ID 74FF10F6-520F-11DB-8F1A-000A48049292 Type freebsd Reporter FreeBSD Modified 2006-10-11T00:00:00
Description
Secunia reports:
Will Drewry has reported some vulnerabilities in Cscope,
which potentially can be exploited by malicious people to
compromise a vulnerable system.
Various boundary errors within the parsing of file lists
or the expansion of environment variables can be exploited
to cause stack-based buffer overflows when parsing
specially crafted "cscope.lists" files or directories.
A boundary error within the parsing of command line
arguments can be exploited to cause a stack-based buffer
overflow when supplying an overly long "reffile" argument.
Successful exploitation may allow execution of arbitrary
code.
{"id": "74FF10F6-520F-11DB-8F1A-000A48049292", "bulletinFamily": "unix", "title": "cscope -- Buffer Overflow Vulnerabilities", "description": "\nSecunia reports:\n\nWill Drewry has reported some vulnerabilities in Cscope,\n\t which potentially can be exploited by malicious people to\n\t compromise a vulnerable system.\nVarious boundary errors within the parsing of file lists\n\t or the expansion of environment variables can be exploited\n\t to cause stack-based buffer overflows when parsing\n\t specially crafted \"cscope.lists\" files or directories.\nA boundary error within the parsing of command line\n\t arguments can be exploited to cause a stack-based buffer\n\t overflow when supplying an overly long \"reffile\" argument.\nSuccessful exploitation may allow execution of arbitrary\n\t code.\n\n", "published": "2006-08-20T00:00:00", "modified": "2006-10-11T00:00:00", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "href": "https://vuxml.freebsd.org/freebsd/74ff10f6-520f-11db-8f1a-000a48049292.html", "reporter": "FreeBSD", "references": ["http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500", "http://secunia.com/advisories/21601", "http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500"], "cvelist": ["CVE-2006-4262"], "type": "freebsd", "lastseen": "2019-05-29T18:34:40", "edition": 4, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-4262"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1186-1:92282"]}, {"type": "osvdb", "idList": ["OSVDB:28135", "OSVDB:28136"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310880701", "OPENVAS:880701", "OPENVAS:57906", "OPENVAS:64211", "OPENVAS:57480", "OPENVAS:64268", "OPENVAS:136141256231064268", "OPENVAS:57466", "OPENVAS:136141256231064211"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1186.NASL", "FREEBSD_PKG_74FF10F6520F11DB8F1A000A48049292.NASL", "SL_20090615_CSCOPE_ON_SL3_X.NASL", "GENTOO_GLSA-200610-08.NASL", "CENTOS_RHSA-2009-1101.NASL", "REDHAT-RHSA-2009-1101.NASL", "ORACLELINUX_ELSA-2009-1101.NASL"]}, {"type": "gentoo", "idList": ["GLSA-200610-08"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1101"]}, {"type": "centos", "idList": ["CESA-2009:1101"]}, {"type": "redhat", "idList": ["RHSA-2009:1101"]}], "modified": "2019-05-29T18:34:40", "rev": 2}, "score": {"value": 6.2, "vector": "NONE", "modified": "2019-05-29T18:34:40", "rev": 2}, "vulnersScore": 6.2}, "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "cscope", "packageVersion": "15.6"}], "scheme": null}
{"cve": [{"lastseen": "2021-02-02T05:27:23", "description": "Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.", "edition": 6, "cvss3": {}, "published": "2006-08-23T10:04:00", "title": "CVE-2006-4262", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4262"], "modified": "2017-10-11T01:31:00", "cpe": ["cpe:/a:cscope:cscope:15.5"], "id": "CVE-2006-4262", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4262", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:cscope:cscope:15.5:*:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2016-09-06T19:46:42", "bulletinFamily": "unix", "cvelist": ["CVE-2006-4262"], "edition": 1, "description": "### Background\n\nCscope is a developer's tool for browsing source code. \n\n### Description\n\nUnchecked use of strcpy() and *scanf() leads to several buffer overflows. \n\n### Impact\n\nA user could be enticed to open a carefully crafted file which would allow the attacker to execute arbitrary code with the permissions of the user running Cscope. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Cscope users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-util/cscope-15.5.20060927\"", "modified": "2006-10-20T00:00:00", "published": "2006-10-20T00:00:00", "id": "GLSA-200610-08", "href": "https://security.gentoo.org/glsa/200610-08", "type": "gentoo", "title": "Cscope: Multiple buffer overflows", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4262"], "edition": 1, "description": "## Vulnerability Description\nCscope contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a boundary error occurs within the parsing of file lists or the expansion of environment variables. It is possible that the flaw may allow the attacker to cause stack-based buffer overflow by using specially crafted 'cscope.lists' files or directories resulting in a loss of integrity.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, the vendor has released a patch to address this vulnerability.\n## Short Description\nCscope contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a boundary error occurs within the parsing of file lists or the expansion of environment variables. It is possible that the flaw may allow the attacker to cause stack-based buffer overflow by using specially crafted 'cscope.lists' files or directories resulting in a loss of integrity.