For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 567 22 5 36 15 60 The third week of March 2022 witnessed the discovery of 567 vulnerabilities out of which 22 gained the attention of Threat Actors and security researchers worldwide. Among these 22, there were 2 vulnerabilities about which the National vulnerability Database (NVD) is awaiting analysis, while 2 more of them are undergoing reanalysis, and 14 were not present in the NVD at all. Hive Pro Threat Research Team has curated a list of 22 CVEs that require immediate action. Furthermore, we also observed five threat actor groups being highly active in the last week. The Sandworm Team, a well-known Russian threat actor group popular for sabotage and destruction, was observed using a new malware known as Cyclops Blink. Additionally, a new threat actor, Exotic Lily, was acting as Initial Access Broker (IAB) for Conti and Diavol ransomware groups exploiting the zero-day vulnerability in Microsoft MSHTML (CVE-2021-40444). Another threat actor from Russia, UAC-0056, was observed targeting Western European and North American ministries as well as private sectors. Two ransomware gangs, Pandora and Lockbit, were active across different organizations around the globe. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section below. Detailed Report: Interesting Vulnerabilities: Vendor CVEs Patch Link CVE-2021-20083 https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/ CVE-2022-24728 CVE-2022-24729 https://www.drupal.org/project/drupal/releases/9.2.15 https://www.drupal.org/project/drupal/releases/9.3.8 CVE-2022-0337 https://download3.operacdn.com/pub/opera/desktop/84.0.4316.42/win/Opera_84.0.4316.42_Setup_x64.exe CVE-2022-0337 https://files02.tchspt.com/temp/MicrosoftEdgeSetup.exe Vendor CVEs Patch Link CVE-2022-0971 CVE-2022-0972 CVE-2022-0973 CVE-2022-0974 CVE-2022-0975 CVE-2022-0976 CVE-2022-0977 CVE-2022-0978 CVE-2022-0979 CVE-2022-0980 CVE-2022-0337 https://www.google.com/intl/en/chrome/?standalone=1 CVE-2022-0778 https://github.com/openssl/openssl/commit/a466912611aa6cbdf550cd10601390e587451246 https://github.com/openssl/openssl/commit/3118eb64934499d93db3230748a452351d1d9a65 CVE-2022- 25636 https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/snapshot/nf-b1a5983f56e371046dcf164f90bfaf704d2b89f6.tar.gz CVE-2021-22986 https://support.f5.com/csp/article/K03009991 CVE-2018-13379 https://www.fortiguard.com/psirt/FG-IR-18-384 CVE-2021-25220 CVE-2022-0396 CVE-2022-0635 CVE-2022-0667 https://www.isc.org/bind/ Active Actors: Icon Name Origin Motive Exotic Lily Unknown Ecrime UAC-0056 (SaintBear, UNC2589, TA471) Russia Information theft Pandora Ransomware Gang Unknown Ecrime, Information theft, and Financial gain Lockbit 2.0 Unknown Financial gain Sandworm Team (ELECTRUM, Telebots, IRON VIKING, BlackEnergy (Group), Quedagh, VOODOO BEAR) Russia Sabotage anddestruction Targeted Location: Targeted Sectors: Common TTPs: TA0042: Resource Development TA0001: Initial Access TA0002: Execution TA0003: Persistence TA0004: Privilege Escalation TA0005: Defense Evasion TA0006: Credential Access T1587: Develop Capabilities T1190: Exploit Public-Facing Application T1059: Command and Scripting Interpreter T1547: Boot or Logon Autostart Execution T1547: Boot or Logon Autostart Execution T1562: Impair Defenses T1557: Adversary-in-the-Middle T1587.001: Malware T1133: External Remote Services T1059.007: JavaScript T1547.001: Registry Run Keys / Startup Folder T1547.001: Registry Run Keys / Startup Folder T1562.004: Disable or Modify System Firewall T1110: Brute Force T1588: Obtain Capabilities T1566: Phishing T1059.004: Unix Shell T1037: Boot or Logon Initialization Scripts T1037: Boot or Logon Initialization Scripts T1070: Indicator Removal on Host T1110.001: Password Guessing T1588.006: Vulnerabilities T1566.001: Spearphishing Attachment T1059.003: Windows Command Shell T1037.004: RC Scripts T1037.004: RC Scripts T1070.004: File Deletion T1056: Input Capture T1078: Valid Accounts T1203: Exploitation for Client Execution T1133: External Remote Services T1068: Exploitation for Privilege Escalation T1036: Masquerading T1056.004: Credential API Hooking T1204: User Execution T1556: Modify Authentication Process T1055: Process Injection T1036.005: Match Legitimate Name or Location T1556: Modify Authentication Process T1204.002: Malicious File T1137: Office Application Startup T1078: Valid Accounts T1556: Modify Authentication Process T1003: OS Credential Dumping T1047: Windows Management Instrumentation T1542: Pre-OS Boot T1112: Modify Registry T1003.003: NTDS T1542.001: System Firmware T1027: Obfuscated Files or Information T1137: Office Application Startup T1027.006: HTML Smuggling T1137.001: Office Template Macros T1027.002: Software Packing T1078: Valid Accounts T1542: Pre-OS Boot T1542.001: System Firmware T1055: Process Injection T1078: Valid Accounts T1497: Virtualization/Sandbox Evasion TA0007: Discovery TA0008: Lateral Movement TA0009: Collection TA0011: Command and Control TA0010: Exfiltration TA0040: Impact T1087: Account Discovery T1021: Remote Services T1557: Adversary-in-the-Middle T1071: Application Layer Protocol T1041: Exfiltration Over C2 Channel T1485: Data Destruction T1083: File and Directory Discovery T1021.001: Remote Desktop Protocol T1560: Archive Collected Data T1071.001: Web Protocols T1567: Exfiltration Over Web Service T1486: Data Encrypted for Impact T1057: Process Discovery T1021.002: SMB/Windows Admin Shares T1560.001: Archive via Utility T1132: Data Encoding T1567.002: Exfiltration to Cloud Storage T1565: Data Manipulation T1012: Query Registry T1056: Input Capture T1132.002: Non-Standard Encoding T1499: Endpoint Denial of Service T1018: Remote System Discovery T1056.004: Credential API Hooking T1573: Encrypted Channel T1499.004: Application or System Exploitation T1518: Software Discovery T1573.002: Asymmetric Cryptography T1490: Inhibit System Recovery T1082: System Information Discovery T1008: Fallback Channels T1498: Network Denial of Service T1497: Virtualization/Sandbox Evasion T1105: Ingress Tool Transfer T1498.001: Direct Network Flood T1571: Non-Standard Port T1090: Proxy T1090.003: Multi-hop Proxy Threat Advisories: Pandora Ransomware Targets Multiple Plants around the Globe LockBit 2.0 Ransomware affiliates targeting Renowned Organizations Sandworm Team using a new modular malware Cyclops Blink Environment Variables Leak affect Multiple browsers Major Content Management Systems affected by Multiple vulnerabilities New Threat Actor Exotic Lily acting as Initial Access Broker for Conti and Diavol ransomware group Russian threat actors leveraging misconfigured multifactor authentication to exploit PrintNightmare vulnerability Russian threat actor UAC-0056 targets European countries Multiple Google Chrome Vulnerabilities affects all Platforms Attackers could gain root access using vulnerability in Linux Kernel Netfilter Firewall OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop Attackers Escape Kubernetes Containers using “cr8escape” Vulnerability in CRI-O Russia under Attack from New RURansom Wiper
{"id": "HIVEPRO:B772F2F7B4C9AE8452D1197E2E240204", "vendorId": null, "type": "hivepro", "bulletinFamily": "info", "title": "Weekly Threat Digest: 14 \u2013 20 March 2022", "description": "For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 567 22 5 36 15 60 The third week of March 2022 witnessed the discovery of 567 vulnerabilities out of which 22 gained the attention of Threat Actors and security researchers worldwide. Among these 22, there were 2 vulnerabilities about which the National vulnerability Database (NVD) is awaiting analysis, while 2 more of them are undergoing reanalysis, and 14 were not present in the NVD at all. Hive Pro Threat Research Team has curated a list of 22 CVEs that require immediate action. Furthermore, we also observed five threat actor groups being highly active in the last week. The Sandworm Team, a well-known Russian threat actor group popular for sabotage and destruction, was observed using a new malware known as Cyclops Blink. Additionally, a new threat actor, Exotic Lily, was acting as Initial Access Broker (IAB) for Conti and Diavol ransomware groups exploiting the zero-day vulnerability in Microsoft MSHTML (CVE-2021-40444). Another threat actor from Russia, UAC-0056, was observed targeting Western European and North American ministries as well as private sectors. Two ransomware gangs, Pandora and Lockbit, were active across different organizations around the globe. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section below. Detailed Report: Interesting Vulnerabilities: Vendor CVEs Patch Link CVE-2021-20083 https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/ CVE-2022-24728 CVE-2022-24729 https://www.drupal.org/project/drupal/releases/9.2.15 https://www.drupal.org/project/drupal/releases/9.3.8 CVE-2022-0337 https://download3.operacdn.com/pub/opera/desktop/84.0.4316.42/win/Opera_84.0.4316.42_Setup_x64.exe CVE-2022-0337 https://files02.tchspt.com/temp/MicrosoftEdgeSetup.exe Vendor CVEs Patch Link CVE-2022-0971 CVE-2022-0972 CVE-2022-0973 CVE-2022-0974 CVE-2022-0975 CVE-2022-0976 CVE-2022-0977 CVE-2022-0978 CVE-2022-0979 CVE-2022-0980 CVE-2022-0337 https://www.google.com/intl/en/chrome/?standalone=1 CVE-2022-0778 https://github.com/openssl/openssl/commit/a466912611aa6cbdf550cd10601390e587451246 https://github.com/openssl/openssl/commit/3118eb64934499d93db3230748a452351d1d9a65 CVE-2022- 25636 https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/snapshot/nf-b1a5983f56e371046dcf164f90bfaf704d2b89f6.tar.gz CVE-2021-22986 https://support.f5.com/csp/article/K03009991 CVE-2018-13379 https://www.fortiguard.com/psirt/FG-IR-18-384 CVE-2021-25220 CVE-2022-0396 CVE-2022-0635 CVE-2022-0667 https://www.isc.org/bind/ Active Actors: Icon Name Origin Motive Exotic Lily Unknown Ecrime UAC-0056 (SaintBear, UNC2589, TA471) Russia Information theft Pandora Ransomware Gang Unknown Ecrime, Information theft, and Financial gain Lockbit 2.0 Unknown Financial gain Sandworm Team (ELECTRUM, Telebots, IRON VIKING, BlackEnergy (Group), Quedagh, VOODOO BEAR) Russia Sabotage anddestruction Targeted Location: Targeted Sectors: Common TTPs: TA0042: Resource Development TA0001: Initial Access TA0002: Execution TA0003: Persistence TA0004: Privilege Escalation TA0005: Defense Evasion TA0006: Credential Access T1587: Develop Capabilities T1190: Exploit Public-Facing Application T1059: Command and Scripting Interpreter T1547: Boot or Logon Autostart Execution T1547: Boot or Logon Autostart Execution T1562: Impair Defenses T1557: Adversary-in-the-Middle T1587.001: Malware T1133: External Remote Services T1059.007: JavaScript T1547.001: Registry Run Keys / Startup Folder T1547.001: Registry Run Keys / Startup Folder T1562.004: Disable or Modify System Firewall T1110: Brute Force T1588: Obtain Capabilities T1566: Phishing T1059.004: Unix Shell T1037: Boot or Logon Initialization Scripts T1037: Boot or Logon Initialization Scripts T1070: Indicator Removal on Host T1110.001: Password Guessing T1588.006: Vulnerabilities T1566.001: Spearphishing Attachment T1059.003: Windows Command Shell T1037.004: RC Scripts T1037.004: RC Scripts T1070.004: File Deletion T1056: Input Capture T1078: Valid Accounts T1203: Exploitation for Client Execution T1133: External Remote Services T1068: Exploitation for Privilege Escalation T1036: Masquerading T1056.004: Credential API Hooking T1204: User Execution T1556: Modify Authentication Process T1055: Process Injection T1036.005: Match Legitimate Name or Location T1556: Modify Authentication Process T1204.002: Malicious File T1137: Office Application Startup T1078: Valid Accounts T1556: Modify Authentication Process T1003: OS Credential Dumping T1047: Windows Management Instrumentation T1542: Pre-OS Boot T1112: Modify Registry T1003.003: NTDS T1542.001: System Firmware T1027: Obfuscated Files or Information T1137: Office Application Startup T1027.006: HTML Smuggling T1137.001: Office Template Macros T1027.002: Software Packing T1078: Valid Accounts T1542: Pre-OS Boot T1542.001: System Firmware T1055: Process Injection T1078: Valid Accounts T1497: Virtualization/Sandbox Evasion TA0007: Discovery TA0008: Lateral Movement TA0009: Collection TA0011: Command and Control TA0010: Exfiltration TA0040: Impact T1087: Account Discovery T1021: Remote Services T1557: Adversary-in-the-Middle T1071: Application Layer Protocol T1041: Exfiltration Over C2 Channel T1485: Data Destruction T1083: File and Directory Discovery T1021.001: Remote Desktop Protocol T1560: Archive Collected Data T1071.001: Web Protocols T1567: Exfiltration Over Web Service T1486: Data Encrypted for Impact T1057: Process Discovery T1021.002: SMB/Windows Admin Shares T1560.001: Archive via Utility T1132: Data Encoding T1567.002: Exfiltration to Cloud Storage T1565: Data Manipulation T1012: Query Registry T1056: Input Capture T1132.002: Non-Standard Encoding T1499: Endpoint Denial of Service T1018: Remote System Discovery T1056.004: Credential API Hooking T1573: Encrypted Channel T1499.004: Application or System Exploitation T1518: Software Discovery T1573.002: Asymmetric Cryptography T1490: Inhibit System Recovery T1082: System Information Discovery T1008: Fallback Channels T1498: Network Denial of Service T1497: Virtualization/Sandbox Evasion T1105: Ingress Tool Transfer T1498.001: Direct Network Flood T1571: Non-Standard Port T1090: Proxy T1090.003: Multi-hop Proxy Threat Advisories: Pandora Ransomware Targets Multiple Plants around the Globe LockBit 2.0 Ransomware affiliates targeting Renowned Organizations Sandworm Team using a new modular malware Cyclops Blink Environment Variables Leak affect Multiple browsers Major Content Management Systems affected by Multiple vulnerabilities New Threat Actor Exotic Lily acting as Initial Access Broker for Conti and Diavol ransomware group Russian threat actors leveraging misconfigured multifactor authentication to exploit PrintNightmare vulnerability Russian threat actor UAC-0056 targets European countries Multiple Google Chrome Vulnerabilities affects all Platforms Attackers could gain root access using vulnerability in Linux Kernel Netfilter Firewall OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop Attackers Escape Kubernetes Containers using \u201ccr8escape\u201d Vulnerability in CRI-O Russia under Attack from New RURansom Wiper", "published": "2022-03-23T04:17:40", "modified": "2022-03-23T04:17:40", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://www.hivepro.com/weekly-threat-digest-14-20-march-2022/", "reporter": "Hive Pro", "references": [], "cvelist": ["CVE-2018-13379", "CVE-2021-20083", "CVE-2021-22986", "CVE-2021-25220", "CVE-2021-40444", "CVE-2022-0337", "CVE-2022-0396", "CVE-2022-0635", "CVE-2022-0667", "CVE-2022-0778", "CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980", "CVE-2022-24728", "CVE-2022-24729"], "immutableFields": [], "lastseen": "2022-03-23T09:28:58", "viewCount": 68, "enchantments": {"score": {"value": 0.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "aix", "idList": ["BIND_ADVISORY21.ASC", "OPENSSL_ADVISORY35.