ID GHSA-CQQJ-4P63-RRMM Type github Reporter GitHub Advisory Database Modified 2021-01-08T21:29:54
Description
HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."
{"id": "GHSA-CQQJ-4P63-RRMM", "bulletinFamily": "software", "title": "HTTP Request Smuggling in Netty", "description": "HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an \"invalid fold.\"", "published": "2020-02-21T18:55:24", "modified": "2021-01-08T21:29:54", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "href": "https://github.com/advisories/GHSA-cqqj-4p63-rrmm", "reporter": "GitHub Advisory Database", "references": ["https://nvd.nist.gov/vuln/detail/CVE-2019-20444", "https://github.com/advisories/GHSA-cqqj-4p63-rrmm"], "cvelist": ["CVE-2019-20444"], "type": "github", "lastseen": "2021-01-09T01:27:16", "edition": 4, "viewCount": 103, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-20444"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2110-1:96368", "DEBIAN:DLA-2365-1:41B26", "DEBIAN:DLA-2109-1:DE8EC", "DEBIAN:DLA-2364-1:39666"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310892109", "OPENVAS:1361412562310892110"]}, {"type": "redhat", "idList": ["RHSA-2020:0601", "RHSA-2020:0811", "RHSA-2020:0606", "RHSA-2020:0567", "RHSA-2020:0497", "RHSA-2020:0806", "RHSA-2020:0804", "RHSA-2020:0805", "RHSA-2020:0939", "RHSA-2020:0605"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2110.NASL", "REDHAT-RHSA-2020-0806.NASL", "UBUNTU_USN-4600-1.NASL", "UBUNTU_USN-4600-2.NASL", "DEBIAN_DLA-2109.NASL", "REDHAT-RHSA-2020-0804.NASL", "DEBIAN_DLA-2365.NASL", "UBUNTU_USN-4532-1.NASL", "DEBIAN_DLA-2364.NASL", "REDHAT-RHSA-2020-0605.NASL"]}, {"type": "ubuntu", "idList": ["USN-4600-2", "USN-4600-1", "USN-4532-1"]}, {"type": "fedora", "idList": ["FEDORA:BDC9D3090DB1", "FEDORA:05AFB3091421"]}, {"type": "github", "idList": ["GHSA-CQQJ-4P63-RRMM"]}], "modified": "2021-01-09T01:27:16", "rev": 2}, "score": {"value": 6.6, "vector": "NONE", "modified": "2021-01-09T01:27:16", "rev": 2}, "vulnersScore": 6.6}, "affectedSoftware": [{"name": "io.netty:netty-handler", "operator": "lt", "version": "4.1.44"}], "scheme": null}
{"cve": [{"lastseen": "2020-12-16T17:38:15", "description": "HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an \"invalid fold.\"", "edition": 28, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2020-01-29T21:15:00", "title": "CVE-2019-20444", "type": "cve", "cwe": ["CWE-444"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444"], "modified": "2020-12-16T06:15:00", "cpe": [], "id": "CVE-2019-20444", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20444", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "cpe23": []}], "debian": [{"lastseen": "2020-08-12T01:10:34", "bulletinFamily": "unix", "cvelist": ["CVE-2020-7238", "CVE-2019-20445", "CVE-2019-20444"], "description": "Package : netty\nVersion : 1:3.2.6.Final-2+deb8u2\nCVE ID : CVE-2019-20444 CVE-2019-20445 CVE-2020-7238\nDebian Bug : 950966 950967\n\n\nSeveral vulnerabilities were discovered in the HTTP server provided by\nNetty, a Java NIO client/server socket framework:\n\nCVE-2019-20444\n\n HttpObjectDecoder.java allows an HTTP header that lacks a colon,\n which might be interpreted as a separate header with an incorrect\n syntax, or might be interpreted as an "invalid fold."\n\nCVE-2019-20445\n\n HttpObjectDecoder.java allows a Content-Length header to be\n accompanied by a second Content-Length header, or by a\n Transfer-Encoding header.\n\nCVE-2020-7238\n\n Netty allows HTTP Request Smuggling because it mishandles\n Transfer-Encoding whitespace (such as a\n [space]Transfer-Encoding:chunked line) and a later Content-Length\n header.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1:3.2.6.Final-2+deb8u2.\n\nWe recommend that you upgrade your netty packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 7, "modified": "2020-02-19T18:04:18", "published": "2020-02-19T18:04:18", "id": "DEBIAN:DLA-2109-1:DE8EC", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202002/msg00017.html", "title": "[SECURITY] [DLA 2109-1] netty security update", "type": "debian", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-09-05T00:47:27", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16869", "CVE-2019-20445", "CVE-2019-20444"], "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2365-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Roberto C. S\u00e1nchez\nSeptember 04, 2020 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : netty-3.9\nVersion : 3.9.9.Final-1+deb9u1\nCVE ID : CVE-2019-16869 CVE-2019-20444 CVE-2019-20445\nDebian Bug : 941266 950966 950967\n\nSeveral vulnerabilities have been discovered in netty-3.9, a Java NIO\nclient/server socket framework.\n\nCVE-2019-16869\n\n Netty before 4.1.42.Final mishandles whitespace before the colon in\n HTTP headers (such as a "Transfer-Encoding : chunked" line), which\n leads to HTTP request smuggling.\n\nCVE-2019-20444\n\n HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header\n that lacks a colon, which might be interpreted as a separate header\n with an incorrect syntax, or might be interpreted as an "invalid\n fold."\n\nCVE-2019-20445\n\n HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length\n header to be accompanied by a second Content-Length header, or by a\n Transfer-Encoding header.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.9.9.Final-1+deb9u1.\n\nWe recommend that you upgrade your netty-3.9 packages.\n\nFor the detailed security status of netty-3.9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/netty-3.9\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 1, "modified": "2020-09-04T18:41:22", "published": "2020-09-04T18:41:22", "id": "DEBIAN:DLA-2365-1:41B26", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202009/msg00004.html", "title": "[SECURITY] [DLA 2365-1] netty-3.9 security update", "type": "debian", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-09-05T00:58:10", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11612", "CVE-2020-7238", "CVE-2019-16869", "CVE-2019-20445", "CVE-2019-20444"], "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2364-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Roberto C. S\u00e1nchez\nSeptember 04, 2020 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : netty\nVersion : 1:4.1.7-2+deb9u2\nCVE ID : CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 CVE-2020-11612\nDebian Bug : 950966 950967\n\nSeveral vulnerabilities have been discovered in netty, a Java NIO\nclient/server socket framework.\n\nCVE-2019-20444\n\n HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header\n that lacks a colon, which might be interpreted as a separate header\n with an incorrect syntax, or might be interpreted as an "invalid\n fold."\n\nCVE-2019-20445\n\n HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length\n header to be accompanied by a second Content-Length header, or by a\n Transfer-Encoding header.\n\nCVE-2020-7238\n\n Netty 4.1.43.Final allows HTTP Request Smuggling because it\n mishandles Transfer-Encoding whitespace (such as a\n [space]Transfer-Encoding:chunked line) and a later Content-Length\n header. This issue exists because of an incomplete fix for\n CVE-2019-16869.\n\nCVE-2020-11612\n\n The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded\n memory allocation while decoding a ZlibEncoded byte stream. An\n attacker could send a large ZlibEncoded byte stream to the Netty\n server, forcing the server to allocate all of its free memory to a\n single decoder.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:4.1.7-2+deb9u2.\n\nWe recommend that you upgrade your netty packages.\n\nFor the detailed security status of netty please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/netty\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 1, "modified": "2020-09-04T18:40:13", "published": "2020-09-04T18:40:13", "id": "DEBIAN:DLA-2364-1:39666", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202009/msg00003.html", "title": "[SECURITY] [DLA 2364-1] netty security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T01:07:41", "bulletinFamily": "unix", "cvelist": ["CVE-2020-7238", "CVE-2014-0193", "CVE-2019-16869", "CVE-2014-3488", "CVE-2019-20445", "CVE-2019-20444"], "description": "Package : netty-3.9\nVersion : 3.9.0.Final-1+deb8u1\nCVE ID : CVE-2014-0193 CVE-2014-3488 CVE-2019-16869 CVE-2019-20444 \n CVE-2019-20445 CVE-2020-7238\nDebian Bug : 746639 941266 950966 950967\n\n\nSeveral vulnerabilities were discovered in Netty, a Java NIO\nclient/server socket framework:\n\nCVE-2014-0193\n\n WebSocket08FrameDecoder allows remote attackers to cause a denial\n of service (memory consumption) via a TextWebSocketFrame followed\n by a long stream of ContinuationWebSocketFrames.\n\nCVE-2014-3488\n\n The SslHandler allows remote attackers to cause a denial of\n service (infinite loop and CPU consumption) via a crafted\n SSLv2Hello message.\n\nCVE-2019-16869\n\n Netty mishandles whitespace before the colon in HTTP headers (such\n as a "Transfer-Encoding : chunked" line), which leads to HTTP\n request smuggling.\n\nCVE-2019-20444\n\n HttpObjectDecoder.java allows an HTTP header that lacks a colon,\n which might be interpreted as a separate header with an incorrect\n syntax, or might be interpreted as an "invalid fold."\n\nCVE-2019-20445\n\n HttpObjectDecoder.java allows a Content-Length header to be\n accompanied by a second Content-Length header, or by a\n Transfer-Encoding header.\n\nCVE-2020-7238\n\n Netty allows HTTP Request Smuggling because it mishandles\n Transfer-Encoding whitespace (such as a\n [space]Transfer-Encoding:chunked line) and a later Content-Length\n header.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n3.9.0.Final-1+deb8u1.