\n## References:\nVendor URL: http://cscope.sourceforge.net/\nVendor Specific Solution URL: http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500\nVendor Specific Solution URL: http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1186)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200610-08.xml)\n[Secunia Advisory ID:21601](https://secuniaresearch.flexerasoftware.com/advisories/21601/)\n[Secunia Advisory ID:22239](https://secuniaresearch.flexerasoftware.com/advisories/22239/)\n[Secunia Advisory ID:22515](https://secuniaresearch.flexerasoftware.com/advisories/22515/)\n[Related OSVDB ID: 28136](https://vulners.com/osvdb/OSVDB:28136)\n[CVE-2006-4262](https://vulners.com/cve/CVE-2006-4262)\n", "modified": "2006-08-24T03:04:18", "published": "2006-08-24T03:04:18", "href": "https://vulners.com/osvdb/OSVDB:28135", "id": "OSVDB:28135", "title": "Cscope cscope.lists Handling Multiple Overflows", "type": "osvdb", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4262"], "edition": 1, "description": "## Vulnerability Description\nCscope contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a boundary error occurs within the parsing of command line arguments. It is possible that the flaw may allow the attacker to cause stack-based buffer overflow by supplying a very long 'reffile' argument resulting in a loss of integrity.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, the vendor has released a patch to address this vulnerability.\n## Short Description\nCscope contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a boundary error occurs within the parsing of command line arguments. It is possible that the flaw may allow the attacker to cause stack-based buffer overflow by supplying a very long 'reffile' argument resulting in a loss of integrity.\n## References:\nVendor URL: http://cscope.sourceforge.net/\nVendor Specific Solution URL: http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500\nVendor Specific Solution URL: http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1186)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200610-08.xml)\n[Secunia Advisory ID:21601](https://secuniaresearch.flexerasoftware.com/advisories/21601/)\n[Secunia Advisory ID:22239](https://secuniaresearch.flexerasoftware.com/advisories/22239/)\n[Secunia Advisory ID:22515](https://secuniaresearch.flexerasoftware.com/advisories/22515/)\n[Related OSVDB ID: 28135](https://vulners.com/osvdb/OSVDB:28135)\n[CVE-2006-4262](https://vulners.com/cve/CVE-2006-4262)\n", "modified": "2006-08-24T03:04:18", "published": "2006-08-24T03:04:18", "href": "https://vulners.com/osvdb/OSVDB:28136", "id": "OSVDB:28136", "type": "osvdb", "title": "Cscope Command Line reffile Argument Overflow", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262"], "description": "The remote host is missing an update to cscope\nannounced via advisory DSA 1186-1.\n\nWill Drewry of the Google Security Team discovered several buffer overflows\nin cscope, a source browsing tool, which might lead to the execution of\narbitrary code.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:57480", "href": "http://plugins.openvas.org/nasl.php?oid=57480", "type": "openvas", "title": "Debian Security Advisory DSA 1186-1 (cscope)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1186_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1186-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion cscope_15.5-1.1sarge2.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 15.5+cvs20060902-1.\n\nWe recommend that you upgrade your cscope package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201186-1\";\ntag_summary = \"The remote host is missing an update to cscope\nannounced via advisory DSA 1186-1.\n\nWill Drewry of the Google Security Team discovered several buffer overflows\nin cscope, a source browsing tool, which might lead to the execution of\narbitrary code.\";\n\n\nif(description)\n{\n script_id(57480);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:13:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-4262\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1186-1 (cscope)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"cscope\", ver:\"15.5-1.1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200610-08.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:57906", "href": "http://plugins.openvas.org/nasl.php?oid=57906", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200610-08 (cscope)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Cscope is vulnerable to multiple buffer overflows that could lead to the\nexecution of arbitrary code.\";\ntag_solution = \"All Cscope users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-util/cscope-15.5.20060927'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200610-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=144869\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200610-08.\";\n\n \n\nif(description)\n{\n script_id(57906);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-4262\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200610-08 (cscope)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-util/cscope\", unaffected: make_list(\"ge 15.5.20060927\"), vulnerable: make_list(\"lt 15.5.20060927\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-16T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:57466", "href": "http://plugins.openvas.org/nasl.php?oid=57466", "type": "openvas", "title": "FreeBSD Ports: cscope", "sourceData": "#\n#VID 74ff10f6-520f-11db-8f1a-000a48049292\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: cscope\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://secunia.com/advisories/21601\nhttp://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500\nhttp://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500\nhttp://www.vuxml.org/freebsd/74ff10f6-520f-11db-8f1a-000a48049292.