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2022:1065", "ALSA-2022:5326"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-25220", "ALPINE:CVE-2022-0396"]}, {"type": "altlinux", "idList": ["2E3004A50A511D456BFC8F01DA1B9584", "462FD49112FE85163EF025EFB6E6CCFC", "4636D2B913915197381B9E5A8DFDA814", "8424D3136714C1E148DF8A2DC177DA9E", "A53966B4C9ED4C2C9B5D5AAE3C9142B6", "B5D2AC342D5901F5AF1CC0E7DD43E6F2", "B85C8F73B16A47F96ABD5E5F7F645891", "DC52777AA2FD41A330B63B883159C7F5"]}, {"type": "amazon", "idList": ["ALAS-2022-1575", "ALAS2-2022-1766"]}, {"type": "apple", "idList": ["APPLE:63CA0F4232480C58A7826938831F5D5B", "APPLE:9A4969F10DDA950938D09FB74CC40FF8", "APPLE:E82A2A3D978FD519CBF58A36F587B070"]}, {"type": "archlinux", "idList": ["ASA-202204-5"]}, {"type": "attackerkb", "idList": ["AKB:1FA9A53C-0452-4411-96C9-C0DD833F8D18", "AKB:35B88369-C440-49C0-98FF-C50E258FB32C", "AKB:91756851-9B25-4801-B911-E3226A0656B5", "AKB:930A50FF-16A2-4EA8-91C8-71360A643E5E", "AKB:B54A15A1-8D06-4902-83F9-DC10E40FA81A", "AKB:F7CCD0B7-220B-49E5-A4DF-27E26B64A3F0"]}, {"type": "avleonov", "idList": ["AVLEONOV:44DF3C4B3D05A7DC39FB6314F5D94892", "AVLEONOV:5945665DFA613F7707360C10CED8C916"]}, {"type": "centos", "idList": ["CESA-2022:1066"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-1187", "CPAI-2021-0198", "CPAI-2021-0554", "CPAI-2022-0088"]}, {"type": "checkpoint_security", "idList": ["CPS:SK178411", "CPS:SK179649"]}, {"type": "chrome", "idList": ["GCSA-3758141203538733592", "GCSA-7849219922267498677"]}, {"type": "cisa", "idList": ["CISA:1602F24139E2AB029448E5489B3B6427", "CISA:24BBE0D109CEB29CF9FC28CEA2AD0CFF", "CISA:A55091A825D08BAA55750010D4193771", "CISA:C70D91615E3DC8B589B493118D474566", "CISA:E46D6B22DC3B3F8B062C07BD8EA4CB7C", "CISA:FE8DC06D4609CF6B91DE778FC96E4ECD"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:451456E80A3A64E506E6D4333659CD7B", "CFOUNDRY:70F6C83FE70C685FC734A73A63029F17", "CFOUNDRY:FD0F51D81CC7E6A50C1B195DBA004E18"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1647550273", "CLSA-2022:1649331579"]}, {"type": "cve", "idList": ["CVE-2018-13379", "CVE-2021-20083", "CVE-2021-22986", "CVE-2021-25220", "CVE-2021-40444", "CVE-2022-0396", "CVE-2022-0635", "CVE-2022-0667", "CVE-2022-0778", "CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980", "CVE-2022-24728", "CVE-2022-24729"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2952-1:7651B", "DEBIAN:DLA-2953-1:551CB", "DEBIAN:DLA-2955-1:40374", "DEBIAN:DLA-2955-2:CDB18", "DEBIAN:DSA-5103-1:C47DD", "DEBIAN:DSA-5104-1:FCFAF", "DEBIAN:DSA-5105-1:A867B"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-25220", "DEBIANCVE:CVE-2022-0396", "DEBIANCVE:CVE-2022-0635", "DEBIANCVE:CVE-2022-0667", "DEBIANCVE:CVE-2022-0778", "DEBIANCVE:CVE-2022-0971", "DEBIANCVE:CVE-2022-0972", "DEBIANCVE:CVE-2022-0973", "DEBIANCVE:CVE-2022-0974", "DEBIANCVE:CVE-2022-0975", "DEBIANCVE:CVE-2022-0976", "DEBIANCVE:CVE-2022-0977", "DEBIANCVE:CVE-2022-0978", "DEBIANCVE:CVE-2022-0979", "DEBIANCVE:CVE-2022-0980", "DEBIANCVE:CVE-2022-24728", "DEBIANCVE:CVE-2022-24729"]}, {"type": "drupal", "idList": ["DRUPAL-SA-CORE-2022-005"]}, {"type": "dsquare", "idList": ["E-691"]}, {"type": "exploitdb", "idList": ["EDB-ID:47287", "EDB-ID:47288", "EDB-ID:49738"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6EF33E509C6C5002F8E81022F84C01B5", "EXPLOITPACK:E222442D181419B052AACE6DA4BC8485"]}, {"type": "f5", "idList": ["F5:K01369521", "F5:K11271225", "F5:K31323265", "F5:K56105136", "F5:K56142644", "F5:K74151369", "F5:K78285929"]}, {"type": "fedora", "idList": ["FEDORA:085C131A217A", "FEDORA:104BC30B6E6A", "FEDORA:520863093B6E", "FEDORA:81628313BD04", "FEDORA:9A9A730B7020", "FEDORA:9AC8330F8FAC", "FEDORA:9B072317D001", "FEDORA:A92C6304CAE7", "FEDORA:B95F63083D20", "FEDORA:BDD7F30B703F", "FEDORA:C1528310660B", "FEDORA:DABA7306C66B", "FEDORA:EC9B83099EF7", "FEDORA:F1803313B7CC"]}, {"type": "fortinet", "idList": ["FG-IR-18-384", "FG-IR-20-233", "FG-IR-22-059"]}, {"type": "freebsd", "idList": ["857BE71A-A4B0-11EC-95FC-3065EC8FD3EC", "ADD683BE-BD76-11EC-A06F-D4C9EF517024", "EA05C456-A4FD-11EC-90DE-1C697AA5A594"]}, {"type": "github", "idList": ["GHSA-4FC4-4P5G-6W89", "GHSA-X3MH-JVJW-3XWX"]}, {"type": "githubexploit", "idList": ["08530E98-10F4-5651-8118-F76E99D5856F", "0990FE6E-7DC3-559E-9B84-E739872B988C", "0C866B2A-86E3-5C5A-AA62-622683A9A0DA", "0D0DAF60-4F3C-5B17-8BAB-5A8A73BC25CC", "0E388E09-F00E-58B6-BEFE-026913357CE0", "0E965070-1EAE-59AA-86E6-41ADEFDAED7D", "111C9F44-593D-5E56-8040-615B48ED3E24", "215EF040-369B-5FBF-A9F5-F81833E29553", "24DE1902-4427-5442-BF63-7657293966E2", "28B1FAAB-984F-5469-BC0D-3861F3BCF3B5", "29AB2E6A-3E44-55A2-801D-2971FABB2E5D", "2DA0FD9C-9E20-5C51-A357-EB46391407F7", "37D2BE4F-9D7A-51CD-B802-2FAB35B39A4E", "48FD5EC4-10B3-5CB3-96C6-4D70E2A52EEF", "4E7397B3-57E1-5961-BE00-E340DD46B130", "588C33E5-7CDF-5EC7-9294-74B308DC6535", "588DA6EE-E603-5CF2-A9A3-47E98F68926C", "67F9A7F6-596E-5695-BCBF-B11FE476AD9E", "6BC80C90-569E-5084-8C0E-891F12F1805E", "72881C31-5BFD-5DAF-9D20-D6170EEC520D", "7333A285-768C-5AD9-B64E-0EC75F075597", "7643EC22-CCD0-56A6-9113-B5EF435E22FC", "7DE60C34-40B8-50E4-B1A0-FC1D10F97677", "820B842E-17F3-5249-AA71-076C88FB6F94", "88EFCA30-5DED-59FB-A476-A92F53D1497E", "8B907536-B213-590D-81B9-32CF4A55322E", "8CD90173-6341-5FAD-942A-A9617561026A", "91A5A7DD-3544-5856-890C-F8D738DAC6F4", "9366C7C7-BF57-5CFF-A1B5-8D8CF169E72A", "9E6B39D2-4F46-5C9D-81B9-32A2C96CBAD8", "AAFEAA7E-81B7-5CE7-9E2F-16828CC5468F", "B7D137AD-216F-5D27-9D7B-6F3B5EEB266D", "B96958C0-96FF-52FF-A4B1-CE6F774F0C6F", "B9C2639D-9C07-5F11-B663-C144F457A9F7", "BF090D08-5787-5245-85E4-88DA87E8EC1D", "CC6DFDC6-184F-5748-A9EC-946E8BA5FB04", "CCA69DF0-1EB2-5F30-BEC9-04ED43F42EA5", "DD5D2BF7-BE9D-59EA-8DF2-D85AEC13A4A0", "E06577DB-A581-55E1-968E-81430C294A84", "F5CEF191-B04C-5FC5-82D1-3B728EC648A9", "F6F649DA-905A-5158-B6BD-5A1F1F740C68", "FBB2DA29-1A11-5D78-A28C-1BF3821613AC", "FF761088-559C-5E71-A5CD-196D4E4571B8"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:3B4F7E79DDCD0AFF3B9BB86429182DCA", "GOOGLEPROJECTZERO:CA925EE6A931620550EF819815B14156"]}, {"type": "hivepro", "idList": ["HIVEPRO:1825C4046C6054693C41D7D5DFD7BA10", "HIVEPRO:9C6CEB2A89436A8E8258183E6D6830FB", "HIVEPRO:D96F886304BCBB7550726C207C2FE66E", "HIVEPRO:E57DA2FED4B890B898EFA2B68C657043", "HIVEPRO:E8FD3A77E9767CCAEFD160DF64A486A3", "HIVEPRO:FD730BCAD086DD8C995242D13B38EBC8"]}, {"type": "ibm", "idList": ["022A2D60DD1C4A293CF52F8F73A53B3FC2E53AEC5EA7FFEDF9C4763EF2B5B80A", "091D253C3C5F4EDDB1A7482046BA793909C45D2702BF1CCF8D674C8DF0ACEA59", "0D85E5287523B83245752DC2E09287130E098DCDD6446DA2E1DF6BC26D74E767", "102DE7B07E2C763A08E3117F8BAFADC95832E666C453110C7D4275D703394EF5", "14108283F9157C4F2A38313CFBD3F47CFDC207CBE84809E04B7E197DA546B8D3", "19E6F6BF59A10C956F5C8D810D4B516674147E88F5FC3EC5B22031456700CB08", "1D375703477B8434B33880D4C2BC54C4F52207A530C550AD113F53DC33F805E9", "28AF07FA415EFB4C0600E47198E77EFE267BF4907EB58703528CAAFC4FB07FDE", "364F8FB9BA353F400B4546D33999F70FA4F7E3F35D42B5932DC73C08163112D3", "3D44B41FEB67A37C1F1602DF3E14EAB1A680D6DE2E68AAD59DBA34352E7EEAF6", "4395DB4E66F99889DAFD2A4877F5DD63D932E1BAF718AD9DFD8050BE89AE7B39", "4C10A98BEE68D0B96F2823756EDF99AFABFD6558C7AACA794EB853BCFD69F5B6", "4D418072EF70FC6F139FDB28385D743AB06B7D59DAB60157E90FE2A5B7A7252A", "5F4A0C2884928132058FB1F6A2A491E93E6AD59F7652C09398215C3B1702DA1D", "6137CA688C891413F0689149C983EA31FBA87F4C104EEF74658D6F747C2CE707", "6276DBA59ED42176EC7E2927F0A75BDBAC09FF340317BE665F741C4CDC851A7B", "677B50D118494C17178E83DB6E0C50351EE6636792748E40043E3B9FBFAD274E", "6CAE2D44529EB3ACB88F1CD69BAC17D0CEAF1019A014DB789505665B46AF09B8", "742165674E677DC9026C3F2D2245AFC118A59A752987D90E7AA7D17B911AC473", "7DE31DC20B322964CB6C48106E631D9D14B3967BD45EF2F7D2C8FA587E1AB212", "8107BB155AFB4DEF24A8F7E9A5B84FB121DF87688100C00C435732A2636A741D", "8BA9843CD049A6B3B2568D750B3B848AF7F394867B3914172C3057506982747A", "94578790186F82FB4CA8CF47D896821629E95BE4B528A7A545C9950614CA8636", "9571CC4C328FC49BDE460E3DDB8089A16540E8193A13ACAE69B87BCD550C3EF1", "98283CFA95F6BF8734797F60CE0F1633CDE2F2CFE8B1C29D35562086E63F1486", "9BDA6E33706D0CA5C43FCD01EF51E48EB25CD2D133A018AEDB2FE563EC3BD7DC", "9C01855DE792DB516073FE7D57766225D3D1F4F50386D124FC6880AE615E0F6A", "A5D273C4869530B1BDDB415E45BEC7D916490C3278ABAC423D76AA509827EAA0", "A654DFD6FE6FCF2884AC0707849B43D4C36CBD6723597614360CB1EFD332EC39", "C0C635C3D1BDFFF4279719843730FED33753DFD9A52C5B43AE4A48433A539739", "C815D5BA0527F8CF454767B7D16A6B819AF9B998FAC3AFC2A63E79F6A57AD83A", "CA6E62CB32AA91296638D9DAB5072711CB69A35615F7FC69D8B55BD25BE71F67", "CD40DD149C78115FC5E14131A8469B7F2D7DDB0549913613CBD15A792ECBBE37", "CE17FB486A383FDA7CA58E6E9EBC670CBD8C99F75AB7AAF454F6CC73755CB8C6", "CEF374057D7807F5D35968E4C55414081A5A0BD61843509DA73FCFE986EFFD24", "DDD4AB992BDFCF47B1C63583774DFCACB217D68082641AA2E66EEFE336297568", "F022B1455D4614E425E2D78BC02FFB6A7F2D5B177BF3F93F521E8EFBA5BEE1DE", "F117DBDFED6B212106F9E2337E83226A94DDA2D7BE2380A5E5AACD18D954EB5B", "F3F852CA57F1D635AD9D70D1C461917BDB89BE30E041807BC8773FD8BCD92529", "FC67824EDEA7266EC4ACC4A9FF987D99A6B7A246B5DEA115F33425EDCEE6D155"]}, {"type": "ics", "idList": ["ICSA-22-132-02", "ICSA-22-167-14"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:3D5A9B1B55D73BE6810D0DB036F8B83F"]}, {"type": "kaspersky", "idList": ["KLA12277", "KLA12278", "KLA12490"]}, {"type": "kitploit", "idList": ["KITPLOIT:119877528847056004", "KITPLOIT:1244156083583318186", "KITPLOIT:1624142243530526923", "KITPLOIT:2590785192528609562", "KITPLOIT:2686676167278919598", "KITPLOIT:2722328714476257207", "KITPLOIT:3456474172768099634", "KITPLOIT:3532211766929466258", "KITPLOIT:3697667464193804316", "KITPLOIT:4033244480100620751", "KITPLOIT:4074521293617632933", "KITPLOIT:4425790137948714912", "KITPLOIT:5187040326820919368", "KITPLOIT:5230148353750207837", "KITPLOIT:5376485594298165648", "KITPLOIT:5397133847150975825", "KITPLOIT:5563730483162396602", "KITPLOIT:5829195600312197311", "KITPLOIT:6516544912632048506", "KITPLOIT:698315176468431184", "KITPLOIT:7070039119688478663", "KITPLOIT:763105754466120590", "KITPLOIT:816704453339226193", "KITPLOIT:942518396640901655", "KITPLOIT:965198862441671998"]}, {"type": "krebs", "idList": ["KREBS:2EC42B845847A6DCFE50ECEB9FF61C29", "KREBS:409088FC2DFC219B74043104C2B672CC"]}, {"type": "mageia", "idList": ["MGASA-2022-0043", "MGASA-2022-0107", "MGASA-2022-0108", "MGASA-2022-0113"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:1476491C6EB2E7829EC63A183A35CE8B", "MALWAREBYTES:76333D1F0FCAFD79FA2EDD4A4CAFBB38", "MALWAREBYTES:801E20618F96EF51F9E60F7BC7906C2B", "MALWAREBYTES:80B21E934B1C43C7071F039FE9512208", "MALWAREBYTES:BAB94968DD1EC37DA6F977226977DAF5", "MALWAREBYTES:DB54B348AF1AC41987150B5CE7B1BC66", "MALWAREBYTES:F1563A57212EB7AEC347075E94FF1605", "MALWAREBYTES:FC8647475CCD473D01B5C0257286E101"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-HTTP-F5_ICONTROL_REST_SSRF_RCE-", "MSF:EXPLOIT-WINDOWS-FILEFORMAT-WORD_MSHTML_RCE-"]}, {"type": "mmpc", "idList": ["MMPC:27EEFD67E5E7E712750B1472E15C5A0B", "MMPC:795E0A765679492C51FEFA2B19EAD597", "MMPC:A2F131E46442125176E4853C860A816C", "MMPC:C0F4687B18D53FB9596AD4FDF77092D8"]}, {"type": "mscve", "idList": ["MS:CVE-2021-40444", "MS:CVE-2022-0971", "MS:CVE-2022-0972", "MS:CVE-2022-0973", "MS:CVE-2022-0974", "MS:CVE-2022-0975", "MS:CVE-2022-0976", "MS:CVE-2022-0977", "MS:CVE-2022-0978", "MS:CVE-2022-0979", "MS:CVE-2022-0980"]}, {"type": "mskb", "idList": ["KB5005563"]}, {"type": "mssecure", "idList": ["MSSECURE:27EEFD67E5E7E712750B1472E15C5A0B", "MSSECURE:795E0A765679492C51FEFA2B19EAD597", "MSSECURE:A2F131E46442125176E4853C860A816C", "MSSECURE:C0F4687B18D53FB9596AD4FDF77092D8"]}, {"type": "nessus", "idList": ["701394.PASL", "AL2_ALAS-2022-1766.NASL", "AL2_ALASNITRO-ENCLAVES-2022-018.NASL", "ALA_ALAS-2022-1575.NASL", "ALMA_LINUX_ALSA-2022-5326.NASL", "BIND9_9181.NASL", "BIND9_CVE-2021-25220.NASL", "BIND9_CVE-2022-0396.NASL", "BIND9_CVE-2022-0667.NASL", "CENTOS_RHSA-2022-1066.NASL", "DEBIAN_DLA-2952.NASL", "DEBIAN_DLA-2953.NASL", "DEBIAN_DLA-2955.NASL", "DEBIAN_DSA-5103.NASL", "DEBIAN_DSA-5104.NASL", "DEBIAN_DSA-5105.NASL", "DELL_WYSE_MANAGEMENT_SUITE_DSA-2022-098.NASL", "DRUPAL_9_3_8.NASL", "EULEROS_SA-2022-1545.NASL", "EULEROS_SA-2022-1546.NASL", "EULEROS_SA-2022-1547.NASL", "EULEROS_SA-2022-1559.NASL", "EULEROS_SA-2022-1578.NASL", "EULEROS_SA-2022-1753.NASL", "EULEROS_SA-2022-1754.NASL", "EULEROS_SA-2022-1783.NASL", "EULEROS_SA-2022-1795.NASL", "EULEROS_SA-2022-1800.NASL", "EULEROS_SA-2022-1812.NASL", "EULEROS_SA-2022-1833.NASL", "EULEROS_SA-2022-1849.NASL", "EULEROS_SA-2022-1853.NASL", "EULEROS_SA-2022-1857.NASL", "EULEROS_SA-2022-1873.NASL", "EULEROS_SA-2022-1877.NASL", "EULEROS_SA-2022-1922.NASL", "EULEROS_SA-2022-2019.NASL", "EULEROS_SA-2022-2032.NASL", "EULEROS_SA-2022-2047.NASL", "EULEROS_SA-2022-2060.NASL", "EULEROS_SA-2022-2176.NASL", "EULEROS_SA-2022-2186.NASL", "EULEROS_SA-2022-2190.NASL", "EULEROS_SA-2022-2195.NASL", "EULEROS_SA-2022-2205.NASL", "EULEROS_SA-2022-2209.NASL", "F5_BIGIP_SOL03009991.NASL", "F5_BIGIP_SOL31323265.NASL", "F5_CVE-2021-22986.NBIN", "FORTIOS_FG-IR-18-384.NASL", "FORTIOS_FG-IR-18-384_DIRECT.NASL", "FREEBSD_PKG_857BE71AA4B011EC95FC3065EC8FD3EC.NASL", "FREEBSD_PKG_EA05C456A4FD11EC90DE1C697AA5A594.NASL", "GOOGLE_CHROME_97_0_4692_71.NASL", "GOOGLE_CHROME_99_0_4844_74.NASL", "MACOSX_FORTIOS_FG-IR-18-384.NASL", "MACOSX_GOOGLE_CHROME_97_0_4692_71.NASL", "MACOSX_GOOGLE_CHROME_99_0_4844_74.NASL", "MACOS_HT213255.NASL", "MACOS_HT213256.NASL", "MACOS_HT213257.NASL", "MARIADB_10_2_42.NASL", "MARIADB_10_3_33.NASL", "MARIADB_10_4_23.NASL", "MARIADB_10_5_14.NASL", "MARIADB_10_6_6.NASL", "MARIADB_10_7_2.NASL", "MICROSOFT_EDGE_CHROMIUM_99_0_1150_46.NASL", "MYSQL_5_7_38.NASL", "MYSQL_8_0_29.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_30.NASL", "NESSUS_TNS_2022_06.NASL", "NNM_6_0_1.NASL", "OPENSSL_1_0_2ZD.NASL", "OPENSSL_1_1_1N.NASL", "OPENSSL_3_0_2.NASL", "OPENSUSE-2022-0085-1.NASL", "OPENSUSE-2022-0856-1.NASL", "OPENSUSE-2022-0945-1.NASL", "OPENSUSE-2022-0946-1.NASL", "ORACLELINUX_ELSA-2022-1065.NASL", "ORACLELINUX_ELSA-2022-1066.NASL", "ORACLELINUX_ELSA-2022-4899.NASL", "ORACLELINUX_ELSA-2022-5326.NASL", "ORACLELINUX_ELSA-2022-9224.NASL", "ORACLELINUX_ELSA-2022-9225.NASL", "ORACLELINUX_ELSA-2022-9233.NASL", "ORACLELINUX_ELSA-2022-9237.NASL", "ORACLELINUX_ELSA-2022-9243.NASL", "ORACLELINUX_ELSA-2022-9246.NASL", "ORACLELINUX_ELSA-2022-9249.NASL", "ORACLELINUX_ELSA-2022-9255.NASL", "ORACLELINUX_ELSA-2022-9258.NASL", "ORACLELINUX_ELSA-2022-9272.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_APR_2022.NASL", "ORACLE_MYSQL_WORKBENCH_8_0_29.NASL", "ORACLE_RDBMS_CPU_JUL_2022.NASL", "PALO_ALTO_CVE-2022-0778.NASL", "REDHAT-RHSA-2022-1065.NASL", "REDHAT-RHSA-2022-1066.NASL", "REDHAT-RHSA-2022-1071.NASL", "REDHAT-RHSA-2022-1073.NASL", "REDHAT-RHSA-2022-1076.NASL", "REDHAT-RHSA-2022-1077.NASL", "REDHAT-RHSA-2022-1078.NASL", "REDHAT-RHSA-2022-1082.NASL", "REDHAT-RHSA-2022-1091.NASL", "REDHAT-RHSA-2022-1112.NASL", "REDHAT-RHSA-2022-1263.NASL", "REDHAT-RHSA-2022-1389.NASL", "REDHAT-RHSA-2022-1519.NASL", "REDHAT-RHSA-2022-4896.NASL", "REDHAT-RHSA-2022-4899.NASL", "REDHAT-RHSA-2022-5326.NASL", "ROCKY_LINUX_RLSA-2022-1065.NASL", "SECURITYCENTER_5_21_0_TNS_2022_04_1.NASL", "SLACKWARE_SSA_2022-076-01.NASL", "SLACKWARE_SSA_2022-076-02.NASL", "SLACKWARE_SSA_2022-080-01.NASL", "SMB_NT_MS21_IE_SEPT_2021.NASL", "SMB_NT_MS21_SEP_5005565.NASL", "SMB_NT_MS21_SEP_5005566.NASL", "SMB_NT_MS21_SEP_5005568.NASL", "SMB_NT_MS21_SEP_5005569.NASL", "SMB_NT_MS21_SEP_5005573.NASL", "SMB_NT_MS21_SEP_5005613.NASL", "SMB_NT_MS21_SEP_INTERNET_EXPLORER.NASL", "SUSE_SU-2022-0851-1.NASL", "SUSE_SU-2022-0853-1.NASL", "SUSE_SU-2022-0854-1.NASL", "SUSE_SU-2022-0856-1.NASL", "SUSE_SU-2022-0857-1.NASL", "SUSE_SU-2022-0859-1.NASL", "SUSE_SU-2022-0860-1.NASL", "SUSE_SU-2022-0908-1.NASL", "SUSE_SU-2022-0935-1.NASL", "SUSE_SU-2022-0945-1.NASL", "SUSE_SU-2022-0946-1.NASL", "SUSE_SU-2022-1459-1.NASL", "SUSE_SU-2022-1461-1.NASL", "SUSE_SU-2022-1462-1.NASL", "SUSE_SU-2022-14915-1.NASL", "SUSE_SU-2022-14916-1.NASL", "SUSE_SU-2022-1616-1.NASL", "TENABLE_NESSUS_AGENT_TNS-2022-07.NASL", "UBUNTU_USN-5328-1.NASL", "UBUNTU_USN-5328-2.NASL", "UBUNTU_USN-5332-1.NASL", "UBUNTU_USN-5332-2.NASL", "WEB_APPLICATION_SCANNING_112719", "WEB_APPLICATION_SCANNING_113204", "WEB_APPLICATION_SCANNING_113206"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2022-0778"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2022", "ORACLE:CPUJUL2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-1065", "ELSA-2022-1066", "ELSA-2022-5326", "ELSA-2022-9224", "ELSA-2022-9225", "ELSA-2022-9233", "ELSA-2022-9237", "ELSA-2022-9243", "ELSA-2022-9246", "ELSA-2022-9249", "ELSA-2022-9255", "ELSA-2022-9258", "ELSA-2022-9272"]}, {"type": "osv", "idList": ["OSV:DLA-2952-1", "OSV:DLA-2953-1", "OSV:DLA-2955-1", "OSV:DSA-5103-1", "OSV:DSA-5104-1", "OSV:DSA-5105-1", "OSV:GHSA-4FC4-4P5G-6W89", "OSV:GHSA-X3MH-JVJW-3XWX", "OSV:RUSTSEC-2022-0014"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:154146", "PACKETSTORM:154147", "PACKETSTORM:162059", "PACKETSTORM:162066", "PACKETSTORM:165214", "PACKETSTORM:167317"]}, {"type": "paloalto", "idList": ["PA-CVE-2022-0778"]}, {"type": "pentestpartners", "idList": ["PENTESTPARTNERS:E6B48FF79C5D0D1E4DD360F6010F2A93"]}, {"type": "photon", "idList": ["PHSA-2022-0162", "PHSA-2022-0168", "PHSA-2022-0373", "PHSA-2022-0375", "PHSA-2022-0452", "PHSA-2022-0467", "PHSA-2022-0479"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "QUALYSBLOG:01C65083E501A6BAFB08FCDA1D561012", "QUALYSBLOG:282A52EA9B1F4C4F3F084197709217B0", "QUALYSBLOG:5576D16DC39617927D8AEFF027CC0911", "QUALYSBLOG:5A5094DBFA525D07EBC3EBA036CDF81A", "QUALYSBLOG:8DC9B53E981BBE193F6EC369D7FA85F8", "QUALYSBLOG:BC22CE22A3E70823D5F0E944CBD5CE4A", "QUALYSBLOG:CAF5B766E6B0E6C1A5ADF56D442E7BB2"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:5109AC30126DB59333F13ED32F7F4713", "RAPID7BLOG:5721EC0F74BC2FA3F661282E284C798A", "RAPID7BLOG:72759E1136A76135F26DD97485912606", "RAPID7BLOG:764CA6BDCBE5F8F001B5E508AE0659CC", "RAPID7BLOG:AE824D3989C792700A622C455D8EE160", "RAPID7BLOG:CC071AA6971D64B0F7A596B2BBD5F046"]}, {"type": "redhat", "idList": ["RHSA-2022:1065", "RHSA-2022:1066", "RHSA-2022:1071", "RHSA-2022:1073", "RHSA-2022:1076", "RHSA-2022:1077", "RHSA-2022:1078", "RHSA-2022:1082", "RHSA-2022:1091", "RHSA-2022:1112", "RHSA-2022:1263", "RHSA-2022:1356", "RHSA-2022:1357", "RHSA-2022:1363", "RHSA-2022:1370", "RHSA-2022:1389", "RHSA-2022:1390", "RHSA-2022:1396", "RHSA-2022:1476", "RHSA-2022:1519", "RHSA-2022:1520", "RHSA-2022:1622", "RHSA-2022:1734", "RHSA-2022:1739", "RHSA-2022:1747", "RHSA-2022:2216", "RHSA-2022:2217", "RHSA-2022:2218", "RHSA-2022:4668", "RHSA-2022:4690", "RHSA-2022:4896", "RHSA-2022:4899", "RHSA-2022:4956", "RHSA-2022:5132", "RHSA-2022:5326", "RHSA-2022:5840", "RHSA-2022:5924"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-25220", "RH:CVE-2022-0396", "RH:CVE-2022-0635", "RH:CVE-2022-0667", "RH:CVE-2022-0778", "RH:CVE-2022-0973"]}, {"type": "rocky", "idList": ["RLSA-2022:1065"]}, {"type": "rustsec", "idList": ["RUSTSEC-2022-0014"]}, {"type": "securelist", "idList": ["SECURELIST:11665FFD7075FB9D59316195101DE894", "SECURELIST:29152837444B2A7E5A9B9FCB107DAB36", "SECURELIST:63306FA6D056BD9A04969409AC790D84", "SECURELIST:86368EF0EA7DAA3D2AB20E0597A62656", "SECURELIST:C50F1C7ECAFB8BD5FDEDAA29493B81A6", "SECURELIST:C540EBB7FD8B7FB9E54E119E88DB5C48"]}, {"type": "seebug", "idList": ["SSV:99156"]}, {"type": "slackware", "idList": ["SSA-2022-076-01", "SSA-2022-076-02", "SSA-2022-080-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0085-1", "OPENSUSE-SU-2022:0856-1", "OPENSUSE-SU-2022:0945-1", "OPENSUSE-SU-2022:0946-1", "SUSE-SU-2022:1461-1", "SUSE-SU-2022:1462-1"]}, {"type": "thn", "idList": ["THN:1ED1BB1B7B192353E154FB0B02F314F4", "THN:3266EB2F73FA4A955845C8FEBA4E73C5", "THN:3E9680853FA3A677106A8ED8B7AACBE6", "THN:461B7AEC7D12A32B4ED085F0EA213502", "THN:4959B86491B72239BCAF1958D167D57D", "THN:4CD6AEBFF705DD178769DA927390CFFD", "THN:4E80D9371FAC9B29044F9D8F732A3AD5", "THN:59AE75C78D4644BFA6AD90225B3DE0C1", "THN:67ECC712AB360F5A56F2434CDBF6B51F", "THN:80D2DBC4130D9FF314BDC4C19EB5CD4E", "THN:8198C407B889F0B459BC5B078A2D620C", "THN:8483C1B45A5D7BF5D501DE72F5898935", "THN:8A60310AB796B7372A105B7C8811306B", "THN:8BA951AD00E17C72D6321234DBF80D19", "THN:91A2A296EF8B6FD5CD8B904690E810E8", "THN:959FD46A8D71CA9DDAEDD6516113CE3E", "THN:9994A9D5CFB76851BB74C8AD52F3DBBE", "THN:B878F356832352DE3255B00CFB12A5B7", "THN:B95DC27A89565323F0F8E6350D24D801", "THN:BD014635C5F702379060A20290985162", "THN:C3B82BB0558CF33CFDC326E596AF69C4", "THN:C4188C7A44467E425407D33067C14094", "THN:D31DB501A57ADE0C1DBD12724D8CA44C", "THN:D4E86BD8938D3B2E15104CA4922A51F8", "THN:E7762183A6F7B3DDB942D3F1F99748F6", "THN:EAEDDF531EB90375B350E1580DE3DD02", "THN:F25FAD25E15EBBE4934883ABF480294D", "THN:F35E41E26872B23A7F620C6D8F7E2334", "THN:FBDAEC0555EDC3089DC0966D121E0BCE", "THN:FCBB400B24C7B24CD6B5136FA8BE38D3"]}, {"type": "threatpost", "idList": ["THREATPOST:1D03F5885684829E899CEE4F63F5AC27", "THREATPOST:1FB73160B6AAB2B0406816BB6A61E4CB", "THREATPOST:2018FCCB3FFD46BACD36ADBC6C9013CE", "THREATPOST:2DFBDDFFE3121143D95705C4EA525C7A", "THREATPOST:2E607CF584AE6639AC690F7F0CE8C648", "THREATPOST:35A43D6CB9FAF8966F5C0D20045D1166", "THREATPOST:3C3F20C93519036CC712D1CA3A6D7C48", "THREATPOST:3CC83DBBAFE2642F4E6D533DDC400BF6", "THREATPOST:4C8D995307A845304CF691725B2352A2", "THREATPOST:4C9E0FFA5C914E395A66D2DC65B16649", "THREATPOST:604B67FD6EFB0E72DDD87DF07C8F456D", "THREATPOST:62DC935BF4DB4EF8A4F1E83519B1D5CD", "THREATPOST:6D61C560E85ECD0A7A35C55E74849510", "THREATPOST:71C45E867DCD99278A38088B59938B48", "THREATPOST:8A56F3FFA956FB0BB2BB4CE451C3532C", "THREATPOST:A98C64CB9BDDE55F51C984B749753904", "THREATPOST:B2FEDF3EA50507F526C77105093E8977", "THREATPOST:BC4ECD6616ADCCFFD5717D0A9A0D065B", "THREATPOST:BE0B5E93BD5FBBCB893FDDFE5348FDE9"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:E0C479F55DF4C53A47CA2170110555AE", "TRENDMICROBLOG:E17B66F8728189778826A0F497A540F2"]}, {"type": "ubuntu", "idList": ["USN-5328-1", "USN-5328-2", "USN-5332-1", "USN-5332-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-25220", "UB:CVE-2022-0396", "UB:CVE-2022-0635", "UB:CVE-2022-0667", "UB:CVE-2022-0778", "UB:CVE-2022-0971", "UB:CVE-2022-0972", "UB:CVE-2022-0973", "UB:CVE-2022-0974", "UB:CVE-2022-0975", "UB:CVE-2022-0976", "UB:CVE-2022-0977", "UB:CVE-2022-0978", "UB:CVE-2022-0979", "UB:CVE-2022-0980", "UB:CVE-2022-24728", "UB:CVE-2022-24729"]}, {"type": "veracode", "idList": ["VERACODE:30166", "VERACODE:34716", "VERACODE:34722", "VERACODE:34723", "VERACODE:34740", "VERACODE:34749", "VERACODE:34811", "VERACODE:34812", "VERACODE:34813", "VERACODE:34814", "VERACODE:34815", "VERACODE:34816", "VERACODE:34817", "VERACODE:34818", "VERACODE:34819", "VERACODE:34820", "VERACODE:34821", "VERACODE:34822"]}, {"type": "wordfence", "idList": ["WORDFENCE:13D94F58F9B2F4F6E97E33E774515FE1"]}, {"type": "zdt", "idList": ["1337DAY-ID-33133", "1337DAY-ID-33134", "1337DAY-ID-36066", "1337DAY-ID-36067", "1337DAY-ID-37126", "1337DAY-ID-37488"]}]}, "epss": [{"cve": "CVE-2018-13379", "epss": "0.974950000", "percentile": "0.999510000", "modified": "2023-03-19"}, {"cve": "CVE-2021-20083", "epss": "0.009310000", "percentile": "0.806170000", "modified": "2023-03-19"}, {"cve": "CVE-2021-22986", "epss": "0.975150000", "percentile": "0.999680000", "modified": "2023-03-19"}, {"cve": "CVE-2021-25220", "epss": "0.001880000", "percentile": "0.546450000", "modified": "2023-03-19"}, {"cve": "CVE-2021-40444", "epss": "0.966120000", "percentile": "0.993310000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0337", "epss": "0.000970000", "percentile": "0.389530000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0396", "epss": "0.000710000", "percentile": "0.289780000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0635", "epss": "0.000530000", "percentile": "0.189860000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0667", "epss": "0.000530000", "percentile": "0.189860000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0778", "epss": "0.021980000", "percentile": "0.876710000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0971", "epss": "0.000840000", "percentile": "0.339760000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0972", "epss": "0.000590000", "percentile": "0.228000000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0973", "epss": "0.000820000", "percentile": "0.332130000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0974", "epss": "0.000840000", "percentile": "0.339760000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0975", "epss": "0.000840000", "percentile": "0.339760000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0976", "epss": "0.000840000", "percentile": "0.340010000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0977", "epss": "0.000820000", "percentile": "0.332130000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0978", "epss": "0.000840000", "percentile": "0.339760000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0979", "epss": "0.000840000", "percentile": "0.339760000", "modified": "2023-03-19"}, {"cve": "CVE-2022-0980", "epss": "0.000590000", "percentile": "0.228000000", "modified": "2023-03-19"}, {"cve": "CVE-2022-24728", "epss": "0.001050000", "percentile": "0.414090000", "modified": "2023-03-19"}, {"cve": "CVE-2022-24729", "epss": "0.000880000", "percentile": "0.358850000", "modified": "2023-03-19"}], "vulnersScore": 0.3}, "_state": {"score": 1698844884, "dependencies": 1660032824, "epss": 1679286968}, "_internal": {"score_hash": "6f3c4b5f49a387f6d95c1c4ec5ca99e3"}}
{"nessus": [{"lastseen": "2023-11-07T16:26:42", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 857be71a-a4b0-11ec-95fc-3065ec8fd3ec advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-16T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (857be71a-a4b0-11ec-95fc-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_857BE71AA4B011EC95FC3065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/158983", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158983);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0120-S\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (857be71a-a4b0-11ec-95fc-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 857be71a-a4b0-11ec-95fc-3065ec8fd3ec advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?43ad24da\");\n # https://vuxml.freebsd.org/freebsd/857be71a-a4b0-11ec-95fc-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8701a948\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0980\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'chromium<98.0.4844.74'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:27", "description": "The version of Google Chrome installed on the remote Windows host is prior to 99.0.4844.74. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop_15 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-15T00:00:00", "type": "nessus", "title": "Google Chrome < 99.0.4844.74 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-03-21T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_99_0_4844_74.NASL", "href": "https://www.tenable.com/plugins/nessus/158936", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158936);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0120-S\");\n\n script_name(english:\"Google Chrome < 99.0.4844.74 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 99.0.4844.74. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop_15 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?43ad24da\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299422\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1301320\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1297498\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1291986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1295411\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1296866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299225\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299264\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1302644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1302157\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 99.0.4844.74 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0980\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'99.0.4844.74', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:27", "description": "The version of Google Chrome installed on the remote macOS host is prior to 99.0.4844.74. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop_15 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-15T00:00:00", "type": "nessus", "title": "Google Chrome < 99.0.4844.74 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_99_0_4844_74.NASL", "href": "https://www.tenable.com/plugins/nessus/158935", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158935);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0120-S\");\n\n script_name(english:\"Google Chrome < 99.0.4844.74 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 99.0.4844.74. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop_15 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?43ad24da\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299422\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1301320\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1297498\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1291986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1295411\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1296866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299225\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299264\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1302644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1302157\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 99.0.4844.74 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0980\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'99.0.4844.74', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:43:09", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0085-1 advisory.\n\n - Use after free in Blink Layout. (CVE-2022-0971)\n\n - Use after free in Extensions. (CVE-2022-0972)\n\n - Use after free in Safe Browsing. (CVE-2022-0973, CVE-2022-0979)\n\n - : Use after free in Splitscreen. (CVE-2022-0974)\n\n - Use after free in ANGLE. (CVE-2022-0975, CVE-2022-0978)\n\n - Heap buffer overflow in GPU. (CVE-2022-0976)\n\n - Use after free in Browser UI. (CVE-2022-0977)\n\n - Use after free in New Tab Page. (CVE-2022-0980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0085-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0085-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159078", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0085-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159078);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0120-S\");\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0085-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0085-1 advisory.\n\n - Use after free in Blink Layout. (CVE-2022-0971)\n\n - Use after free in Extensions. (CVE-2022-0972)\n\n - Use after free in Safe Browsing. (CVE-2022-0973, CVE-2022-0979)\n\n - : Use after free in Splitscreen. (CVE-2022-0974)\n\n - Use after free in ANGLE. (CVE-2022-0975, CVE-2022-0978)\n\n - Heap buffer overflow in GPU. (CVE-2022-0976)\n\n - Use after free in Browser UI. (CVE-2022-0977)\n\n - Use after free in New Tab Page. (CVE-2022-0980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197163\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4Z4LLOJXXGP4GXUSNG4BEUSYEPI3FBAL/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ef39fd6c\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0976\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0980\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0980\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-99.0.4844.74-bp153.2.69.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-99.0.4844.74-bp153.2.69.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-99.0.4844.74-bp153.2.69.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-99.0.4844.74-bp153.2.69.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:31", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5104 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "Debian DSA-5104-1 : chromium - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium", "p-cpe:/a:debian:debian_linux:chromium-common", "p-cpe:/a:debian:debian_linux:chromium-driver", "p-cpe:/a:debian:debian_linux:chromium-l10n", "p-cpe:/a:debian:debian_linux:chromium-sandbox", "p-cpe:/a:debian:debian_linux:chromium-shell", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5104.NASL", "href": "https://www.tenable.com/plugins/nessus/159112", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5104. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159112);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\"\n );\n\n script_name(english:\"Debian DSA-5104-1 : chromium - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5104 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/chromium\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0976\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0980\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/chromium\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the chromium packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 99.0.4844.74-1~deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0980\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-sandbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'chromium', 'reference': '99.0.4844.74-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-common', 'reference': '99.0.4844.74-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-driver', 'reference': '99.0.4844.74-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-l10n', 'reference': '99.0.4844.74-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-sandbox', 'reference': '99.0.4844.74-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-shell', 'reference': '99.0.4844.74-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium / chromium-common / chromium-driver / chromium-l10n / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T16:25:09", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 99.0.1150.46. It is, therefore, affected by multiple vulnerabilities as referenced in the March 17, 2022 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-17T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 99.0.1150.46 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980", "CVE-2022-26899"], "modified": "2023-11-06T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_99_0_1150_46.NASL", "href": "https://www.tenable.com/plugins/nessus/159037", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159037);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\",\n \"CVE-2022-26899\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0120-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0544-S\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 99.0.1150.46 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 99.0.1150.46. It is, therefore, affected\nby multiple vulnerabilities as referenced in the March 17, 2022 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#march-17-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0cc84aae\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0976\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0980\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26899\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 99.0.1150.46 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '99.0.1150.46' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:48", "description": "The version of bind installed on the remote host is prior to 9.11.37 / 9.18.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-076-01 advisory.\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check. (CVE-2022-0635)\n\n - When the vulnerability is triggered the BIND process will exit. BIND 9.18.0 (CVE-2022-0667)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-18T00:00:00", "type": "nessus", "title": "Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current bind Multiple Vulnerabilities (SSA:2022-076-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396", "CVE-2022-0635", "CVE-2022-0667"], "modified": "2022-12-12T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:bind", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2", "cpe:/o:slackware:slackware_linux:15.0"], "id": "SLACKWARE_SSA_2022-076-01.NASL", "href": "https://www.tenable.com/plugins/nessus/159052", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Slackware Security Advisory SSA:2022-076-01. The text\n# itself is copyright (C) Slackware Linux, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159052);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/12\");\n\n script_cve_id(\n \"CVE-2021-25220\",\n \"CVE-2022-0396\",\n \"CVE-2022-0635\",\n \"CVE-2022-0667\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current bind Multiple Vulnerabilities (SSA:2022-076-01)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Slackware Linux host is missing a security update to bind.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of bind installed on the remote host is prior to 9.11.37 / 9.18.1. It is, therefore, affected by multiple\nvulnerabilities as referenced in the SSA:2022-076-01 advisory.\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries,\n the named process will eventually terminate due to a failed assertion check. (CVE-2022-0635)\n\n - When the vulnerability is triggered the BIND process will exit. BIND 9.18.0 (CVE-2022-0667)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:15.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Slackware Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\nvar flag = 0;\nvar constraints = [\n { 'fixed_version' : '9.11.37', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : '14.0', 'service_pack' : '1_slack14.0', 'arch' : 'i486' },\n { 'fixed_version' : '9.11.37', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : '14.0', 'service_pack' : '1_slack14.0', 'arch' : 'x86_64' },\n { 'fixed_version' : '9.11.37', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : '14.1', 'service_pack' : '1_slack14.1', 'arch' : 'i486' },\n { 'fixed_version' : '9.11.37', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : '14.1', 'service_pack' : '1_slack14.1', 'arch' : 'x86_64' },\n { 'fixed_version' : '9.11.37', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : '14.2', 'service_pack' : '1_slack14.2', 'arch' : 'i586' },\n { 'fixed_version' : '9.11.37', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : '14.2', 'service_pack' : '1_slack14.2', 'arch' : 'x86_64' },\n { 'fixed_version' : '9.18.1', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'i586' },\n { 'fixed_version' : '9.18.1', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'x86_64' },\n { 'fixed_version' : '9.18.1', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'i586' },\n { 'fixed_version' : '9.18.1', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'x86_64' }\n];\n\nforeach constraint (constraints) {\n var pkg_arch = constraint['arch'];\n var arch = NULL;\n if (pkg_arch == \"x86_64\") {\n arch = pkg_arch;\n }\n if (slackware_check(osver:constraint['os_version'],\n arch:arch,\n pkgname:constraint['product'],\n pkgver:constraint['fixed_version'],\n pkgarch:pkg_arch,\n pkgnum:constraint['service_pack'])) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : slackware_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T16:25:10", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.15 or 9.3.x prior to 9.3.8. It is, therefore, affected by multiple vulnerabilities.\n\n - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds. (CVE-2022-24729)\n\n - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0.\n The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently no known workarounds. (CVE-2022-24728)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-16T00:00:00", "type": "nessus", "title": "Drupal 9.2.x < 9.2.15 / 9.3.x < 9.3.8 Multiple Vulnerabilities (drupal-2022-03-16)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-24728", "CVE-2022-24729"], "modified": "2023-11-06T00:00:00", "cpe": ["cpe:/a:drupal:drupal"], "id": "DRUPAL_9_3_8.NASL", "href": "https://www.tenable.com/plugins/nessus/158982", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158982);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\"CVE-2022-24728\", \"CVE-2022-24729\");\n script_xref(name:\"IAVA\", value:\"2022-A-0123-S\");\n\n script_name(english:\"Drupal 9.2.x < 9.2.15 / 9.3.x < 9.3.8 Multiple Vulnerabilities (drupal-2022-03-16)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PHP application running on the remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.15\nor 9.3.x prior to 9.3.8. It is, therefore, affected by multiple vulnerabilities.\n\n - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0\n contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input\n validator regular expression, which can cause a significant performance drop resulting in a browser tab\n freeze. A patch is available in version 4.18.0. There are currently no known workarounds. (CVE-2022-24729)\n\n - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered\n in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0.\n The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could\n result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently\n no known workarounds. (CVE-2022-24728)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/sa-core-2022-005\");\n # https://ckeditor.com/blog/ckeditor-4.18.0-browser-bugfix-and-security-patches/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?526d7751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/ckeditor/ckeditor4\");\n # https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-4fc4-4p5g-6w89\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?773fe8cd\");\n # https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-f6rf-9m92-x2hh\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?742ef187\");\n # https://www.drupal.org/docs/contributed-modules/webform/webform-libraries\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?63de4ace\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/9.2.15\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/9.3.8\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/psa-2011-002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/psa-2021-06-29\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/steward\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Drupal version 9.2.15 / 9.3.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-24728\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/16\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:drupal:drupal\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"drupal_detect.nasl\");\n script_require_keys(\"installed_sw/Drupal\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar port = get_http_port(default:80, php:TRUE);\n\nvar app_info = vcf::get_app_info(app:'Drupal', port:port, webapp:TRUE);\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nvar constraints = [\n { 'min_version' : '9.2', 'fixed_version' : '9.2.15' },\n { 'min_version' : '9.3', 'fixed_version' : '9.3.8' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_NOTE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:18", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.15 or 9.3.x prior to 9.3.8. It is, therefore, affected by multiple vulnerabilities due to its usage of a third party component, CKEditor, for WYSIWYG editing:\n\n - A vulnerability has been discovered in CKEditor 4 HTML processing core module. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. (CVE-2022-24728)\n\n - A vulnerability has been discovered in CKEditor 4 dialog plugin. The vulnerability allowed to abuse a dialog input validator regular expression, which could cause a significant performance drop resulting in a browser tab freeze. (CVE-2022-24729)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-18T00:00:00", "type": "nessus", "title": "Drupal 9.2.x < 9.2.15 Third-Party Library Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-24728", "CVE-2022-24729"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_113204", "href": "https://www.tenable.com/plugins/was/113204", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:16", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.15 or 9.3.x prior to 9.3.8. It is, therefore, affected by multiple vulnerabilities due to its usage of a third party component, CKEditor, for WYSIWYG editing:\n\n - A vulnerability has been discovered in CKEditor 4 HTML processing core module. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. (CVE-2022-24728)\n\n - A vulnerability has been discovered in CKEditor 4 dialog plugin. The vulnerability allowed to abuse a dialog input validator regular expression, which could cause a significant performance drop resulting in a browser tab freeze. (CVE-2022-24729)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-18T00:00:00", "type": "nessus", "title": "Drupal 9.3.x < 9.3.8 Third-Party Library Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-24728", "CVE-2022-24729"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_113206", "href": "https://www.tenable.com/plugins/was/113206", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:43", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7643 advisory.\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-15T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : bind9.16 (ELSA-2022-7643)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-29T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:bind9.16", "p-cpe:/a:oracle:linux:bind9.16-chroot", "p-cpe:/a:oracle:linux:bind9.16-devel", "p-cpe:/a:oracle:linux:bind9.16-dnssec-utils", "p-cpe:/a:oracle:linux:bind9.16-doc", "p-cpe:/a:oracle:linux:bind9.16-libs", "p-cpe:/a:oracle:linux:bind9.16-license", "p-cpe:/a:oracle:linux:bind9.16-utils", "p-cpe:/a:oracle:linux:python3-bind9.16"], "id": "ORACLELINUX_ELSA-2022-7643.NASL", "href": "https://www.tenable.com/plugins/nessus/167573", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-7643.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167573);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n\n script_name(english:\"Oracle Linux 8 : bind9.16 (ELSA-2022-7643)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-7643 advisory.\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-7643.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind9.16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind9.16-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind9.16-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind9.16-dnssec-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind9.16-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind9.16-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind9.16-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind9.16-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-bind9.16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'bind9.16-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-chroot-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-chroot-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-devel-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-devel-9.16.23-0.9.el8.1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-devel-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-dnssec-utils-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-dnssec-utils-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-doc-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-9.16.23-0.9.el8.1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-license-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-utils-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-utils-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind9.16-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind9.16 / bind9.16-chroot / bind9.16-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:41", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7643 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-12T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : bind9.16 (ALSA-2022:7643)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-29T00:00:00", "cpe": ["p-cpe:/a:alma:linux:bind9.16", "p-cpe:/a:alma:linux:bind9.16-chroot", "p-cpe:/a:alma:linux:bind9.16-devel", "p-cpe:/a:alma:linux:bind9.16-dnssec-utils", "p-cpe:/a:alma:linux:bind9.16-doc", "p-cpe:/a:alma:linux:bind9.16-libs", "p-cpe:/a:alma:linux:bind9.16-license", "p-cpe:/a:alma:linux:bind9.16-utils", "p-cpe:/a:alma:linux:python3-bind9.16", "cpe:/o:alma:linux:8", "cpe:/o:alma:linux:8::appstream", "cpe:/o:alma:linux:8::powertools"], "id": "ALMA_LINUX_ALSA-2022-7643.NASL", "href": "https://www.tenable.com/plugins/nessus/167314", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:7643.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167314);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"ALSA\", value:\"2022:7643\");\n\n script_name(english:\"AlmaLinux 8 : bind9.16 (ALSA-2022:7643)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:7643 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-7643.