\n\nWe recommend that you upgrade your netty-3.9 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 7, "modified": "2020-02-19T18:04:23", "published": "2020-02-19T18:04:23", "id": "DEBIAN:DLA-2110-1:96368", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202002/msg00018.html", "title": "[SECURITY] [DLA 2110-1] netty-3.9 security update", "type": "debian", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "openvas": [{"lastseen": "2020-02-20T22:53:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-7238", "CVE-2019-20445", "CVE-2019-20444"], "description": "The remote host is missing an update for the ", "modified": "2020-02-20T00:00:00", "published": "2020-02-20T00:00:00", "id": "OPENVAS:1361412562310892109", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892109", "type": "openvas", "title": "Debian LTS: Security Advisory for netty (DLA-2109-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892109\");\n script_version(\"2020-02-20T04:00:07+0000\");\n script_cve_id(\"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-7238\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-20 04:00:07 +0000 (Thu, 20 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-20 04:00:07 +0000 (Thu, 20 Feb 2020)\");\n script_name(\"Debian LTS: Security Advisory for netty (DLA-2109-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00017.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2109-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/950966\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/950967\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'netty'\n package(s) announced via the DLA-2109-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in the HTTP server provided by\nNetty, a Java NIO client/server socket framework:\n\nCVE-2019-20444\n\nHttpObjectDecoder.java allows an HTTP header that lacks a colon,\nwhich might be interpreted as a separate header with an incorrect\nsyntax, or might be interpreted as an 'invalid fold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java allows a Content-Length header to be\naccompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader.\");\n\n script_tag(name:\"affected\", value:\"'netty' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1:3.2.6.Final-2+deb8u2.\n\nWe recommend that you upgrade your netty packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libnetty-java\", ver:\"1:3.2.6.Final-2+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-02-20T22:53:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-7238", "CVE-2014-0193", "CVE-2019-16869", "CVE-2014-3488", "CVE-2019-20445", "CVE-2019-20444"], "description": "The remote host is missing an update for the ", "modified": "2020-02-20T00:00:00", "published": "2020-02-20T00:00:00", "id": "OPENVAS:1361412562310892110", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892110", "type": "openvas", "title": "Debian LTS: Security Advisory for netty-3.9 (DLA-2110-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892110\");\n script_version(\"2020-02-20T04:00:10+0000\");\n script_cve_id(\"CVE-2014-0193\", \"CVE-2014-3488\", \"CVE-2019-16869\", \"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-7238\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-20 04:00:10 +0000 (Thu, 20 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-20 04:00:10 +0000 (Thu, 20 Feb 2020)\");\n script_name(\"Debian LTS: Security Advisory for netty-3.9 (DLA-2110-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2110-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/746639\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/941266\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/950966\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/950967\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'netty-3.9'\n package(s) announced via the DLA-2110-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in Netty, a Java NIO\nclient/server socket framework:\n\nCVE-2014-0193\n\nWebSocket08FrameDecoder allows remote attackers to cause a denial\nof service (memory consumption) via a TextWebSocketFrame followed\nby a long stream of ContinuationWebSocketFrames.\n\nCVE-2014-3488\n\nThe SslHandler allows remote attackers to cause a denial of\nservice (infinite loop and CPU consumption) via a crafted\nSSLv2Hello message.\n\nCVE-2019-16869\n\nNetty mishandles whitespace before the colon in HTTP headers (such\nas a 'Transfer-Encoding : chunked' line), which leads to HTTP\nrequest smuggling.\n\nCVE-2019-20444\n\nHttpObjectDecoder.java allows an HTTP header that lacks a colon,\nwhich might be interpreted as a separate header with an incorrect\nsyntax, or might be interpreted as an 'invalid fold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java allows a Content-Length header to be\naccompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader.\");\n\n script_tag(name:\"affected\", value:\"'netty-3.9' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n3.9.0.Final-1+deb8u1.\n\nWe recommend that you upgrade your netty-3.9 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libnetty-3.9-java\", ver:\"3.9.0.Final-1+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "redhat": [{"lastseen": "2020-02-25T15:34:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "description": "Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7.\n\nThis update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es):\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-02-25T20:19:59", "published": "2020-02-25T20:01:50", "id": "RHSA-2020:0601", "href": "https://access.redhat.com/errata/RHSA-2020:0601", "type": "redhat", "title": "(RHSA-2020:0601) Important: AMQ Clients 2.6.0 Release", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-02-26T11:44:21", "bulletinFamily": "unix", "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for the wildfly-security-manager package in Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es):\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "modified": "2020-02-26T15:33:22", "published": "2020-02-25T22:21:01", "id": "RHSA-2020:0605", "href": "https://access.redhat.com/errata/RHSA-2020:0605", "type": "redhat", "title": "(RHSA-2020:0605) Important: Red Hat JBoss Enterprise Application Platform 7.2 security update", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-02-13T15:31:53", "bulletinFamily": "unix", "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "description": "The release of Red Hat AMQ Online 1.3.3 serves as a replacement for AMQ online 1.3.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. \n\nSecurity Fix(es):\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-02-13T19:49:29", "published": "2020-02-13T19:03:36", "id": "RHSA-2020:0497", "href": "https://access.redhat.com/errata/RHSA-2020:0497", "type": "redhat", "title": "(RHSA-2020:0497) Important: AMQ Online security update", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-02-26T11:43:10", "bulletinFamily": "unix", "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for the wildfly-security-manager package in Red Hat JBoss Enterprise Application Platform 7.2.\n\nSecurity Fix(es):\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n\t\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "modified": "2020-02-26T15:40:26", "published": "2020-02-25T22:21:05", "id": "RHSA-2020:0606", "href": "https://access.redhat.com/errata/RHSA-2020:0606", "type": "redhat", "title": "(RHSA-2020:0606) Important: Red Hat JBoss Enterprise Application Platform 7.2 security update", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-03-03T17:35:59", "bulletinFamily": "unix", "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "description": "This release of Red Hat build of Eclipse Vert.x 3.8.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.", "modified": "2020-03-03T21:07:13", "published": "2020-03-03T21:07:01", "id": "RHSA-2020:0567", "href": "https://access.redhat.com/errata/RHSA-2020:0567", "type": "redhat", "title": "(RHSA-2020:0567) Important: Red Hat build of Eclipse Vert.x 3.8.5 security update", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-03-12T17:36:39", "bulletinFamily": "unix", "cvelist": ["CVE-2019-0205", "CVE-2019-0210", "CVE-2019-10086", "CVE-2019-12400", "CVE-2019-14887", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "description": "This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the class\nproperty in PropertyUtilsBean by default (CVE-2019-10086)\n\n* libthrift: thrift: Endless loop when feed with specific input data\n(CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or\nTSimpleJSONProtocol (CVE-2019-0210)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from\nan untrusted source (CVE-2019-12400)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "modified": "2020-03-12T20:51:09", "published": "2020-03-12T20:44:49", "id": "RHSA-2020:0805", "href": "https://access.redhat.com/errata/RHSA-2020:0805", "type": "redhat", "title": "(RHSA-2020:0805) Important: Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 7 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-12T17:36:15", "bulletinFamily": "unix", "cvelist": ["CVE-2019-0205", "CVE-2019-0210", "CVE-2019-10086", "CVE-2019-12400", "CVE-2019-14887", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "description": "This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "modified": "2020-03-12T20:54:21", "published": "2020-03-12T20:53:58", "id": "RHSA-2020:0811", "href": "https://access.redhat.com/errata/RHSA-2020:0811", "type": "redhat", "title": "(RHSA-2020:0811) Important: Red Hat JBoss Enterprise Application Platform 7.2.7 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-12T17:36:18", "bulletinFamily": "unix", "cvelist": ["CVE-2019-0205", "CVE-2019-0210", "CVE-2019-10086", "CVE-2019-12400", "CVE-2019-14887", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "description": "This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "modified": "2020-03-12T20:50:06", "published": "2020-03-12T20:44:41", "id": "RHSA-2020:0804", "href": "https://access.redhat.com/errata/RHSA-2020:0804", "type": "redhat", "title": "(RHSA-2020:0804) Important: Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 6 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-23T13:38:24", "bulletinFamily": "unix", "cvelist": ["CVE-2019-12399", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17531", "CVE-2019-20330", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "description": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.4.0 serves as a replacement for Red Hat AMQ Streams 1.3.