ID FEDORA:B295B22D38 Type fedora Reporter Fedora Modified 2014-08-08T08:37:15
Description
CHICKEN is a compiler for the Scheme programming language. CHICKEN produces portable, efficient C, supports almost all of the R5RS Scheme language standard, and includes many enhancements and extensions.
{"cve": [{"lastseen": "2020-12-09T19:52:45", "description": "Buffer overflow in the \"read-string!\" procedure in the \"extras\" unit in CHICKEN stable before 4.8.0.5 and development snapshots before 4.8.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a \"#f\" value in the NUM argument.", "edition": 5, "cvss3": {}, "published": "2013-10-09T14:54:00", "title": "CVE-2013-4385", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4385"], "modified": "2017-07-01T01:29:00", "cpe": ["cpe:/a:call-cc:chicken:4.6.0", "cpe:/a:call-cc:chicken:4.4.6", "cpe:/a:call-cc:chicken:4.8.0.3", "cpe:/a:call-cc:chicken:4.5.5", "cpe:/a:call-cc:chicken:4.3.5", "cpe:/a:call-cc:chicken:4.3.6", "cpe:/a:call-cc:chicken:4.8.0.4", "cpe:/a:call-cc:chicken:4.3.3", "cpe:/a:call-cc:chicken:4.4.3", "cpe:/a:call-cc:chicken:4.3.4", "cpe:/a:call-cc:chicken:3.2.0", "cpe:/a:call-cc:chicken:3.1.0", "cpe:/a:call-cc:chicken:4.7.2", "cpe:/a:call-cc:chicken:3.0.0", "cpe:/a:call-cc:chicken:4.6.5", "cpe:/a:call-cc:chicken:4.6.3", "cpe:/a:call-cc:chicken:4.4.4", "cpe:/a:call-cc:chicken:4.7.0", "cpe:/a:call-cc:chicken:4.3.0", "cpe:/a:call-cc:chicken:4.8.0.1", "cpe:/a:call-cc:chicken:4.7.3", "cpe:/a:call-cc:chicken:4.1.0", "cpe:/a:call-cc:chicken:4.6.2", "cpe:/a:call-cc:chicken:4.6.6", "cpe:/a:call-cc:chicken:4.5.2", "cpe:/a:call-cc:chicken:4.5.0", "cpe:/a:call-cc:chicken:4.3.7", "cpe:/a:call-cc:chicken:4.4.5", "cpe:/a:call-cc:chicken:3.3.0", "cpe:/a:call-cc:chicken:4.8.0.2", "cpe:/a:call-cc:chicken:4.6.7", "cpe:/a:call-cc:chicken:4.2.0", "cpe:/a:call-cc:chicken:4.8.1", "cpe:/a:call-cc:chicken:4.5.6", "cpe:/a:call-cc:chicken:4.4.0", "cpe:/a:call-cc:chicken:4.5.7", "cpe:/a:call-cc:chicken:4.7.0.6", "cpe:/a:call-cc:chicken:4.8.0", "cpe:/a:call-cc:chicken:4.6.1", "cpe:/a:call-cc:chicken:4.7.4", "cpe:/a:call-cc:chicken:4.0.0", "cpe:/a:call-cc:chicken:3.4.0"], "id": "CVE-2013-4385", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4385", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:call-cc:chicken:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.8.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.8.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.8.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.8.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.8.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.8.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.7.4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "Buffer overflow in the \"read-u8vector!\" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a \"#f\" value in the NUM argument.", "edition": 5, "cvss3": {}, "published": "2014-05-20T14:55:00", "title": "CVE-2014-3776", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3776"], "modified": "2017-07-01T01:29:00", "cpe": ["cpe:/a:call-cc:chicken:4.8.0.7", "cpe:/a:call-cc:chicken:4.9.0"], "id": "CVE-2014-3776", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3776", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:call-cc:chicken:4.8.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:call-cc:chicken:4.9.0:*:*:*:*:*:*:development_snapshot"]}], "openvas": [{"lastseen": "2019-05-29T18:36:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3776", "CVE-2013-4385"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-04-08T00:00:00", "id": "OPENVAS:1361412562310869208", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869208", "type": "openvas", "title": "Fedora Update for chicken FEDORA-2015-0633", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chicken FEDORA-2015-0633\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869208\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-04-08 07:21:50 +0200 (Wed, 08 Apr 2015)\");\n script_cve_id(\"CVE-2014-3776\", \"CVE-2013-4385\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chicken FEDORA-2015-0633\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chicken'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chicken on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-0633\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-April/154364.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"chicken\", rpm:\"chicken~4.9.0.1~3.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3776", "CVE-2013-4385"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-08-09T00:00:00", "id": "OPENVAS:1361412562310868077", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868077", "type": "openvas", "title": "Fedora Update for chicken FEDORA-2014-6553", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chicken FEDORA-2014-6553\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868077\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-09 05:51:30 +0200 (Sat, 09 Aug 2014)\");\n script_cve_id(\"CVE-2014-3776\", \"CVE-2013-4385\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for chicken FEDORA-2014-6553\");\n script_tag(name:\"affected\", value:\"chicken on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-6553\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136405.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chicken'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"chicken\", rpm:\"chicken~4.8.0.6~2.