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(57466);\n script_version(\"$Revision: 4078 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-16 07:34:17 +0200 (Fri, 16 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2006-4262\");\n script_bugtraq_id(19686,19687);\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: cscope\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"cscope\");\nif(!isnull(bver) && revcomp(a:bver, b:\"15.6\")<=0) {\n txt += 'Package cscope version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "description": "The remote host is missing updates to cscope announced in\nadvisory CESA-2009:1101.", "modified": "2017-07-10T00:00:00", "published": "2009-06-23T00:00:00", "id": "OPENVAS:64268", "href": "http://plugins.openvas.org/nasl.php?oid=64268", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1101 (cscope)", "sourceData": "#CESA-2009:1101 64268 2\n# $Id: ovcesa2009_1101.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1101 (cscope)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1101\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1101\nhttps://rhn.redhat.com/errata/RHSA-2009-1101.html\";\ntag_summary = \"The remote host is missing updates to cscope announced in\nadvisory CESA-2009:1101.\";\n\n\n\nif(description)\n{\n script_id(64268);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2004-2541\", \"CVE-2006-4262\", \"CVE-2009-0148\", \"CVE-2009-1577\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1101 (cscope)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"cscope\", rpm:\"cscope~15.5~16.RHEL3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1101.\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package, which\ncontains backported patches to fix these issues. All running instances of\ncscope must be restarted for this update to take effect.", "modified": "2018-04-06T00:00:00", "published": "2009-06-23T00:00:00", "id": "OPENVAS:136141256231064211", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064211", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1101", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1101.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1101 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1101.\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package, which\ncontains backported patches to fix these issues. All running instances of\ncscope must be restarted for this update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64211\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2004-2541\", \"CVE-2006-4262\", \"CVE-2009-0148\", \"CVE-2009-1577\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1101\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1101.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"cscope\", rpm:\"cscope~15.5~16.RHEL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cscope-debuginfo\", rpm:\"cscope-debuginfo~15.5~16.RHEL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cscope\", rpm:\"cscope~15.5~10.RHEL4.3\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cscope-debuginfo\", rpm:\"cscope-debuginfo~15.5~10.RHEL4.3\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "description": "The remote host is missing updates to cscope announced in\nadvisory CESA-2009:1101.", "modified": "2018-04-06T00:00:00", "published": "2009-06-23T00:00:00", "id": "OPENVAS:136141256231064268", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064268", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1101 (cscope)", "sourceData": "#CESA-2009:1101 64268 2\n# $Id: ovcesa2009_1101.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1101 (cscope)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1101\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1101\nhttps://rhn.redhat.com/errata/RHSA-2009-1101.html\";\ntag_summary = \"The remote host is missing updates to cscope announced in\nadvisory CESA-2009:1101.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64268\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2004-2541\", \"CVE-2006-4262\", \"CVE-2009-0148\", \"CVE-2009-1577\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1101 (cscope)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"cscope\", rpm:\"cscope~15.5~16.RHEL3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880701", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880701", "type": "openvas", "title": "CentOS Update for cscope CESA-2009:1101 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for cscope CESA-2009:1101 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-June/015971.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880701\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1101\");\n script_cve_id(\"CVE-2004-2541\", \"CVE-2006-4262\", \"CVE-2009-0148\", \"CVE-2009-1577\");\n script_name(\"CentOS Update for cscope CESA-2009:1101 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cscope'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"cscope on CentOS 3\");\n script_tag(name:\"insight\", value:\"cscope is a mature, ncurses-based, C source-code tree browsing tool.\n\n Multiple buffer overflow flaws were found in cscope. An attacker could\n create a specially crafted source code file that could cause cscope to\n crash or, possibly, execute arbitrary code when browsed with cscope.