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(404, 444, 459);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind9.16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind9.16-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind9.16-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind9.16-dnssec-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind9.16-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind9.16-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind9.16-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind9.16-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-bind9.16\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::powertools\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'bind9.16-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-chroot-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-devel-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-dnssec-utils-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-doc-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-license-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-utils-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind9.16-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind9.16 / bind9.16-chroot / bind9.16-devel / bind9.16-dnssec-utils / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T18:38:06", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-166 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-05T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : (ALAS2022-2022-166)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-29T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bind", "p-cpe:/a:amazon:linux:bind-chroot", "p-cpe:/a:amazon:linux:bind-debuginfo", "p-cpe:/a:amazon:linux:bind-debugsource", "p-cpe:/a:amazon:linux:bind-devel", "p-cpe:/a:amazon:linux:bind-dlz-filesystem", "p-cpe:/a:amazon:linux:bind-dlz-filesystem-debuginfo", "p-cpe:/a:amazon:linux:bind-dlz-ldap", "p-cpe:/a:amazon:linux:bind-dlz-ldap-debuginfo", "p-cpe:/a:amazon:linux:bind-dlz-mysql", "p-cpe:/a:amazon:linux:bind-dlz-mysql-debuginfo", "p-cpe:/a:amazon:linux:bind-dlz-sqlite3", "p-cpe:/a:amazon:linux:bind-dlz-sqlite3-debuginfo", "p-cpe:/a:amazon:linux:bind-dnssec-doc", "p-cpe:/a:amazon:linux:bind-dnssec-utils", "p-cpe:/a:amazon:linux:bind-dnssec-utils-debuginfo", "p-cpe:/a:amazon:linux:bind-doc", "p-cpe:/a:amazon:linux:bind-libs", "p-cpe:/a:amazon:linux:bind-libs-debuginfo", "p-cpe:/a:amazon:linux:bind-license", "p-cpe:/a:amazon:linux:bind-pkcs11", "p-cpe:/a:amazon:linux:bind-pkcs11-debuginfo", "p-cpe:/a:amazon:linux:bind-pkcs11-devel", "p-cpe:/a:amazon:linux:bind-pkcs11-libs", "p-cpe:/a:amazon:linux:bind-pkcs11-libs-debuginfo", "p-cpe:/a:amazon:linux:bind-pkcs11-utils", "p-cpe:/a:amazon:linux:bind-pkcs11-utils-debuginfo", "p-cpe:/a:amazon:linux:bind-utils", "p-cpe:/a:amazon:linux:bind-utils-debuginfo", "p-cpe:/a:amazon:linux:python3-bind", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-166.NASL", "href": "https://www.tenable.com/plugins/nessus/167020", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-166.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167020);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"Amazon Linux 2022 : (ALAS2022-2022-166)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-166 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-166.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-25220.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0396.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update bind --releasever=2022.0.20221102' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-filesystem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-sqlite3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dnssec-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dnssec-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dnssec-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'bind-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-chroot-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-chroot-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-chroot-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debugsource-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debugsource-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debugsource-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-devel-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-devel-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-devel-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-doc-9.16.27-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-doc-9.16.27-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-license-9.16.27-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-devel-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-devel-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-devel-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-debuginfo-9.16.27-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-bind-9.16.27-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:30", "description": "The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5105 advisory.\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "Debian DSA-5105-1 : bind9 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-12-12T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:bind9", "p-cpe:/a:debian:debian_linux:bind9-dev", "p-cpe:/a:debian:debian_linux:bind9-dnsutils", "p-cpe:/a:debian:debian_linux:bind9-doc", "p-cpe:/a:debian:debian_linux:bind9-host", "p-cpe:/a:debian:debian_linux:bind9-libs", "p-cpe:/a:debian:debian_linux:bind9-utils", "p-cpe:/a:debian:debian_linux:bind9utils", "p-cpe:/a:debian:debian_linux:dnsutils", "p-cpe:/a:debian:debian_linux:libbind-dev", "p-cpe:/a:debian:debian_linux:libbind-export-dev", "p-cpe:/a:debian:debian_linux:libbind9-161", "p-cpe:/a:debian:debian_linux:libdns-export1104", "p-cpe:/a:debian:debian_linux:libdns1104", "p-cpe:/a:debian:debian_linux:libirs-export161", "p-cpe:/a:debian:debian_linux:libirs161", "p-cpe:/a:debian:debian_linux:libisc-export1100", "p-cpe:/a:debian:debian_linux:libisc1100", "p-cpe:/a:debian:debian_linux:libisccc-export161", "p-cpe:/a:debian:debian_linux:libisccc161", "p-cpe:/a:debian:debian_linux:libisccfg-export163", "p-cpe:/a:debian:debian_linux:libisccfg163", "p-cpe:/a:debian:debian_linux:liblwres161", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5105.NASL", "href": "https://www.tenable.com/plugins/nessus/159109", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5105. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159109);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/12\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"Debian DSA-5105-1 : bind9 - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5105 advisory.\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/bind9\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-25220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/bind9\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/bind9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the bind9 packages.\n\nFor the stable distribution (bullseye), this problem has been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9-dnsutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dnsutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbind-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbind-export-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbind9-161\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libdns-export1104\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libdns1104\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libirs-export161\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libirs161\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libisc-export1100\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libisc1100\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libisccc-export161\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libisccc161\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libisccfg-export163\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libisccfg163\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblwres161\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+|^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0 / 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'bind9', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'bind9-dev', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'bind9-dnsutils', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'bind9-doc', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'bind9-host', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'bind9-libs', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'bind9-utils', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'bind9utils', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'dnsutils', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libbind-dev', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libbind-export-dev', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libbind9-161', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libdns-export1104', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libdns1104', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libirs-export161', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libirs161', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libisc-export1100', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libisc1100', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libisccc-export161', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libisccc161', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libisccfg-export163', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'libisccfg163', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '10.0', 'prefix': 'liblwres161', 'reference': '1:9.11.5.P4+dfsg-5.1+deb10u7'},\n {'release': '11.0', 'prefix': 'bind9', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'bind9-dev', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'bind9-dnsutils', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'bind9-doc', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'bind9-host', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'bind9-libs', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'bind9-utils', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'bind9utils', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'dnsutils', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libbind-dev', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libbind-export-dev', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libbind9-161', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libdns-export1104', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libdns1104', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libirs-export161', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libirs161', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libisc-export1100', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libisc1100', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libisccc-export161', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libisccc161', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libisccfg-export163', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'libisccfg163', 'reference': '1:9.16.27-1~deb11u1'},\n {'release': '11.0', 'prefix': 'liblwres161', 'reference': '1:9.16.27-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind9 / bind9-dev / bind9-dnsutils / bind9-doc / bind9-host / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-18T14:46:15", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5332-1 advisory.\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-18T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Bind vulnerabilities (USN-5332-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2023-10-16T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:bind9", "p-cpe:/a:canonical:ubuntu_linux:bind9-dnsutils", "p-cpe:/a:canonical:ubuntu_linux:bind9-host", "p-cpe:/a:canonical:ubuntu_linux:bind9-libs", "p-cpe:/a:canonical:ubuntu_linux:bind9-utils", "p-cpe:/a:canonical:ubuntu_linux:bind9utils", "p-cpe:/a:canonical:ubuntu_linux:dnsutils", "p-cpe:/a:canonical:ubuntu_linux:libbind-dev", "p-cpe:/a:canonical:ubuntu_linux:libbind-export-dev", "p-cpe:/a:canonical:ubuntu_linux:libbind9-160", "p-cpe:/a:canonical:ubuntu_linux:libdns-export1100", "p-cpe:/a:canonical:ubuntu_linux:libdns1100", "p-cpe:/a:canonical:ubuntu_linux:libirs-export160", "p-cpe:/a:canonical:ubuntu_linux:libirs160", "p-cpe:/a:canonical:ubuntu_linux:libisc-export169", "p-cpe:/a:canonical:ubuntu_linux:libisc169", "p-cpe:/a:canonical:ubuntu_linux:libisccc-export160", "p-cpe:/a:canonical:ubuntu_linux:libisccc160", "p-cpe:/a:canonical:ubuntu_linux:libisccfg-export160", "p-cpe:/a:canonical:ubuntu_linux:libisccfg160", "p-cpe:/a:canonical:ubuntu_linux:liblwres160"], "id": "UBUNTU_USN-5332-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159059", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5332-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159059);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/16\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"USN\", value:\"5332-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Bind vulnerabilities (USN-5332-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-5332-1 advisory.\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5332-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-dnsutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dnsutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind-export-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-160\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns-export1100\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns1100\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libirs-export160\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libirs160\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc-export169\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc169\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc-export160\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc160\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg-export160\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg160\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres160\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'bind9', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'bind9-host', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'bind9utils', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'dnsutils', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libbind-dev', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libbind-export-dev', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libbind9-160', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libdns-export1100', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libdns1100', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libirs-export160', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libirs160', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libisc-export169', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libisc169', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libisccc-export160', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libisccc160', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libisccfg-export160', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'libisccfg160', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '18.04', 'pkgname': 'liblwres160', 'pkgver': '1:9.11.3+dfsg-1ubuntu1.17'},\n {'osver': '20.04', 'pkgname': 'bind9', 'pkgver': '1:9.16.1-0ubuntu2.10'},\n {'osver': '20.04', 'pkgname': 'bind9-dnsutils', 'pkgver': '1:9.16.1-0ubuntu2.10'},\n {'osver': '20.04', 'pkgname': 'bind9-host', 'pkgver': '1:9.16.1-0ubuntu2.10'},\n {'osver': '20.04', 'pkgname': 'bind9-libs', 'pkgver': '1:9.16.1-0ubuntu2.10'},\n {'osver': '20.04', 'pkgname': 'bind9-utils', 'pkgver': '1:9.16.1-0ubuntu2.10'},\n {'osver': '20.04', 'pkgname': 'bind9utils', 'pkgver': '1:9.16.1-0ubuntu2.10'},\n {'osver': '20.04', 'pkgname': 'dnsutils', 'pkgver': '1:9.16.1-0ubuntu2.10'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind9 / bind9-dnsutils / bind9-host / bind9-libs / bind9-utils / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T21:02:25", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7643 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-17T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : bind9.16 (RLSA-2022:7643)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2023-11-07T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:bind9.16", "p-cpe:/a:rocky:linux:bind9.16-chroot", "p-cpe:/a:rocky:linux:bind9.16-debuginfo", "p-cpe:/a:rocky:linux:bind9.16-debugsource", "p-cpe:/a:rocky:linux:bind9.16-devel", "p-cpe:/a:rocky:linux:bind9.16-dnssec-utils", "p-cpe:/a:rocky:linux:bind9.16-dnssec-utils-debuginfo", "p-cpe:/a:rocky:linux:bind9.16-doc", "p-cpe:/a:rocky:linux:bind9.16-libs", "p-cpe:/a:rocky:linux:bind9.16-libs-debuginfo", "p-cpe:/a:rocky:linux:bind9.16-license", "p-cpe:/a:rocky:linux:bind9.16-utils", "p-cpe:/a:rocky:linux:bind9.16-utils-debuginfo", "p-cpe:/a:rocky:linux:python3-bind9.16", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-7643.NASL", "href": "https://www.tenable.com/plugins/nessus/167806", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:7643.