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3776", "CVE-2013-4385"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-08-09T00:00:00", "id": "OPENVAS:1361412562310868075", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868075", "type": "openvas", "title": "Fedora Update for chicken FEDORA-2014-6551", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chicken FEDORA-2014-6551\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868075\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-09 05:49:19 +0200 (Sat, 09 Aug 2014)\");\n script_cve_id(\"CVE-2014-3776\", \"CVE-2013-4385\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for chicken FEDORA-2014-6551\");\n script_tag(name:\"affected\", value:\"chicken on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-6551\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136409.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chicken'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"chicken\", rpm:\"chicken~4.8.0.6~2.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:51:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4385"], "description": "Check for the Version of chicken", "modified": "2017-07-10T00:00:00", "published": "2013-10-03T00:00:00", "id": "OPENVAS:866938", "href": "http://plugins.openvas.org/nasl.php?oid=866938", "type": "openvas", "title": "Fedora Update for chicken FEDORA-2013-17868", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chicken FEDORA-2013-17868\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866938);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:14:03 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4385\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for chicken FEDORA-2013-17868\");\n\n tag_insight = \"CHICKEN is a compiler for the Scheme programming language.\nCHICKEN produces portable, efficient C, supports almost all of the R5RS\nScheme language standard, and includes many enhancements and extensions.\n\";\n\n tag_affected = \"chicken on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-17868\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-September/117671.html\");\n script_summary(\"Check for the Version of chicken\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"chicken\", rpm:\"chicken~4.8.0.4~4.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4385"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-11-26T00:00:00", "id": "OPENVAS:1361412562310867087", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867087", "type": "openvas", "title": "Fedora Update for chicken FEDORA-2013-17912", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chicken FEDORA-2013-17912\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867087\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-11-26 10:17:30 +0530 (Tue, 26 Nov 2013)\");\n script_cve_id(\"CVE-2013-4385\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for chicken FEDORA-2013-17912\");\n\n\n script_tag(name:\"affected\", value:\"chicken on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-17912\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-November/122680.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chicken'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"chicken\", rpm:\"chicken~4.8.0.4~4.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4385"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-10-03T00:00:00", "id": "OPENVAS:1361412562310866938", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866938", "type": "openvas", "title": "Fedora Update for chicken FEDORA-2013-17868", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chicken FEDORA-2013-17868\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866938\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:14:03 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4385\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for chicken FEDORA-2013-17868\");\n\n\n script_tag(name:\"affected\", value:\"chicken on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-17868\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-September/117671.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chicken'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"chicken\", rpm:\"chicken~4.8.0.4~4.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-26T11:10:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4385"], "description": "Check for the Version of chicken", "modified": "2018-01-25T00:00:00", "published": "2013-11-26T00:00:00", "id": "OPENVAS:867087", "href": "http://plugins.openvas.org/nasl.php?oid=867087", "type": "openvas", "title": "Fedora Update for chicken FEDORA-2013-17912", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chicken FEDORA-2013-17912\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867087);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-11-26 10:17:30 +0530 (Tue, 26 Nov 2013)\");\n script_cve_id(\"CVE-2013-4385\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for chicken FEDORA-2013-17912\");\n\n tag_insight = \"CHICKEN is a compiler for the Scheme programming language.\nCHICKEN produces portable, efficient C, supports almost all of the R5RS\nScheme language standard, and includes many enhancements and extensions.\n\";\n\n tag_affected = \"chicken on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-17912\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-November/122680.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of chicken\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"chicken\", rpm:\"chicken~4.8.0.4~4.