\n (CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\n All users of cscope are advised to upgrade to this updated package, which\n contains backported patches to fix these issues. All running instances of\n cscope must be restarted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"cscope\", rpm:\"cscope~15.5~16.RHEL3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "description": "Check for the Version of cscope", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:880701", "href": "http://plugins.openvas.org/nasl.php?oid=880701", "type": "openvas", "title": "CentOS Update for cscope CESA-2009:1101 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for cscope CESA-2009:1101 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"cscope is a mature, ncurses-based, C source-code tree browsing tool.\n\n Multiple buffer overflow flaws were found in cscope. An attacker could\n create a specially crafted source code file that could cause cscope to\n crash or, possibly, execute arbitrary code when browsed with cscope.\n (CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n \n All users of cscope are advised to upgrade to this updated package, which\n contains backported patches to fix these issues. All running instances of\n cscope must be restarted for this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"cscope on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-June/015971.html\");\n script_id(880701);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1101\");\n script_cve_id(\"CVE-2004-2541\", \"CVE-2006-4262\", \"CVE-2009-0148\", \"CVE-2009-1577\");\n script_name(\"CentOS Update for cscope CESA-2009:1101 centos3 i386\");\n\n script_summary(\"Check for the Version of cscope\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"cscope\", rpm:\"cscope~15.5~16.RHEL3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1101.\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package, which\ncontains backported patches to fix these issues. All running instances of\ncscope must be restarted for this update to take effect.", "modified": "2017-07-12T00:00:00", "published": "2009-06-23T00:00:00", "id": "OPENVAS:64211", "href": "http://plugins.openvas.org/nasl.php?oid=64211", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1101", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1101.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1101 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1101.\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package, which\ncontains backported patches to fix these issues. All running instances of\ncscope must be restarted for this update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64211);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2004-2541\", \"CVE-2006-4262\", \"CVE-2009-0148\", \"CVE-2009-1577\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1101\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1101.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"cscope\", rpm:\"cscope~15.5~16.RHEL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cscope-debuginfo\", rpm:\"cscope-debuginfo~15.5~16.RHEL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cscope\", rpm:\"cscope~15.5~10.RHEL4.3\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cscope-debuginfo\", rpm:\"cscope-debuginfo~15.5~10.RHEL4.3\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-07T10:52:08", "description": "The remote host is affected by the vulnerability described in GLSA-200610-08\n(Cscope: Multiple buffer overflows)\n\n Unchecked use of strcpy() and *scanf() leads to several buffer\n overflows.\n \nImpact :\n\n A user could be enticed to open a carefully crafted file which would\n allow the attacker to execute arbitrary code with the permissions of\n the user running Cscope.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2006-10-20T00:00:00", "title": "GLSA-200610-08 : Cscope: Multiple buffer overflows", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262"], "modified": "2006-10-20T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:cscope", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200610-08.NASL", "href": "https://www.tenable.com/plugins/nessus/22894", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200610-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22894);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-4262\");\n script_xref(name:\"GLSA\", value:\"200610-08\");\n\n script_name(english:\"GLSA-200610-08 : Cscope: Multiple buffer overflows\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200610-08\n(Cscope: Multiple buffer overflows)\n\n Unchecked use of strcpy() and *scanf() leads to several buffer\n overflows.\n \nImpact :\n\n A user could be enticed to open a carefully crafted file which would\n allow the attacker to execute arbitrary code with the permissions of\n the user running Cscope.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200610-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Cscope users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-util/cscope-15.5.20060927'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cscope\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/20\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-util/cscope\", unaffected:make_list(\"ge 15.5.20060927\"), vulnerable:make_list(\"lt 15.5.20060927\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Cscope\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:45:45", "description": "Secunia reports :\n\nWill Drewry has reported some vulnerabilities in Cscope, which\npotentially can be exploited by malicious people to compromise a\nvulnerable system.