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* jackson-databind: Serialization gadgets in classes of the commons-dbcp package (CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in classes of the p6spy package (CVE-2019-16943)\n\n* jackson-databind: polymorphic typing issue when enabling default typing for an externally exposed JSON endpoint and having apache-log4j-extra in the classpath leads to code execution (CVE-2019-17531)\n\n* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)\n\n* kafka: Connect REST API exposes plaintext secrets in tasks endpoint (CVE-2019-12399)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-03-23T17:14:27", "published": "2020-03-23T17:14:04", "id": "RHSA-2020:0939", "href": "https://access.redhat.com/errata/RHSA-2020:0939", "type": "redhat", "title": "(RHSA-2020:0939) Important: Red Hat AMQ Streams 1.4.0 release and security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-12T17:35:28", "bulletinFamily": "unix", "cvelist": ["CVE-2019-0205", "CVE-2019-0210", "CVE-2019-10086", "CVE-2019-12400", "CVE-2019-14887", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "description": "This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a\nreplacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and\nincludes bug fixes and enhancements. See the Red Hat JBoss Enterprise\nApplication Platform 7.2.7 Release Notes for information about the most\nsignificant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the class\nproperty in PropertyUtilsBean by default (CVE-2019-10086)\n\n* libthrift: thrift: Endless loop when feed with specific input data\n(CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or\nTSimpleJSONProtocol (CVE-2019-0210)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from\nan untrusted source (CVE-2019-12400)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "modified": "2020-03-12T20:50:07", "published": "2020-03-12T20:45:08", "id": "RHSA-2020:0806", "href": "https://access.redhat.com/errata/RHSA-2020:0806", "type": "redhat", "title": "(RHSA-2020:0806) Important: Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 8 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2020-03-18T02:45:03", "description": "An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.2 for Red Hat Enterprise Linux 6, 7, and 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for the\nwildfly-security-manager package in Red Hat JBoss Enterprise\nApplication Platform 7.2 for Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es) :\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace\nmishandling (CVE-2020-7238)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, see the CVE page(s) listed\nin the References section.", "edition": 1, "cvss3": {"score": 9.1, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2020-02-27T00:00:00", "title": "RHEL 6 / 7 / 8 : JBoss EAP (RHSA-2020:0605)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-7238", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2020-02-27T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:eap7-netty-all", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:eap7-netty"], "id": "REDHAT-RHSA-2020-0605.NASL", "href": "https://www.tenable.com/plugins/nessus/134098", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:0605. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134098);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/06\");\n\n script_cve_id(\"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-7238\");\n script_xref(name:\"RHSA\", value:\"2020:0605\");\n\n script_name(english:\"RHEL 6 / 7 / 8 : JBoss EAP (RHSA-2020:0605)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.2 for Red Hat Enterprise Linux 6, 7, and 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for the\nwildfly-security-manager package in Red Hat JBoss Enterprise\nApplication Platform 7.2 for Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es) :\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace\nmishandling (CVE-2020-7238)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, see the CVE page(s) listed\nin the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2020:0605\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-20444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-20445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2020-7238\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected eap7-netty and / or eap7-netty-all packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x / 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2020:0605\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"eap7-jboss\") || rpm_exists(release:\"RHEL7\", rpm:\"eap7-jboss\") || rpm_exists(release:\"RHEL8\", rpm:\"eap7-jboss\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-netty-4.1.45-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-netty-all-4.1.45-1.Final_redhat_00001.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-netty-4.1.45-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-netty-all-4.1.45-1.Final_redhat_00001.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-netty-4.1.45-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-netty-all-4.1.45-1.Final_redhat_00001.1.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-netty / eap7-netty-all\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-12T09:42:07", "description": "Several vulnerabilities were discovered in the HTTP server provided by\nNetty, a Java NIO client/server socket framework :\n\nCVE-2019-20444\n\nHttpObjectDecoder.java allows an HTTP header that lacks a colon, which\nmight be interpreted as a separate header with an incorrect syntax, or\nmight be interpreted as an 'invalid fold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java allows a Content-Length header to be\naccompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1:3.2.6.Final-2+deb8u2.\n\nWe recommend that you upgrade your netty packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 4, "cvss3": {"score": 9.1, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2020-02-20T00:00:00", "title": "Debian DLA-2109-1 : netty security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-7238", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2020-02-20T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:libnetty-java"], "id": "DEBIAN_DLA-2109.NASL", "href": "https://www.tenable.com/plugins/nessus/133813", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2109-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133813);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-7238\");\n\n script_name(english:\"Debian DLA-2109-1 : netty security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in the HTTP server provided by\nNetty, a Java NIO client/server socket framework :\n\nCVE-2019-20444\n\nHttpObjectDecoder.java allows an HTTP header that lacks a colon, which\nmight be interpreted as a separate header with an incorrect syntax, or\nmight be interpreted as an 'invalid fold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java allows a Content-Length header to be\naccompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1:3.2.6.Final-2+deb8u2.\n\nWe recommend that you upgrade your netty packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00017.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/netty\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected libnetty-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnetty-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libnetty-java\", reference:\"1:3.2.6.Final-2+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-09-14T13:32:02", "description": "Several vulnerabilities have been discovered in netty-3.9, a Java NIO\nclient/server socket framework.\n\nCVE-2019-16869\n\nNetty before 4.1.42.Final mishandles whitespace before the colon in\nHTTP headers (such as a 'Transfer-Encoding : chunked' line), which\nleads to HTTP request smuggling.\n\nCVE-2019-20444\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header\nthat lacks a colon, which might be interpreted as a separate header\nwith an incorrect syntax, or might be interpreted as an 'invalid\nfold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length\nheader to be accompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.9.9.Final-1+deb9u1.\n\nWe recommend that you upgrade your netty-3.9 packages.\n\nFor the detailed security status of netty-3.9 please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/netty-3.9\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 3, "cvss3": {"score": 9.1, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2020-09-08T00:00:00", "title": "Debian DLA-2365-1 : netty-3.9 security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-16869", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2020-09-08T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnetty-3.9-java", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2365.NASL", "href": "https://www.tenable.com/plugins/nessus/140296", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2365-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140296);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/10\");\n\n script_cve_id(\"CVE-2019-16869\", \"CVE-2019-20444\", \"CVE-2019-20445\");\n\n script_name(english:\"Debian DLA-2365-1 : netty-3.9 security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in netty-3.9, a Java NIO\nclient/server socket framework.