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4385", "CVE-2014-3776"], "description": "CHICKEN is a compiler for the Scheme programming language. CHICKEN produces portable, efficient C, supports almost all of the R5RS Scheme language standard, and includes many enhancements and extensions. ", "modified": "2015-04-07T07:25:31", "published": "2015-04-07T07:25:31", "id": "FEDORA:EA2B96078C31", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: chicken-4.9.0.1-3.fc20", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4385", "CVE-2014-3776"], "description": "CHICKEN is a compiler for the Scheme programming language. CHICKEN produces portable, efficient C, supports almost all of the R5RS Scheme language standard, and includes many enhancements and extensions. ", "modified": "2014-08-08T08:37:43", "published": "2014-08-08T08:37:43", "id": "FEDORA:D7F4A22D42", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: chicken-4.8.0.6-2.fc20", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4385"], "description": "CHICKEN is a compiler for the Scheme programming language. CHICKEN produces portable, efficient C, supports almost all of the R5RS Scheme language standard, and includes many enhancements and extensions. ", "modified": "2013-09-30T00:48:07", "published": "2013-09-30T00:48:07", "id": "FEDORA:48E1B22448", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: chicken-4.8.0.4-4.fc19", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4385"], "description": "CHICKEN is a compiler for the Scheme programming language. CHICKEN produces portable, efficient C, supports almost all of the R5RS Scheme language standard, and includes many enhancements and extensions. ", "modified": "2013-11-26T04:01:22", "published": "2013-11-26T04:01:22", "id": "FEDORA:9E64C20A3D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: chicken-4.8.0.4-4.fc18", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4385"], "description": "CHICKEN is a compiler for the Scheme programming language. CHICKEN produces portable, efficient C, supports almost all of the R5RS Scheme language standard, and includes many enhancements and extensions. ", "modified": "2014-02-09T03:52:09", "published": "2014-02-09T03:52:09", "id": "FEDORA:7B92921C27", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: chicken-4.8.0.5-1.fc20", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2017-01-01T02:13:30", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2024", "CVE-2014-9651", "CVE-2014-3776", "CVE-2013-4385", "CVE-2015-4556"], "edition": 1, "description": "### Background\n\nChicken is a scheme interpreter and native scheme to C compiler.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Chicken. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chicken users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-scheme/chicken-4.10.0-r1\"", "modified": "2016-12-31T00:00:00", "published": "2016-12-31T00:00:00", "href": "https://security.gentoo.org/glsa/201612-54", "id": "GLSA-201612-54", "type": "gentoo", "title": "Chicken: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-12T11:05:32", "description": "The remote host is affected by the vulnerability described in GLSA-201612-54\n(Chicken: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chicken. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code with the\n privileges of the process, or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 26, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-03T00:00:00", "title": "GLSA-201612-54 : Chicken: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2024", "CVE-2014-9651", "CVE-2014-3776", "CVE-2013-4385", "CVE-2015-4556"], "modified": "2017-01-03T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:chicken"], "id": "GENTOO_GLSA-201612-54.NASL", "href": "https://www.tenable.com/plugins/nessus/96229", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201612-54.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96229);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2024\", \"CVE-2013-4385\", \"CVE-2014-3776\", \"CVE-2014-9651\", \"CVE-2015-4556\");\n script_xref(name:\"GLSA\", value:\"201612-54\");\n\n script_name(english:\"GLSA-201612-54 : Chicken: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201612-54\n(Chicken: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chicken. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code with the\n privileges of the process, or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201612-54\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Chicken users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-scheme/chicken-4.10.0-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chicken\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-scheme/chicken\", unaffected:make_list(\"ge 4.10.0-r1\"), vulnerable:make_list(\"lt 4.10.0-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chicken\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:11:23", "description": "Latest upstream release. Upstream patch for CVE-2013-4385.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2014-02-10T00:00:00", "title": "Fedora 20 : chicken-4.8.0.5-1.fc20 (2013-22130)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4385"], "modified": "2014-02-10T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:20", "p-cpe:/a:fedoraproject:fedora:chicken"], "id": "FEDORA_2013-22130.NASL", "href": "https://www.tenable.com/plugins/nessus/72402", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-22130.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72402);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4385\");\n script_bugtraq_id(62690);\n script_xref(name:\"FEDORA\", value:\"2013-22130\");\n\n script_name(english:\"Fedora 20 : chicken-4.8.0.5-1.fc20 (2013-22130)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Latest upstream release. Upstream patch for CVE-2013-4385.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1012974\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128019.