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167806);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"RLSA\", value:\"2022:7643\");\n\n script_name(english:\"Rocky Linux 8 : bind9.16 (RLSA-2022:7643)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2022:7643 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2064512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2064513\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2128601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:7643\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-dnssec-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-dnssec-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind9.16-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-bind9.16\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'bind9.16-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-chroot-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-chroot-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-debuginfo-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-debuginfo-9.16.23-0.9.el8.1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-debuginfo-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-debugsource-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-debugsource-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-devel-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-devel-9.16.23-0.9.el8.1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-devel-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-dnssec-utils-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-dnssec-utils-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-doc-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-9.16.23-0.9.el8.1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-debuginfo-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-debuginfo-9.16.23-0.9.el8.1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-debuginfo-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-license-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-utils-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-utils-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-utils-debuginfo-9.16.23-0.9.el8.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-utils-debuginfo-9.16.23-0.9.el8.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind9.16-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind9.16 / bind9.16-chroot / bind9.16-debuginfo / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:46:35", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-010 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2023-010)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2023-03-27T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bind", "p-cpe:/a:amazon:linux:bind-chroot", "p-cpe:/a:amazon:linux:bind-debuginfo", "p-cpe:/a:amazon:linux:bind-debugsource", "p-cpe:/a:amazon:linux:bind-devel", "p-cpe:/a:amazon:linux:bind-dlz-filesystem", "p-cpe:/a:amazon:linux:bind-dlz-filesystem-debuginfo", "p-cpe:/a:amazon:linux:bind-dlz-ldap", "p-cpe:/a:amazon:linux:bind-dlz-ldap-debuginfo", "p-cpe:/a:amazon:linux:bind-dlz-mysql", "p-cpe:/a:amazon:linux:bind-dlz-mysql-debuginfo", "p-cpe:/a:amazon:linux:bind-dlz-sqlite3", "p-cpe:/a:amazon:linux:bind-dlz-sqlite3-debuginfo", "p-cpe:/a:amazon:linux:bind-dnssec-doc", "p-cpe:/a:amazon:linux:bind-dnssec-utils", "p-cpe:/a:amazon:linux:bind-dnssec-utils-debuginfo", "p-cpe:/a:amazon:linux:bind-doc", "p-cpe:/a:amazon:linux:bind-libs", "p-cpe:/a:amazon:linux:bind-libs-debuginfo", "p-cpe:/a:amazon:linux:bind-license", "p-cpe:/a:amazon:linux:bind-pkcs11", "p-cpe:/a:amazon:linux:bind-pkcs11-debuginfo", "p-cpe:/a:amazon:linux:bind-pkcs11-devel", "p-cpe:/a:amazon:linux:bind-pkcs11-libs", "p-cpe:/a:amazon:linux:bind-pkcs11-libs-debuginfo", "p-cpe:/a:amazon:linux:bind-pkcs11-utils", "p-cpe:/a:amazon:linux:bind-pkcs11-utils-debuginfo", "p-cpe:/a:amazon:linux:bind-utils", "p-cpe:/a:amazon:linux:bind-utils-debuginfo", "p-cpe:/a:amazon:linux:python3-bind", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-010.NASL", "href": "https://www.tenable.com/plugins/nessus/173114", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-010.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173114);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/27\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2023-010)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-010 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-010.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-25220.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0396.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update bind --releasever=2023.0.20230222 ' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-filesystem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dlz-sqlite3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dnssec-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dnssec-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-dnssec-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-pkcs11-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'bind-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-chroot-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-chroot-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-chroot-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debugsource-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debugsource-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-debugsource-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-devel-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-devel-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-devel-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-filesystem-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-ldap-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-mysql-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dlz-sqlite3-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-doc-9.16.27-1.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-dnssec-utils-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-doc-9.16.27-1.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-libs-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-license-9.16.27-1.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-devel-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-devel-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-devel-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-libs-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-pkcs11-utils-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bind-utils-debuginfo-9.16.27-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-bind-9.16.27-1.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:38:06", "description": "The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8068 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-22T00:00:00", "type": "nessus", "title": "Oracle Linux 9 : bind (ELSA-2022-8068)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-29T00:00:00", "cpe": ["cpe:/o:oracle:linux:9", "p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-dnssec-doc", "p-cpe:/a:oracle:linux:bind-dnssec-utils", "p-cpe:/a:oracle:linux:bind-doc", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-license", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:python3-bind"], "id": "ORACLELINUX_ELSA-2022-8068.NASL", "href": "https://www.tenable.com/plugins/nessus/168106", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-8068.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168106);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"Oracle Linux 9 : bind (ELSA-2022-8068)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-8068 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-8068.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-dnssec-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-dnssec-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-bind\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 9', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'bind-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.16.23-5.el9_1', 'cpu':'i686', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-doc-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-doc-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.16.23-5.el9_1', 'cpu':'i686', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-license-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chroot / bind-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T20:34:58", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7643 advisory.\n\n - bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\n - bind: DoS from specifically crafted TCP packets (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-08T00:00:00", "type": "nessus", "title": "RHEL 8 : bind9.16 (RHSA-2022:7643)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:bind9.16", "p-cpe:/a:redhat:enterprise_linux:bind9.16-chroot", "p-cpe:/a:redhat:enterprise_linux:bind9.16-devel", "p-cpe:/a:redhat:enterprise_linux:bind9.16-dnssec-utils", "p-cpe:/a:redhat:enterprise_linux:bind9.16-doc", "p-cpe:/a:redhat:enterprise_linux:bind9.16-libs", "p-cpe:/a:redhat:enterprise_linux:bind9.16-license", "p-cpe:/a:redhat:enterprise_linux:bind9.16-utils", "p-cpe:/a:redhat:enterprise_linux:python3-bind9.16"], "id": "REDHAT-RHSA-2022-7643.NASL", "href": "https://www.tenable.com/plugins/nessus/167129", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:7643. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167129);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"RHSA\", value:\"2022:7643\");\n\n script_name(english:\"RHEL 8 : bind9.16 (RHSA-2022:7643)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:7643 advisory.\n\n - bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\n - bind: DoS from specifically crafted TCP packets (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-25220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-0396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7643\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064513\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(404, 444, 459);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind9.16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind9.16-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind9.16-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind9.16-dnssec-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind9.16-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind9.16-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind9.16-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind9.16-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-bind9.16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bind9.16-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-chroot-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-devel-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-dnssec-utils-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-doc-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-libs-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-license-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind9.16-utils-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind9.16-9.16.23-0.9.el8.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind9.16 / bind9.16-chroot / bind9.16-devel / bind9.16-dnssec-utils / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-14T11:20:41", "description": "The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8068 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-06T00:00:00", "type": "nessus", "title": "Rocky Linux 9 : bind (RLSA-2022:8068)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2023-11-14T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:bind", "p-cpe:/a:rocky:linux:bind-chroot", "p-cpe:/a:rocky:linux:bind-debuginfo", "p-cpe:/a:rocky:linux:bind-debugsource", "p-cpe:/a:rocky:linux:bind-devel", "p-cpe:/a:rocky:linux:bind-libs", "p-cpe:/a:rocky:linux:bind-libs-debuginfo", "p-cpe:/a:rocky:linux:bind-license", "p-cpe:/a:rocky:linux:bind-utils", "p-cpe:/a:rocky:linux:bind-utils-debuginfo", "p-cpe:/a:rocky:linux:python3-bind", "cpe:/o:rocky:linux:9", "p-cpe:/a:rocky:linux:bind-dnssec-doc", "p-cpe:/a:rocky:linux:bind-dnssec-utils", "p-cpe:/a:rocky:linux:bind-dnssec-utils-debuginfo", "p-cpe:/a:rocky:linux:bind-doc"], "id": "ROCKY_LINUX_RLSA-2022-8068.NASL", "href": "https://www.tenable.com/plugins/nessus/184497", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:8068.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(184497);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/14\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"RLSA\", value:\"2022:8068\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"Rocky Linux 9 : bind (RLSA-2022:8068)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2022:8068 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:8068\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2064512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2064513\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2104863\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-dnssec-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-dnssec-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-dnssec-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:9\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 9.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'bind-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debuginfo-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debuginfo-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debuginfo-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debugsource-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debugsource-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debugsource-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.16.23-5.el9_1', 'cpu':'i686', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-doc-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-debuginfo-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-debuginfo-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-debuginfo-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-doc-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.16.23-5.el9_1', 'cpu':'i686', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-debuginfo-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-debuginfo-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-debuginfo-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-license-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-debuginfo-9.16.23-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-debuginfo-9.16.23-5.el9_1', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-debuginfo-9.16.23-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chroot / bind-debuginfo / bind-debugsource / bind-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:31", "description": "The version of bind installed on the remote host is prior to 9.16.27. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-080-01 advisory.\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "Slackware Linux 15.0 bind Multiple Vulnerabilities (SSA:2022-080-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-12-12T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:bind", "cpe:/o:slackware:slackware_linux:15.0"], "id": "SLACKWARE_SSA_2022-080-01.NASL", "href": "https://www.tenable.com/plugins/nessus/159115", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Slackware Security Advisory SSA:2022-080-01. The text\n# itself is copyright (C) Slackware Linux, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159115);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/12\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"Slackware Linux 15.0 bind Multiple Vulnerabilities (SSA:2022-080-01)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Slackware Linux host is missing a security update to bind.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of bind installed on the remote host is prior to 9.16.27. It is, therefore, affected by multiple\nvulnerabilities as referenced in the SSA:2022-080-01 advisory.\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:15.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Slackware Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\nvar flag = 0;\nvar constraints = [\n { 'fixed_version' : '9.16.27', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'i586' },\n { 'fixed_version' : '9.16.27', 'product' : 'bind', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'x86_64' }\n];\n\nforeach constraint (constraints) {\n var pkg_arch = constraint['arch'];\n var arch = NULL;\n if (pkg_arch == \"x86_64\") {\n arch = pkg_arch;\n }\n if (slackware_check(osver:constraint['os_version'],\n arch:arch,\n pkgname:constraint['product'],\n pkgver:constraint['fixed_version'],\n pkgarch:pkg_arch,\n pkgnum:constraint['service_pack'])) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : slackware_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:37:57", "description": "The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8068 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-19T00:00:00", "type": "nessus", "title": "AlmaLinux 9 : bind (ALSA-2022:8068)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-29T00:00:00", "cpe": ["p-cpe:/a:alma:linux:bind", "p-cpe:/a:alma:linux:bind-chroot", "p-cpe:/a:alma:linux:bind-devel", "p-cpe:/a:alma:linux:bind-dnssec-doc", "p-cpe:/a:alma:linux:bind-dnssec-utils", "p-cpe:/a:alma:linux:bind-doc", "p-cpe:/a:alma:linux:bind-libs", "p-cpe:/a:alma:linux:bind-license", "p-cpe:/a:alma:linux:bind-utils", "p-cpe:/a:alma:linux:python3-bind", "cpe:/o:alma:linux:9", "cpe:/o:alma:linux:9::appstream", "cpe:/o:alma:linux:9::crb"], "id": "ALMA_LINUX_ALSA-2022-8068.NASL", "href": "https://www.tenable.com/plugins/nessus/167984", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:8068.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167984);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"ALSA\", value:\"2022:8068\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"AlmaLinux 9 : bind (ALSA-2022:8068)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:8068 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/9/ALSA-2022-8068.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(404, 444, 459);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-dnssec-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-dnssec-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::crb\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 9.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'bind-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-doc-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-doc-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-license-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chroot / bind-devel / bind-dnssec-doc / bind-dnssec-utils / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:34:51", "description": "The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8068 advisory.\n\n - bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\n - bind: DoS from specifically crafted TCP packets (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-16T00:00:00", "type": "nessus", "title": "RHEL 9 : bind (RHSA-2022:8068)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:9", "cpe:/o:redhat:rhel_aus:9.2", "cpe:/o:redhat:rhel_e4s:9.2", "cpe:/o:redhat:rhel_eus:9.2", "p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "p-cpe:/a:redhat:enterprise_linux:bind-dnssec-doc", "p-cpe:/a:redhat:enterprise_linux:bind-dnssec-utils", "p-cpe:/a:redhat:enterprise_linux:bind-doc", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "p-cpe:/a:redhat:enterprise_linux:bind-license", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "p-cpe:/a:redhat:enterprise_linux:python3-bind"], "id": "REDHAT-RHSA-2022-8068.NASL", "href": "https://www.tenable.com/plugins/nessus/167605", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:8068. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167605);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n script_xref(name:\"RHSA\", value:\"2022:8068\");\n\n script_name(english:\"RHEL 9 : bind (RHSA-2022:8068)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:8068 advisory.\n\n - bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\n - bind: DoS from specifically crafted TCP packets (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-25220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-0396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:8068\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064513\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(404, 444, 459);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-dnssec-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-dnssec-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-bind\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel9/9.2/x86_64/appstream/debug',\n 'content/aus/rhel9/9.2/x86_64/appstream/os',\n 'content/aus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel9/9.2/x86_64/baseos/debug',\n 'content/aus/rhel9/9.2/x86_64/baseos/os',\n 'content/aus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/appstream/debug',\n 'content/e4s/rhel9/9.2/aarch64/appstream/os',\n 'content/e4s/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/baseos/debug',\n 'content/e4s/rhel9/9.2/aarch64/baseos/os',\n 'content/e4s/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/debug',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/os',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/appstream/debug',\n 'content/e4s/rhel9/9.2/s390x/appstream/os',\n 'content/e4s/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/baseos/debug',\n 'content/e4s/rhel9/9.2/s390x/baseos/os',\n 'content/e4s/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/highavailability/debug',\n 'content/e4s/rhel9/9.2/s390x/highavailability/os',\n 'content/e4s/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/os',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/sap/debug',\n 'content/e4s/rhel9/9.2/s390x/sap/os',\n 'content/e4s/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.2/x86_64/appstream/os',\n 'content/e4s/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.2/x86_64/baseos/os',\n 'content/e4s/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap/os',\n 'content/e4s/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/appstream/debug',\n 'content/eus/rhel9/9.2/aarch64/appstream/os',\n 'content/eus/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/baseos/debug',\n 'content/eus/rhel9/9.2/aarch64/baseos/os',\n 'content/eus/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/os',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/highavailability/debug',\n 'content/eus/rhel9/9.2/aarch64/highavailability/os',\n 'content/eus/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/supplementary/debug',\n 'content/eus/rhel9/9.2/aarch64/supplementary/os',\n 'content/eus/rhel9/9.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.2/ppc64le/appstream/os',\n 'content/eus/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.2/ppc64le/baseos/os',\n 'content/eus/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap/os',\n 'content/eus/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/appstream/debug',\n 'content/eus/rhel9/9.2/s390x/appstream/os',\n 'content/eus/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/baseos/debug',\n 'content/eus/rhel9/9.2/s390x/baseos/os',\n 'content/eus/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/debug',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/os',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/highavailability/debug',\n 'content/eus/rhel9/9.2/s390x/highavailability/os',\n 'content/eus/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/os',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/sap/debug',\n 'content/eus/rhel9/9.2/s390x/sap/os',\n 'content/eus/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/supplementary/debug',\n 'content/eus/rhel9/9.2/s390x/supplementary/os',\n 'content/eus/rhel9/9.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/appstream/debug',\n 'content/eus/rhel9/9.2/x86_64/appstream/os',\n 'content/eus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/baseos/debug',\n 'content/eus/rhel9/9.2/x86_64/baseos/os',\n 'content/eus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.2/x86_64/highavailability/os',\n 'content/eus/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap/debug',\n 'content/eus/rhel9/9.2/x86_64/sap/os',\n 'content/eus/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.2/x86_64/supplementary/os',\n 'content/eus/rhel9/9.2/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bind-9.16.23-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.16.23-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.16.23-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-doc-9.16.23-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-9.16.23-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-doc-9.16.23-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.16.23-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-license-9.16.23-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.16.23-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind-9.16.23-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/aarch64/appstream/debug',\n 'content/dist/rhel9/9/aarch64/appstream/os',\n 'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/baseos/debug',\n 'content/dist/rhel9/9/aarch64/baseos/os',\n 'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/codeready-builder/debug',\n 'content/dist/rhel9/9/aarch64/codeready-builder/os',\n 'content/dist/rhel9/9/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/highavailability/debug',\n 'content/dist/rhel9/9/aarch64/highavailability/os',\n 'content/dist/rhel9/9/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/supplementary/debug',\n 'content/dist/rhel9/9/aarch64/supplementary/os',\n 'content/dist/rhel9/9/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/appstream/debug',\n 'content/dist/rhel9/9/ppc64le/appstream/os',\n 'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/baseos/debug',\n 'content/dist/rhel9/9/ppc64le/baseos/os',\n 'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/debug',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/os',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/highavailability/debug',\n 'content/dist/rhel9/9/ppc64le/highavailability/os',\n 'content/dist/rhel9/9/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/debug',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/os',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/debug',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/os',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap/debug',\n 'content/dist/rhel9/9/ppc64le/sap/os',\n 'content/dist/rhel9/9/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/supplementary/debug',\n 'content/dist/rhel9/9/ppc64le/supplementary/os',\n 'content/dist/rhel9/9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/s390x/appstream/debug',\n 'content/dist/rhel9/9/s390x/appstream/os',\n 'content/dist/rhel9/9/s390x/appstream/source/SRPMS',\n 'content/dist/rhel9/9/s390x/baseos/debug',\n 'content/dist/rhel9/9/s390x/baseos/os',\n 'content/dist/rhel9/9/s390x/baseos/source/SRPMS',\n 'content/dist/rhel9/9/s390x/codeready-builder/debug',\n 'content/dist/rhel9/9/s390x/codeready-builder/os',\n 'content/dist/rhel9/9/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/s390x/highavailability/debug',\n 'content/dist/rhel9/9/s390x/highavailability/os',\n 'content/dist/rhel9/9/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/s390x/resilientstorage/debug',\n 'content/dist/rhel9/9/s390x/resilientstorage/os',\n 'content/dist/rhel9/9/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/s390x/sap/debug',\n 'content/dist/rhel9/9/s390x/sap/os',\n 'content/dist/rhel9/9/s390x/sap/source/SRPMS',\n 'content/dist/rhel9/9/s390x/supplementary/debug',\n 'content/dist/rhel9/9/s390x/supplementary/os',\n 'content/dist/rhel9/9/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bind-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-doc-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-dnssec-utils-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-doc-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-license-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind-9.16.23-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chroot / bind-devel / bind-dnssec-doc / bind-dnssec-utils / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T10:40:44", "description": "The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2713-1 advisory.\n\n - In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing. (CVE-2021-25219)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-10T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2022:2713-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25219", "CVE-2021-25220", "CVE-2022-0396"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bind", "p-cpe:/a:novell:suse_linux:bind-doc", "p-cpe:/a:novell:suse_linux:bind-utils", "p-cpe:/a:novell:suse_linux:python3-bind", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2713-1.NASL", "href": "https://www.tenable.com/plugins/nessus/163993", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2713-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163993);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2021-25219\", \"CVE-2021-25220\", \"CVE-2022-0396\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2713-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0525-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2022:2713-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by\nmultiple vulnerabilities as referenced in the SUSE-SU-2022:2713-1 advisory.\n\n - In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 ->\n 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND\n 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing\n can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it\n possible for its internal data structures to grow almost infinitely, which may cause significant delays in\n client query processing. (CVE-2021-25219)\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\n - BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported\n Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT\n status for an indefinite period of time, even after the client has terminated the connection.\n (CVE-2022-0396)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192146\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197135\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199044\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-25219\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-25220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0396\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-August/011832.