\n\nCVE-2019-16869\n\nNetty before 4.1.42.Final mishandles whitespace before the colon in\nHTTP headers (such as a 'Transfer-Encoding : chunked' line), which\nleads to HTTP request smuggling.\n\nCVE-2019-20444\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header\nthat lacks a colon, which might be interpreted as a separate header\nwith an incorrect syntax, or might be interpreted as an 'invalid\nfold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length\nheader to be accompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.9.9.Final-1+deb9u1.\n\nWe recommend that you upgrade your netty-3.9 packages.\n\nFor the detailed security status of netty-3.9 please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/netty-3.9\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/09/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/netty-3.9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/netty-3.9\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade the affected libnetty-3.9-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnetty-3.9-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libnetty-3.9-java\", reference:\"3.9.9.Final-1+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-11-25T15:14:31", "description": "The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-4532-1 advisory.\n\n - Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a Transfer-\n Encoding : chunked line), which leads to HTTP request smuggling. (CVE-2019-16869)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be\n interpreted as a separate header with an incorrect syntax, or might be interpreted as an invalid fold.\n (CVE-2019-20444)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second\n Content-Length header, or by a Transfer-Encoding header. (CVE-2019-20445)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 2, "cvss3": {"score": 9.1, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2020-09-23T00:00:00", "title": "Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4532-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-16869", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2020-09-23T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libnetty-3.9-java", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4532-1.NASL", "href": "https://www.tenable.com/plugins/nessus/140753", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4532-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140753);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/24\");\n\n script_cve_id(\"CVE-2019-16869\", \"CVE-2019-20444\", \"CVE-2019-20445\");\n script_xref(name:\"USN\", value:\"4532-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4532-1)\");\n script_summary(english:\"Checks the dpkg output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-4532-1 advisory.\n\n - Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a Transfer-\n Encoding : chunked line), which leads to HTTP request smuggling. (CVE-2019-16869)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be\n interpreted as a separate header with an incorrect syntax, or might be interpreted as an invalid fold.\n (CVE-2019-20444)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second\n Content-Length header, or by a Transfer-Encoding header. (CVE-2019-20445)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4532-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libnetty-3.9-java package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-20445\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnetty-3.9-java\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'libnetty-3.9-java', 'pkgver': '3.9.9.Final-1+deb9u1build0.18.04.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libnetty-3.9-java');\n}", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-11-25T15:14:38", "description": "The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-4600-2 advisory.\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be\n interpreted as a separate header with an incorrect syntax, or might be interpreted as an invalid fold.\n (CVE-2019-20444)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second\n Content-Length header, or by a Transfer-Encoding header. (CVE-2019-20445)\n\n - The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a\n ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server,\n forcing the server to allocate all of its free memory to a single decoder. (CVE-2020-11612)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 2, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-10-27T00:00:00", "title": "Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4600-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11612", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2020-10-27T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libnetty-java", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4600-2.NASL", "href": "https://www.tenable.com/plugins/nessus/141934", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4600-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141934);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/24\");\n\n script_cve_id(\"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-11612\");\n script_xref(name:\"USN\", value:\"4600-2\");\n\n script_name(english:\"Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4600-2)\");\n script_summary(english:\"Checks the dpkg output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-4600-2 advisory.\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be\n interpreted as a separate header with an incorrect syntax, or might be interpreted as an invalid fold.\n (CVE-2019-20444)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second\n Content-Length header, or by a Transfer-Encoding header. (CVE-2019-20445)\n\n - The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a\n ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server,\n forcing the server to allocate all of its free memory to a single decoder. (CVE-2020-11612)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4600-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libnetty-java package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11612\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnetty-java\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'libnetty-java', 'pkgver': '1:4.1.7-4ubuntu0.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libnetty-java');\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-25T15:14:38", "description": "The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-4600-1 advisory.\n\n - Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a Transfer-\n Encoding : chunked line), which leads to HTTP request smuggling. (CVE-2019-16869)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be\n interpreted as a separate header with an incorrect syntax, or might be interpreted as an invalid fold.\n (CVE-2019-20444)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second\n Content-Length header, or by a Transfer-Encoding header. (CVE-2019-20445)\n\n - Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such\n as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because\n of an incomplete fix for CVE-2019-16869. (CVE-2020-7238)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 2, "cvss3": {"score": 9.1, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2020-10-22T00:00:00", "title": "Ubuntu 16.04 LTS : Netty vulnerabilities (USN-4600-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-7238", "CVE-2019-16869", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2020-10-22T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libnetty-3.9-java", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts"], "id": "UBUNTU_USN-4600-1.NASL", "href": "https://www.tenable.com/plugins/nessus/141822", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4600-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141822);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/24\");\n\n script_cve_id(\n \"CVE-2019-16869\",\n \"CVE-2019-20444\",\n \"CVE-2019-20445\",\n \"CVE-2020-7238\"\n );\n script_xref(name:\"USN\", value:\"4600-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Netty vulnerabilities (USN-4600-1)\");\n script_summary(english:\"Checks the dpkg output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-4600-1 advisory.\n\n - Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a Transfer-\n Encoding : chunked line), which leads to HTTP request smuggling. (CVE-2019-16869)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be\n interpreted as a separate header with an incorrect syntax, or might be interpreted as an invalid fold.\n (CVE-2019-20444)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second\n Content-Length header, or by a Transfer-Encoding header. (CVE-2019-20445)\n\n - Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such\n as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because\n of an incomplete fix for CVE-2019-16869. (CVE-2020-7238)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4600-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libnetty-3.9-java package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-20445\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnetty-3.9-java\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '16.04', 'pkgname': 'libnetty-3.9-java', 'pkgver': '3.9.0.Final-1ubuntu0.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libnetty-3.9-java');\n}", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-09-14T13:32:01", "description": "Several vulnerabilities have been discovered in netty, a Java NIO\nclient/server socket framework.