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?832d0f2f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chicken package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chicken\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"chicken-4.8.0.5-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chicken\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:11:13", "description": "Fix for CVE-2013-4385.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-09-30T00:00:00", "title": "Fedora 19 : chicken-4.8.0.4-4.fc19 (2013-17868)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4385"], "modified": "2013-09-30T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:chicken"], "id": "FEDORA_2013-17868.NASL", "href": "https://www.tenable.com/plugins/nessus/70209", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-17868.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70209);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4385\");\n script_bugtraq_id(62690);\n script_xref(name:\"FEDORA\", value:\"2013-17868\");\n\n script_name(english:\"Fedora 19 : chicken-4.8.0.4-4.fc19 (2013-17868)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2013-4385.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1012974\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-September/117671.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78de975a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chicken package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chicken\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"chicken-4.8.0.4-4.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chicken\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:11:13", "description": "Fix for CVE-2013-4385.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-11-26T00:00:00", "title": "Fedora 18 : chicken-4.8.0.4-4.fc18 (2013-17912)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4385"], "modified": "2013-11-26T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:chicken"], "id": "FEDORA_2013-17912.NASL", "href": "https://www.tenable.com/plugins/nessus/71081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-17912.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71081);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4385\");\n script_bugtraq_id(62690);\n script_xref(name:\"FEDORA\", value:\"2013-17912\");\n\n script_name(english:\"Fedora 18 : chicken-4.8.0.4-4.fc18 (2013-17912)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2013-4385.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1012974\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-November/122680.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fdb4e078\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chicken package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chicken\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"chicken-4.8.0.4-4.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chicken\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:12:51", "description": "Fix for CVE-2014-3776.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2014-08-09T00:00:00", "title": "Fedora 20 : chicken-4.8.0.6-2.fc20 (2014-6551)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3776"], "modified": "2014-08-09T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:20", "p-cpe:/a:fedoraproject:fedora:chicken"], "id": "FEDORA_2014-6551.NASL", "href": "https://www.tenable.com/plugins/nessus/77092", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-6551.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77092);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3776\");\n script_bugtraq_id(67468);\n script_xref(name:\"FEDORA\", value:\"2014-6551\");\n\n script_name(english:\"Fedora 20 : chicken-4.8.0.6-2.fc20 (2014-6551)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2014-3776.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1099613\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136409.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?114f20da\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chicken package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chicken\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"chicken-4.8.0.6-2.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chicken\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:12:51", "description": "Fix for CVE-2014-3776 and bump to 4.8.0.6. Latest upstream release.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2014-08-09T00:00:00", "title": "Fedora 19 : chicken-4.8.0.6-2.fc19 (2014-6553)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3776"], "modified": "2014-08-09T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:chicken"], "id": "FEDORA_2014-6553.NASL", "href": "https://www.tenable.com/plugins/nessus/77093", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-6553.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77093);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3776\");\n script_bugtraq_id(67468);\n script_xref(name:\"FEDORA\", value:\"2014-6553\");\n\n script_name(english:\"Fedora 19 : chicken-4.8.0.6-2.fc19 (2014-6553)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2014-3776 and bump to 4.8.0.6. Latest upstream release.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1099613\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136405.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1dc5c509\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chicken package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chicken\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"chicken-4.8.0.6-2.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chicken\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