\n\nVarious boundary errors within the parsing of file lists or the\nexpansion of environment variables can be exploited to cause\nstack-based buffer overflows when parsing specially crafted\n'cscope.lists' files or directories.\n\nA boundary error within the parsing of command line arguments can be\nexploited to cause a stack-based buffer overflow when supplying an\noverly long 'reffile' argument.\n\nSuccessful exploitation may allow execution of arbitrary code.", "edition": 26, "published": "2006-10-10T00:00:00", "title": "FreeBSD : cscope -- Buffer Overflow Vulnerabilities (74ff10f6-520f-11db-8f1a-000a48049292)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262"], "modified": "2006-10-10T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:cscope"], "id": "FREEBSD_PKG_74FF10F6520F11DB8F1A000A48049292.NASL", "href": "https://www.tenable.com/plugins/nessus/22517", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22517);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-4262\");\n script_bugtraq_id(19686, 19687);\n script_xref(name:\"Secunia\", value:\"21601\");\n\n script_name(english:\"FreeBSD : cscope -- Buffer Overflow Vulnerabilities (74ff10f6-520f-11db-8f1a-000a48049292)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Secunia reports :\n\nWill Drewry has reported some vulnerabilities in Cscope, which\npotentially can be exploited by malicious people to compromise a\nvulnerable system.\n\nVarious boundary errors within the parsing of file lists or the\nexpansion of environment variables can be exploited to cause\nstack-based buffer overflows when parsing specially crafted\n'cscope.lists' files or directories.\n\nA boundary error within the parsing of command line arguments can be\nexploited to cause a stack-based buffer overflow when supplying an\noverly long 'reffile' argument.\n\nSuccessful exploitation may allow execution of arbitrary code.\"\n );\n # http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?445bed66\"\n );\n # http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7b663ae8\"\n );\n # https://vuxml.freebsd.org/freebsd/74ff10f6-520f-11db-8f1a-000a48049292.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?acfcdb70\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:cscope\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"cscope<15.6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:44:42", "description": "Will Drewry of the Google Security Team discovered several buffer\noverflows in cscope, a source browsing tool, which might lead to the\nexecution of arbitrary code.", "edition": 25, "published": "2006-10-14T00:00:00", "title": "Debian DSA-1186-1 : cscope - buffer overflows", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262"], "modified": "2006-10-14T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:cscope"], "id": "DEBIAN_DSA-1186.NASL", "href": "https://www.tenable.com/plugins/nessus/22728", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1186. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22728);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-4262\");\n script_xref(name:\"DSA\", value:\"1186\");\n\n script_name(english:\"Debian DSA-1186-1 : cscope - buffer overflows\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Will Drewry of the Google Security Team discovered several buffer\noverflows in cscope, a source browsing tool, which might lead to the\nexecution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=385893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-1186\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the cscope package.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 15.5-1.1sarge2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cscope\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"cscope\", reference:\"15.5-1.1sarge2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:25:45", "description": "An updated cscope package that fixes multiple security issues is now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package,\nwhich contains backported patches to fix these issues. All running\ninstances of cscope must be restarted for this update to take effect.", "edition": 26, "published": "2009-06-17T00:00:00", "title": "CentOS 3 : cscope (CESA-2009:1101)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "modified": "2009-06-17T00:00:00", "cpe": ["p-cpe:/a:centos:centos:cscope", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-1101.NASL", "href": "https://www.tenable.com/plugins/nessus/39424", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1101 and \n# CentOS Errata and Security Advisory 2009:1101 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39424);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2004-2541\", \"CVE-2006-4262\", \"CVE-2009-0148\", \"CVE-2009-1577\");\n script_bugtraq_id(34805);\n script_xref(name:\"RHSA\", value:\"2009:1101\");\n\n script_name(english:\"CentOS 3 : cscope (CESA-2009:1101)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated cscope package that fixes multiple security issues is now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package,\nwhich contains backported patches to fix these issues. All running\ninstances of cscope must be restarted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-June/015971.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a7d9356f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-June/015972.