\n\nCVE-2019-20444\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header\nthat lacks a colon, which might be interpreted as a separate header\nwith an incorrect syntax, or might be interpreted as an 'invalid\nfold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length\nheader to be accompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty 4.1.43.Final allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader. This issue exists because of an incomplete fix for\nCVE-2019-16869.\n\nCVE-2020-11612\n\nThe ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded\nmemory allocation while decoding a ZlibEncoded byte stream. An\nattacker could send a large ZlibEncoded byte stream to the Netty\nserver, forcing the server to allocate all of its free memory to a\nsingle decoder.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:4.1.7-2+deb9u2.\n\nWe recommend that you upgrade your netty packages.\n\nFor the detailed security status of netty please refer to its security\ntracker page at: https://security-tracker.debian.org/tracker/netty\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 3, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-09-08T00:00:00", "title": "Debian DLA-2364-1 : netty security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11612", "CVE-2020-7238", "CVE-2019-16869", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2020-09-08T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnetty-java", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2364.NASL", "href": "https://www.tenable.com/plugins/nessus/140295", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2364-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140295);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/10\");\n\n script_cve_id(\"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-11612\", \"CVE-2020-7238\");\n\n script_name(english:\"Debian DLA-2364-1 : netty security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in netty, a Java NIO\nclient/server socket framework.\n\nCVE-2019-20444\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header\nthat lacks a colon, which might be interpreted as a separate header\nwith an incorrect syntax, or might be interpreted as an 'invalid\nfold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length\nheader to be accompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty 4.1.43.Final allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader. This issue exists because of an incomplete fix for\nCVE-2019-16869.\n\nCVE-2020-11612\n\nThe ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded\nmemory allocation while decoding a ZlibEncoded byte stream. An\nattacker could send a large ZlibEncoded byte stream to the Netty\nserver, forcing the server to allocate all of its free memory to a\nsingle decoder.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:4.1.7-2+deb9u2.\n\nWe recommend that you upgrade your netty packages.\n\nFor the detailed security status of netty please refer to its security\ntracker page at: https://security-tracker.debian.org/tracker/netty\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/09/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/netty\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/netty\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade the affected libnetty-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnetty-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libnetty-java\", reference:\"1:4.1.7-2+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:42:08", "description": "Several vulnerabilities were discovered in Netty, a Java NIO\nclient/server socket framework :\n\nCVE-2014-0193\n\nWebSocket08FrameDecoder allows remote attackers to cause a denial of\nservice (memory consumption) via a TextWebSocketFrame followed by a\nlong stream of ContinuationWebSocketFrames.\n\nCVE-2014-3488\n\nThe SslHandler allows remote attackers to cause a denial of service\n(infinite loop and CPU consumption) via a crafted SSLv2Hello message.\n\nCVE-2019-16869\n\nNetty mishandles whitespace before the colon in HTTP headers (such as\na 'Transfer-Encoding : chunked' line), which leads to HTTP request\nsmuggling.\n\nCVE-2019-20444\n\nHttpObjectDecoder.java allows an HTTP header that lacks a colon, which\nmight be interpreted as a separate header with an incorrect syntax, or\nmight be interpreted as an 'invalid fold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java allows a Content-Length header to be\naccompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.9.0.Final-1+deb8u1.\n\nWe recommend that you upgrade your netty-3.9 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 4, "cvss3": {"score": 9.1, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2020-02-20T00:00:00", "title": "Debian DLA-2110-1 : netty-3.9 security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-7238", "CVE-2014-0193", "CVE-2019-16869", "CVE-2014-3488", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2020-02-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnetty-3.9-java", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-2110.NASL", "href": "https://www.tenable.com/plugins/nessus/133814", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2110-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133814);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-0193\", \"CVE-2014-3488\", \"CVE-2019-16869\", \"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-7238\");\n script_bugtraq_id(67182, 68999);\n\n script_name(english:\"Debian DLA-2110-1 : netty-3.9 security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in Netty, a Java NIO\nclient/server socket framework :\n\nCVE-2014-0193\n\nWebSocket08FrameDecoder allows remote attackers to cause a denial of\nservice (memory consumption) via a TextWebSocketFrame followed by a\nlong stream of ContinuationWebSocketFrames.\n\nCVE-2014-3488\n\nThe SslHandler allows remote attackers to cause a denial of service\n(infinite loop and CPU consumption) via a crafted SSLv2Hello message.\n\nCVE-2019-16869\n\nNetty mishandles whitespace before the colon in HTTP headers (such as\na 'Transfer-Encoding : chunked' line), which leads to HTTP request\nsmuggling.\n\nCVE-2019-20444\n\nHttpObjectDecoder.java allows an HTTP header that lacks a colon, which\nmight be interpreted as a separate header with an incorrect syntax, or\nmight be interpreted as an 'invalid fold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java allows a Content-Length header to be\naccompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.9.0.Final-1+deb8u1.\n\nWe recommend that you upgrade your netty-3.9 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/netty-3.9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected libnetty-3.9-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnetty-3.9-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libnetty-3.9-java\", reference:\"3.9.0.Final-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-01T05:23:58", "description": "An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.2 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.7\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.2.6, and includes bug fixes and enhancements. See the Red\nHat JBoss Enterprise Application Platform 7.2.7 Release Notes for\ninformation about the most significant bug fixes and enhancements\nincluded in this release.\n\nSecurity Fix(es) :\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the\nclass property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* libthrift: thrift: Endless loop when feed with specific input data\n(CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or\nTSimpleJSONProtocol (CVE-2019-0210)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing\ncode from an untrusted source (CVE-2019-12400)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not\nrespected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace\nmishandling (CVE-2020-7238)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to\naccompanied by second Content-Length header (CVE-2019-20445)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, see the CVE page(s) listed\nin the References section.", "edition": 12, "cvss3": {"score": 9.1, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2020-03-16T00:00:00", "title": "RHEL 6 : JBoss EAP (RHSA-2020:0804)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-7238", "CVE-2019-0210", "CVE-2019-10086", "CVE-2019-12400", "CVE-2019-14887", "CVE-2019-0205", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jaxb", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-istack-commons-tools", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-linux-x86_64", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-woodstox-core", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-el", "p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-runtime", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common", "p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java-thrift", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-istack-commons-runtime", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-rngom", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2", "p-cpe:/a:redhat:enterprise_linux:eap7-xsom", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-stax2-api", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-java", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-thrift", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-xjc", "p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-jxc", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-el-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-codemodel", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-txw2", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8", "p-cpe:/a:redhat:enterprise_linux:eap7-sun-istack-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0", "p-cpe:/a:redhat:enterprise_linux:eap7-relaxng-datatype", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-apache-commons-beanutils", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-linux-x86_64-debuginfo", "p-cpe:/a:redhat:enterprise_linux:eap7-xml-security", "p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1"], "id": "REDHAT-RHSA-2020-0804.NASL", "href": "https://www.tenable.com/plugins/nessus/134612", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:0804. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134612);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2020/03/16\");\n\n script_cve_id(\"CVE-2019-0205\", \"CVE-2019-0210\", \"CVE-2019-10086\", \"CVE-2019-12400\", \"CVE-2019-14887\", \"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-7238\");\n script_xref(name:\"RHSA\", value:\"2020:0804\");\n\n script_name(english:\"RHEL 6 : JBoss EAP (RHSA-2020:0804)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.2 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.7\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.2.6, and includes bug fixes and enhancements. See the Red\nHat JBoss Enterprise Application Platform 7.2.7 Release Notes for\ninformation about the most significant bug fixes and enhancements\nincluded in this release.\n\nSecurity Fix(es) :\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the\nclass property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* libthrift: thrift: Endless loop when feed with specific input data\n(CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or\nTSimpleJSONProtocol (CVE-2019-0210)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing\ncode from an untrusted source (CVE-2019-12400)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not\nrespected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace\nmishandling (CVE-2020-7238)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to\naccompanied by second Content-Length header (CVE-2019-20445)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, see the CVE page(s) listed\nin the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2020:0804\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-0205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-0210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12400\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-20444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-20445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2020-7238\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-apache-commons-beanutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-el-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jaxb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-istack-commons-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-istack-commons-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java-thrift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-jxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-xjc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-relaxng-datatype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-rngom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-stax2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-sun-istack-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-thrift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-txw2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-linux-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-linux-x86_64-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-woodstox-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-xml-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-xsom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2020:0804\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"eap7-jboss\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-cli-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-commons-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-core-client-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-dto-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-hornetq-protocol-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-hqclient-protocol-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jdbc-store-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jms-client-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jms-server-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-journal-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-ra-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-selector-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-server-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-service-extensions-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-tools-2.9.0-2.redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-apache-commons-beanutils-1.9.4-1.redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-codemodel-2.3.3-4.b02_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-glassfish-el-3.0.1-4.b08_redhat_00003.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-glassfish-el-impl-3.0.1-4.b08_redhat_00003.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-glassfish-jaxb-2.3.3-4.b02_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-glassfish-jsf-2.3.5-7.SP3_redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hal-console-3.0.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-5.3.15-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-core-5.3.15-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-entitymanager-5.3.15-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-envers-5.3.15-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-java8-5.3.15-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-9.3.8-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-cachestore-jdbc-9.3.8-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-cachestore-remote-9.3.8-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-client-hotrod-9.3.8-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-commons-9.3.8-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-core-9.3.8-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-hibernate-cache-commons-9.3.8-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-hibernate-cache-spi-9.3.8-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-hibernate-cache-v53-9.3.8-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-1.4.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-api-1.4.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-impl-1.4.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-spi-1.4.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-core-api-1.4.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-core-impl-1.4.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-deployers-common-1.4.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-jdbc-1.4.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-validator-1.4.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-istack-commons-runtime-3.0.10-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-istack-commons-tools-3.0.10-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-databind-2.9.10.2-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jaegertracing-jaeger-client-java-0.34.1-1.redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jaegertracing-jaeger-client-java-core-0.34.1-1.redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jaegertracing-jaeger-client-java-thrift-0.34.1-1.redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jaxb-jxc-2.3.3-4.b02_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jaxb-runtime-2.3.3-4.b02_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jaxb-xjc-2.3.3-4.b02_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-ejb-client-4.0.28-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-remoting-5.0.17-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-cli-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-core-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap6.4-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap6.4-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.0-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.0-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.1-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.1-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.0-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.0-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.1-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.1-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly11.0-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly11.0-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly12.0-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly12.0-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly13.0-server-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly14.0-server-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly8.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly8.2-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly9.0-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly9.0-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-bindings-2.5.5-23.SP12_redhat_00012.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-wildfly8-2.5.5-23.SP12_redhat_00012.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-relaxng-datatype-2.3.3-4.b02_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-rngom-2.3.3-4.b02_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-stax2-api-4.2.0-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-sun-istack-commons-3.0.10-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-thrift-0.13.0-1.redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-txw2-2.3.3-4.b02_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-7.2.7-4.GA_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-http-client-common-1.0.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-http-ejb-client-1.0.