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1337>)) and Netlogon ([CVE-2020-1472](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472>)). For the last one "an unauthenticated attacker could use MS-NRPC to connect to a domain controller as a domain administrator".\n\n## Other vulnerabilities\n\nNow let's take a look at the vulnerabilities that were released from 07/15/2020 to 08/27/2020 excluding the August Patch Tuesday. I added support for such exceptions in report_ms_patch_tuesday.py in Vulristics. In fact, there were very few CVE vulnerabilities outside the Patch Tuesday.\n\n### Other Vulnerability Type based (2)\n\n#### Remote Code Execution\n\n * Microsoft Dynamics 365 for Finance and Operations (on-premises) ([CVE-2020-1182](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1182>))\n\n#### Elevation of Privilege\n\n * Microsoft Edge (Chromium-based) ([CVE-2020-1341](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1341>))\n\nRCE in on-premises Microsoft Dynamics 365 for Finance and Operations. "An authenticated attacker with privileges to import and export data could exploit this vulnerability by sending a specially crafted file to a vulnerable Dynamics server".\n\nElevation of Privilege in Microsoft Edge. "To exploit the vulnerability, the user must browse to a malicious website that is design to download a DLL file and click on the page to being the process". But this vulnerability is surprisingly low-critical, only Moderate.\n\nYou may have heard about Microsoft unscheduled update to Windows Remote Access Elevation of Privilege released August 20. But it was about the same vulnerabilities ([CVE-2020-1530](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1530>), [CVE-2020-1537](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1537>)) that were presented in August Patch Tuesday, but fixes this vulnerability for older OS versions: Windows 8.1, RT 8.1, and Server 2012 R2.\n\n", "modified": "2020-08-30T22:13:56", "published": "2020-08-30T22:13:56", "id": "AVLEONOV:F17F36C3CC642EBDC27E43900FE3905E", "href": "http://feedproxy.google.com/~r/avleonov/~3/shc67E2GAnY/", "type": "avleonov", "title": "Microsoft Patch Tuesday August 2020: vulnerabilities with Detected Exploitation, useful for phishing and others", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