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b19ec61d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cscope package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cscope\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"cscope-15.5-16.RHEL3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"cscope-15.5-16.RHEL3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cscope\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:44:19", "description": "Multiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll running instances of cscope must be restarted for this update to\ntake effect.", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : cscope on SL3.x, SL4.x, SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090615_CSCOPE_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60595", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60595);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-2541\", \"CVE-2006-4262\", \"CVE-2009-0148\", \"CVE-2009-1577\");\n\n script_name(english:\"Scientific Linux Security Update : cscope on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll running instances of cscope must be restarted for this update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0906&L=scientific-linux-errata&T=0&P=706\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?03b8ade2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cscope package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"cscope-15.5-16.RHEL3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"cscope-15.5-10.RHEL4.3\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"cscope-15.5-15.1.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:06:47", "description": "An updated cscope package that fixes multiple security issues is now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package,\nwhich contains backported patches to fix these issues. All running\ninstances of cscope must be restarted for this update to take effect.", "edition": 27, "published": "2009-06-16T00:00:00", "title": "RHEL 3 / 4 : cscope (RHSA-2009:1101)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "modified": "2009-06-16T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "p-cpe:/a:redhat:enterprise_linux:cscope"], "id": "REDHAT-RHSA-2009-1101.NASL", "href": "https://www.tenable.com/plugins/nessus/39412", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1101. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39412);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-2541\", \"CVE-2006-4262\", \"CVE-2009-0148\", \"CVE-2009-1577\");\n script_bugtraq_id(34805);\n script_xref(name:\"RHSA\", value:\"2009:1101\");\n\n script_name(english:\"RHEL 3 / 4 : cscope (RHSA-2009:1101)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated cscope package that fixes multiple security issues is now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package,\nwhich contains backported patches to fix these issues. All running\ninstances of cscope must be restarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-2541\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4262\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0148\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1577\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1101\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cscope package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cscope\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1101\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"cscope-15.5-16.RHEL3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"cscope-15.5-10.RHEL4.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cscope\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:33", "description": "From Red Hat Security Advisory 2009:1101 :\n\nAn updated cscope package that fixes multiple security issues is now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package,\nwhich contains backported patches to fix these issues. All running\ninstances of cscope must be restarted for this update to take effect.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 : cscope (ELSA-2009-1101)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:cscope", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-1101.NASL", "href": "https://www.tenable.com/plugins/nessus/67872", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1101 and \n# Oracle Linux Security Advisory ELSA-2009-1101 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67872);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-2541\", \"CVE-2006-4262\", \"CVE-2009-0148\", \"CVE-2009-1577\");\n script_bugtraq_id(34805);\n script_xref(name:\"RHSA\", value:\"2009:1101\");\n\n script_name(english:\"Oracle Linux 3 / 4 : cscope (ELSA-2009-1101)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1101 :\n\nAn updated cscope package that fixes multiple security issues is now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package,\nwhich contains backported patches to fix these issues. All running\ninstances of cscope must be restarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-June/001036.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-June/001037.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cscope package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cscope\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"cscope-15.5-16.RHEL3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"cscope-15.5-16.RHEL3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"cscope-15.5-10.RHEL4.