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-http-naming-client-1.0.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-http-transaction-client-1.0.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-javadocs-7.2.7-4.GA_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-modules-7.2.7-4.GA_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-openssl-1.0.9-2.SP03_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-openssl-java-1.0.9-2.SP03_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"eap7-wildfly-openssl-linux-x86_64-1.0.9-2.SP03_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"eap7-wildfly-openssl-linux-x86_64-debuginfo-1.0.9-2.SP03_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-transaction-client-1.1.9-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-woodstox-core-6.0.3-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-xml-security-2.1.4-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-xsom-2.3.3-4.b02_redhat_00001.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-activemq-artemis / eap7-activemq-artemis-cli / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T05:24:00", "description": "An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.2 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.7\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.2.6, and includes bug fixes and enhancements. See the Red\nHat JBoss Enterprise Application Platform 7.2.7 Release Notes for\ninformation about the most significant bug fixes and enhancements\nincluded in this release.\n\nSecurity Fix(es) :\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the\nclass property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* libthrift: thrift: Endless loop when feed with specific input data\n(CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or\nTSimpleJSONProtocol (CVE-2019-0210)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing\ncode from an untrusted source (CVE-2019-12400)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not\nrespected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace\nmishandling (CVE-2020-7238)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to\naccompanied by second Content-Length header (CVE-2019-20445)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, see the CVE page(s) listed\nin the References section.", "edition": 12, "cvss3": {"score": 9.1, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2020-03-16T00:00:00", "title": "RHEL 8 : JBoss EAP (RHSA-2020:0806)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-7238", "CVE-2019-0210", "CVE-2019-10086", "CVE-2019-12400", "CVE-2019-14887", "CVE-2019-0205", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jaxb", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-istack-commons-tools", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-linux-x86_64", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-woodstox-core", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-el", "p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-runtime", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common", "p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java-thrift", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-istack-commons-runtime", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-rngom", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2", "p-cpe:/a:redhat:enterprise_linux:eap7-xsom", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-stax2-api", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-java", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-thrift", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-xjc", "p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-jxc", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-el-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-codemodel", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-txw2", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8", "p-cpe:/a:redhat:enterprise_linux:eap7-sun-istack-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0", "p-cpe:/a:redhat:enterprise_linux:eap7-relaxng-datatype", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-apache-commons-beanutils", "cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-linux-x86_64-debuginfo", "p-cpe:/a:redhat:enterprise_linux:eap7-xml-security", "p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1"], "id": "REDHAT-RHSA-2020-0806.NASL", "href": "https://www.tenable.com/plugins/nessus/134614", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:0806. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134614);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2020/03/16\");\n\n script_cve_id(\"CVE-2019-0205\", \"CVE-2019-0210\", \"CVE-2019-10086\", \"CVE-2019-12400\", \"CVE-2019-14887\", \"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-7238\");\n script_xref(name:\"RHSA\", value:\"2020:0806\");\n\n script_name(english:\"RHEL 8 : JBoss EAP (RHSA-2020:0806)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.2 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.7\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.2.6, and includes bug fixes and enhancements. See the Red\nHat JBoss Enterprise Application Platform 7.2.7 Release Notes for\ninformation about the most significant bug fixes and enhancements\nincluded in this release.\n\nSecurity Fix(es) :\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the\nclass property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* libthrift: thrift: Endless loop when feed with specific input data\n(CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or\nTSimpleJSONProtocol (CVE-2019-0210)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing\ncode from an untrusted source (CVE-2019-12400)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not\nrespected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace\nmishandling (CVE-2020-7238)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to\naccompanied by second Content-Length header (CVE-2019-20445)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, see the CVE page(s) listed\nin the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2020:0806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-0205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-0210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12400\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-20444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-20445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2020-7238\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-apache-commons-beanutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-el-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jaxb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-istack-commons-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-istack-commons-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java-thrift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-jxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-xjc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-relaxng-datatype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-rngom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-stax2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-sun-istack-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-thrift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-txw2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-linux-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-linux-x86_64-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-woodstox-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-xml-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-xsom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2020:0806\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL8\", rpm:\"eap7-jboss\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-cli-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-commons-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-core-client-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-dto-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-hornetq-protocol-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-hqclient-protocol-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-jdbc-store-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-jms-client-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-jms-server-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-journal-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-ra-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-selector-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-server-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-service-extensions-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-tools-2.9.0-2.redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-apache-commons-beanutils-1.9.4-1.redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-codemodel-2.3.3-4.b02_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-glassfish-el-3.0.1-4.b08_redhat_00003.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-glassfish-el-impl-3.0.1-4.b08_redhat_00003.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-glassfish-jaxb-2.3.3-4.b02_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-glassfish-jsf-2.3.5-7.SP3_redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hal-console-3.0.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hibernate-5.3.15-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hibernate-core-5.3.15-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hibernate-entitymanager-5.3.15-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hibernate-envers-5.3.15-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hibernate-java8-5.3.15-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-9.3.8-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-cachestore-jdbc-9.3.8-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-cachestore-remote-9.3.8-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-client-hotrod-9.3.8-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-commons-9.3.8-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-core-9.3.8-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-hibernate-cache-commons-9.3.8-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-hibernate-cache-spi-9.3.8-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-hibernate-cache-v53-9.3.8-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-1.4.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-common-api-1.4.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-common-impl-1.4.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-common-spi-1.4.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-core-api-1.4.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-core-impl-1.4.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-deployers-common-1.4.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-jdbc-1.4.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-validator-1.4.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-istack-commons-runtime-3.0.10-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-istack-commons-tools-3.0.10-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-databind-2.9.10.2-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jaegertracing-jaeger-client-java-0.34.1-1.redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jaegertracing-jaeger-client-java-core-0.34.1-1.redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jaegertracing-jaeger-client-java-thrift-0.34.1-1.redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jaxb-jxc-2.3.3-4.b02_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jaxb-runtime-2.3.3-4.b02_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jaxb-xjc-2.3.3-4.b02_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-ejb-client-4.0.28-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-remoting-5.0.17-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-cli-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-core-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap6.4-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap6.4-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap7.0-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap7.0-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap7.1-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap7.1-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap7.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly10.0-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly10.0-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly10.1-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly10.1-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly11.0-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly11.0-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly12.0-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly12.0-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly13.0-server-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly14.0-server-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly8.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly8.2-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly9.0-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly9.0-to-eap7.2-1.3.1-8.Final_redhat_00009.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-bindings-2.5.5-23.SP12_redhat_00012.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-wildfly8-2.5.5-23.SP12_redhat_00012.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-relaxng-datatype-2.3.3-4.b02_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-rngom-2.3.3-4.b02_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-stax2-api-4.2.0-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-sun-istack-commons-3.0.10-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-thrift-0.13.0-1.redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-txw2-2.3.3-4.b02_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-7.2.7-4.GA_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-http-client-common-1.0.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-http-ejb-client-1.0.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-http-naming-client-1.0.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-http-transaction-client-1.0.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-javadocs-7.2.7-4.GA_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-modules-7.2.7-4.GA_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-openssl-1.0.9-2.SP03_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-openssl-java-1.0.9-2.SP03_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"eap7-wildfly-openssl-linux-x86_64-1.0.9-2.SP03_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"eap7-wildfly-openssl-linux-x86_64-debuginfo-1.0.9-2.SP03_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-transaction-client-1.1.9-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-woodstox-core-6.0.3-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-xml-security-2.1.4-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-xsom-2.3.3-4.b02_redhat_00001.1.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-activemq-artemis / eap7-activemq-artemis-cli / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2020-09-22T22:59:56", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16869", "CVE-2019-20445", "CVE-2019-20444"], "description": "It was discovered that Netty incorrectly handled certain HTTP headers. \nBy sending an HTTP header with whitespace before the colon, a remote \nattacker could possibly use this issue to perform an HTTP request \nsmuggling attack. (CVE-2019-16869)\n\nIt was discovered that Netty incorrectly handled certain HTTP headers. \nBy sending an HTTP header that lacks a colon, a remote attacker could \npossibly use this issue to perform an HTTP request smuggling attack. \n(CVE-2019-20444)\n\nIt was discovered that Netty incorrectly handled certain HTTP headers. \nBy sending a Content-Length header accompanied by a second Content-Length \nheader, or by a Transfer-Encoding header, a remote attacker could possibly \nuse this issue to perform an HTTP request smuggling attack. \n(CVE-2019-20445)", "edition": 1, "modified": "2020-09-22T00:00:00", "published": "2020-09-22T00:00:00", "id": "USN-4532-1", "href": "https://ubuntu.com/security/notices/USN-4532-1", "title": "Netty vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-10-22T23:28:14", "bulletinFamily": "unix", "cvelist": ["CVE-2020-7238", "CVE-2019-16869", "CVE-2019-20445", "CVE-2019-20444"], "description": "It was discovered that Netty had HTTP request smuggling vulnerabilities. A \nremote attacker could used it to extract sensitive information. (CVE-2019-16869, \nCVE-2019-20444, CVE-2019-20445, CVE-2020-7238)", "edition": 1, "modified": "2020-10-22T00:00:00", "published": "2020-10-22T00:00:00", "id": "USN-4600-1", "href": "https://ubuntu.com/security/notices/USN-4600-1", "title": "Netty vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-10-27T21:34:40", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11612", "CVE-2020-7238", "CVE-2019-16869", "CVE-2019-20445", "CVE-2019-20444"], "description": "USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides \nthe corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty.\n\nAlso it was discovered that Netty allow for unbounded memory allocation. A \nremote attacker could send a large stream to the Netty server causing it to \ncrash (denial of service). (CVE-2020-11612)\n\nOriginal advisory details:\n\nIt was discovered that Netty had HTTP request smuggling vulnerabilities. A \nremote attacker could used it to extract sensitive information. (CVE-2019-16869, \nCVE-2019-20444, CVE-2019-20445, CVE-2020-7238)", "edition": 1, "modified": "2020-10-27T00:00:00", "published": "2020-10-27T00:00:00", "id": "USN-4600-2", "href": "https://ubuntu.com/security/notices/USN-4600-2", "title": "Netty vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-11612", "CVE-2020-7238"], "description": "Netty is a NIO client server framework which enables quick and easy development of network applications such as protocol servers and clients. It greatly simplifies and streamlines network programming such as TCP and UDP socket server. 'Quick and easy' doesn't mean that a resulting application will suffer from a maintainability or a performance issue. Netty has been designed carefully with the experiences earned from the implementation of a lot of protocols such as FTP, SMTP, HTTP, and various binary and text-based legacy protocols. As a result, Netty has succeeded to find a way to achieve ease of development, performance, stability, and flexibility without a compromise. ", "modified": "2020-09-25T17:16:37", "published": "2020-09-25T17:16:37", "id": "FEDORA:05AFB3091421", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: netty-4.1.51-1.fc33", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-11612", "CVE-2020-7238"], "description": "This project aims to offer some concurrent data structures currently missing from the JDK: =EF=BF=BD=EF=BF=BD SPSC/MPSC/SPMC/MPMC Bounded lock free queues =EF=BF=BD=EF=BF=BD SPSC/MPSC Unbounded lock free queues =EF=BF=BD=EF=BF=BD Alternative interfaces for queues =EF=BF=BD=EF=BF=BD Offheap concurrent ring buffer for ITC/IPC purposes =EF=BF=BD=EF=BF=BD Single Writer Map/Set implementations =EF=BF=BD=EF=BF=BD Low contention stats counters =EF=BF=BD=EF=BF=BD Executor ", "modified": "2020-09-25T17:16:36", "published": "2020-09-25T17:16:36", "id": "FEDORA:BDC9D3090DB1", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: jctools-3.1.0-1.fc33", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