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cscope\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-08-12T00:58:07", "bulletinFamily": "unix", "cvelist": ["CVE-2006-4262"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1186-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 30th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : cscope\nVulnerability : buffer overflows\nProblem-Type : local(remote)\nDebian-specific: no\nCVE ID : CVE-2006-4262\nDebian Bug : 385893\n\nWill Drewry of the Google Security Team discovered several buffer overflows\nin cscope, a source browsing tool, which might lead to the execution of\narbitrary code.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion cscope_15.5-1.1sarge2.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 15.5+cvs20060902-1.\n\nWe recommend that you upgrade your cscope package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2.dsc\n Size/MD5 checksum: 597 288d126f1a8e75401bec5758d21fca6e\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2.diff.gz\n Size/MD5 checksum: 22685 efce07e2dbfdba7329ec88a143c811ad\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5.orig.tar.gz\n Size/MD5 checksum: 243793 beb6032a301bb11524aec74bfb5e4840\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_alpha.deb\n Size/MD5 checksum: 164514 0a49e059085c6b7935d19ade91441abf\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_amd64.deb\n Size/MD5 checksum: 152934 a10ede3f65739ef21806fd2eb139c572\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_arm.deb\n Size/MD5 checksum: 147224 05f695127f6fcc7a934a4835c18d215c\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_hppa.deb\n Size/MD5 checksum: 158482 faf5225195dcb6b89fb22711ff45547e\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_i386.deb\n Size/MD5 checksum: 143350 94dda40490e976fb3ba9a7aac7ea92d7\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_ia64.deb\n Size/MD5 checksum: 181116 52a1b55bcaa05bfe5731e53c14316620\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_m68k.deb\n Size/MD5 checksum: 140118 762aebb7ffbdee7c6787c750b53cd02e\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_mips.deb\n Size/MD5 checksum: 157354 87e2ffcf7dc6ebc10523391b29e1ab27\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_mipsel.deb\n Size/MD5 checksum: 155750 a566cbfcd6689dca81b8730148f59965\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_powerpc.deb\n Size/MD5 checksum: 154680 2a959a398cff553b7a7c51ce554b516e\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_s390.deb\n Size/MD5 checksum: 154500 6dd06b7d5ba9b119a1daf0f23fc65d79\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1sarge2_sparc.deb\n Size/MD5 checksum: 148314 585ad5bb0f6e591e7f54ce8c147d1cfb\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 8, "modified": "2006-09-30T00:00:00", "published": "2006-09-30T00:00:00", "id": "DEBIAN:DSA-1186-1:92282", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00280.html", "title": "[SECURITY] [DSA 1186-1] New cscope packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:28:11", "bulletinFamily": "unix", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1101\n\n\ncscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package, which\ncontains backported patches to fix these issues. All running instances of\ncscope must be restarted for this update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-June/028009.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-June/028010.html\n\n**Affected packages:**\ncscope\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1101.html", "edition": 4, "modified": "2009-06-16T08:39:44", "published": "2009-06-16T08:39:12", "href": "http://lists.centos.org/pipermail/centos-announce/2009-June/028009.html", "id": "CESA-2009:1101", "title": "cscope security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:46:17", "bulletinFamily": "unix", "cvelist": ["CVE-2004-2541", "CVE-2006-4262", "CVE-2009-0148", "CVE-2009-1577"], "description": "cscope is a mature, ncurses-based, C source-code tree browsing tool.\n\nMultiple buffer overflow flaws were found in cscope. An attacker could\ncreate a specially crafted source code file that could cause cscope to\ncrash or, possibly, execute arbitrary code when browsed with cscope.\n(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)\n\nAll users of cscope are advised to upgrade to this updated package, which\ncontains backported patches to fix these issues. All running instances of\ncscope must be restarted for this update to take effect.", "modified": "2018-05-26T04:26:18", "published": "2009-06-15T04:00:00", "id": "RHSA-2009:1101", "href": "https://access.redhat.com/errata/RHSA-2009:1101", "type": "redhat", "title": "(RHSA-2009:1101) Moderate: cscope security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:37", "bulletinFamily": "unix", "cvelist": ["CVE-2006-4262", "CVE-2004-2541", "CVE-2009-0148", "CVE-2009-1577"], "description": "[15.5-10.RHEL4.3]\n- Merge incdir-overflow and snprintf patches for better readability,\n snprintf is used now with PATHLEN limit without other adjustments,\n related strlen / %.*s / *_len are no longer needed and were dropped\n- Update tempsec patch, drop extraneous s(n)printf argument\n to suppress compiler warnings\n- Update fscanf-overflows patch to perform reffile argument length\n check earlier\n- Fixing some snprintf formatting errors\n- Fixing buffer overlows (bz 499198)\n- Fixed some additional sprintf overflows ", "edition": 4, "modified": "2009-06-15T00:00:00", "published": "2009-06-15T00:00:00", "id": "ELSA-2009-1101", "href": "http://linux.oracle.com/errata/ELSA-2009-1101.html", "title": "cscope security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