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2de6615c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bind, bind-doc, bind-utils and / or python3-bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLED_SAP15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED_SAP15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'bind-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'bind-doc-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'bind-utils-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'bind-utils-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'python3-bind-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'python3-bind-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'bind-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-server-applications-release-15.4', 'sles-release-15.4']},\n {'reference':'bind-doc-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-server-applications-release-15.4', 'sles-release-15.4']},\n {'reference':'bind-utils-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'bind-utils-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'python3-bind-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'python3-bind-9.16.31-150400.5.6.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-doc / bind-utils / python3-bind');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-12T17:10:55", "description": "The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-b61dfd219b advisory.\n\n - CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0. (CVE-2021-41164)\n\n - CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0. (CVE-2021-41165)\n\n - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0.\n The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently no known workarounds. (CVE-2022-24728)\n\n - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds. (CVE-2022-24729)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-21T00:00:00", "type": "nessus", "title": "Fedora 36 : ckeditor (2022-b61dfd219b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-41164", "CVE-2021-41165", "CVE-2022-24728", "CVE-2022-24729"], "modified": "2023-09-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:36", "p-cpe:/a:fedoraproject:fedora:ckeditor"], "id": "FEDORA_2022-B61DFD219B.NASL", "href": "https://www.tenable.com/plugins/nessus/169023", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2022-b61dfd219b\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169023);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/12\");\n\n script_cve_id(\n \"CVE-2021-41164\",\n \"CVE-2021-41165\",\n \"CVE-2022-24728\",\n \"CVE-2022-24729\"\n );\n script_xref(name:\"FEDORA\", value:\"2022-b61dfd219b\");\n\n script_name(english:\"Fedora 36 : ckeditor (2022-b61dfd219b)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2022-b61dfd219b advisory.\n\n - CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered\n in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The\n vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result in\n executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has\n been recognized and patched. The fix will be available in version 4.17.0. (CVE-2021-41164)\n\n - CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered\n in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability\n allowed to inject malformed comments HTML bypassing content sanitization, which could result in executing\n JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been\n recognized and patched. The fix will be available in version 4.17.0. (CVE-2021-41165)\n\n - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered\n in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0.\n The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could\n result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently\n no known workarounds. (CVE-2022-24728)\n\n - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0\n contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input\n validator regular expression, which can cause a significant performance drop resulting in a browser tab\n freeze. A patch is available in version 4.18.0. There are currently no known workarounds. (CVE-2022-24729)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2022-b61dfd219b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ckeditor package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-24728\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ckeditor\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^36([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 36', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nvar pkgs = [\n {'reference':'ckeditor-4.20.0-1.fc36', 'release':'FC36', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ckeditor');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-04T15:44:55", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.3 / 13.1.3.6 / 14.1.4 / 15.1.2.1 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K03009991 advisory.\n\n - On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd BIG-IQ 7.1.0.x before 7.1.0.3 and 7.0.0.x before 7.0.0.2, the iControl REST interface has an unauthenticated remote command execution vulnerability. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated. (CVE-2021-22986)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : iControl REST unauthenticated remote command execution vulnerability (K03009991)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-22986"], "modified": "2023-11-02T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_domain_name_system", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL03009991.NASL", "href": "https://www.tenable.com/plugins/nessus/147626", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K03009991.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147626);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/02\");\n\n script_cve_id(\"CVE-2021-22986\");\n script_xref(name:\"IAVA\", value:\"2021-A-0127\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0017\");\n\n script_name(english:\"F5 Networks BIG-IP : iControl REST unauthenticated remote command execution vulnerability (K03009991)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.3 / 13.1.3.6 / 14.1.4 / 15.1.2.1 /\n16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K03009991 advisory.\n\n - On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before\n 13.1.3.6, and 12.1.x before 12.1.5.3 amd BIG-IQ 7.1.0.x before 7.1.0.3 and 7.0.0.x before 7.0.0.2, the\n iControl REST interface has an unauthenticated remote command execution vulnerability. Note: Software\n versions which have reached End of Software Development (EoSD) are not evaluated. (CVE-2021-22986)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://my.f5.com/manage/s/article/K03009991\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K03009991.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-22986\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'F5 iControl REST Unauthenticated SSRF Token Generation RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_domain_name_system\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K03009991';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.1','15.1.2.1','14.1.4','13.1.3.6','12.1.5.3'\n ],\n },\n 'AM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.1','15.1.2.1','14.1.4','13.1.3.6','12.1.5.3'\n ],\n },\n 'APM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.1','15.1.2.1','14.1.4','13.1.3.6','12.1.5.3'\n ],\n },\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.1','15.1.2.1','14.1.4','13.1.3.6','12.1.5.3'\n ],\n },\n 'AVR': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.1','15.1.2.1','14.1.4','13.1.3.6','12.1.5.3'\n ],\n },\n 'DNS': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.1','15.1.2.1','14.1.4','13.1.3.6','12.1.5.3'\n ],\n },\n 'GTM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.1','15.1.2.1','14.1.4','13.1.3.6','12.1.5.3'\n ],\n },\n 'LC': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.1','15.1.2.1','14.1.4','13.1.3.6','12.1.5.3'\n ],\n },\n 'LTM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.1','15.1.2.1','14.1.4','13.1.3.6','12.1.5.3'\n ],\n },\n 'PEM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.1','15.1.2.1','14.1.4','13.1.3.6','12.1.5.3'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-18T14:51:44", "description": "A remote code execution vulnerability exists in the iControl REST API feature of F5's BIG-IP product. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands with root privileges.", "cvss3": {}, "published": "2021-03-24T00:00:00", "type": "nessus", "title": "F5 BIG-IP RCE (CVE-2021-22986)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-22986"], "modified": "2023-10-16T00:00:00", "cpe": ["cpe:/h:f5:big-ip"], "id": "F5_CVE-2021-22986.NBIN", "href": "https://www.tenable.com/plugins/nessus/148022", "sourceData": "Binary data f5_cve-2021-22986.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T15:43:04", "description": "The remote host is running a version of FortiOS 5.4.6 prior or equal to 5.4.12, 5.6.3 prior to 5.6.8 or 6.0.x prior to 6.0.5. It is, therefore, affected by a directory traversal vulnerability in the SSL VPN web portal, due to an improper limitation of a pathname to a restricted Directory. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP request, to download arbitrary FortiOS system files.", "cvss3": {}, "published": "2019-06-14T00:00:00", "type": "nessus", "title": "Fortinet FortiOS 5.4.6 <= 5.4.12 / 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN Directory Traversal (FG-IR-18-384)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13379"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:fortinet:fortios"], "id": "FORTIOS_FG-IR-18-384.NASL", "href": "https://www.tenable.com/plugins/nessus/125885", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125885);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2018-13379\");\n script_bugtraq_id(108693);\n script_xref(name:\"IAVA\", value:\"0001-A-0002-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-NCAS\", value:\"AA22-011A\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0020\");\n\n script_name(english:\"Fortinet FortiOS 5.4.6 <= 5.4.12 / 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN Directory Traversal (FG-IR-18-384)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by a directory traversal vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of FortiOS 5.4.6 prior or equal to 5.4.12, 5.6.3 prior to 5.6.8 or 6.0.x prior to\n6.0.5. It is, therefore, affected by a directory traversal vulnerability in the SSL VPN web portal, due to an improper\nlimitation of a pathname to a restricted Directory. An unauthenticated, remote attacker can exploit this, via a\nspecially crafted HTTP request, to download arbitrary FortiOS system files.\");\n # https://fortiguard.com/psirt/FG-IR-18-384\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fa8b8063\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Fortinet FortiOS version to 5.6.8, 6.0.5, 6.2.0 or later. Alternatively, apply one of the workarounds\noutlined in the linked advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-13379\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Fortinet FortiGate SSL VPN File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/14\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fortinet:fortios\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"fortinet_version.nbin\");\n script_require_keys(\"Host/Fortigate/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('vcf.inc');\ninclude('vcf_extras_fortios.inc');\n\napp_info = vcf::get_app_info(app:'FortiOS', kb_ver:'Host/Fortigate/version');\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvcf::fortios::verify_product_and_model(product_name:'FortiGate');\n\nconstraints = [\n { 'min_version' : '5.4.6', 'max_version' : '5.4.12', 'fixed_display' : '5.6.8, 6.0.5, 6.2.0 or later' },\n { 'min_version' : '5.6.3', 'fixed_version' : '5.6.8' },\n { 'min_version' : '6.0.0', 'fixed_version' : '6.0.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-01T16:04:11", "description": "The remote host is running a version of FortiOS 5.6.3 prior to 5.6.8 or 6.0.x prior to 6.0.5. It is, therefore, affected by a directory traversal vulnerability in the SSL VPN web portal, due to improper sanitization of path traversal characters in URLs. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP request, to download arbitrary FortiOS system files.", "cvss3": {}, "published": "2019-09-06T00:00:00", "type": "nessus", "title": "Fortinet FortiOS SSL VPN Directory Traversal Vulnerability (FG-IR-18-384) (Direct Check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13379"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:fortinet:fortios"], "id": "FORTIOS_FG-IR-18-384_DIRECT.NASL", "href": "https://www.tenable.com/plugins/nessus/128552", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128552);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2018-13379\");\n script_bugtraq_id(108693);\n script_xref(name:\"IAVA\", value:\"0001-A-0002-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-NCAS\", value:\"AA22-011A\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0020\");\n\n script_name(english:\"Fortinet FortiOS SSL VPN Directory Traversal Vulnerability (FG-IR-18-384) (Direct Check)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by a directory traversal vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of FortiOS 5.6.3 prior to 5.6.8 or 6.0.x prior to 6.0.5. It is, therefore,\naffected by a directory traversal vulnerability in the SSL VPN web portal, due to improper sanitization of path \ntraversal characters in URLs. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP \nrequest, to download arbitrary FortiOS system files.\");\n # https://fortiguard.com/psirt/FG-IR-18-384\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fa8b8063\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Fortinet FortiOS version to 5.6.8, 6.0.5, 6.2.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-13379\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Fortinet FortiGate SSL VPN File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fortinet:fortios\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 443);\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('http.inc');\ninclude('spad_log_func.inc');\n\nport = get_http_port(default:443);\nurl = '/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession';\n\nresponse = http_send_recv3(\n method:'GET',\n item:url,\n port:port,\n exit_on_fail:TRUE\n);\n\nspad_log(message:'Request: \\n' + http_last_sent_request() + '\\n');\nspad_log(message:'Response: \\n' + join(response) + '\\n');\n\nif ('200 OK' >!< response[0] || response[2] !~ 'var fgt_lang =') audit(AUDIT_HOST_NOT, 'affected');\n\nreport =\n '\\nNessus was able exploit this issue using the following URL :\\n' +\n '\\n' + build_url(port:port, qs:url) + '\\n' +\n '\\nThe string representation of the response from the target host was: ' + '\\n' + obj_rep(response[2]) + '\\n'; \nsecurity_report_v4(port:port, severity:SECURITY_WARNING, extra:report);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T15:42:50", "description": "The plugin was deprecated due to checking hosts for FortiClient instead of FortiOS. Use fortios_FG-IR-18-384.nasl (plugin ID 125885) instead.", "cvss3": {}, "published": "2019-06-14T00:00:00", "type": "nessus", "title": "Fortinet FortiOS (Mac OS X) 5.4.6 <= 5.4.12 / 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN Directory Traversal (FG-IR-18-384) (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13379"], "modified": "2022-02-25T00:00:00", "cpe": ["cpe:/o:fortinet:fortios"], "id": "MACOSX_FORTIOS_FG-IR-18-384.NASL", "href": "https://www.tenable.com/plugins/nessus/125891", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2020/11/18. Deprecated by fortios_FG-IR-18-384.nasl\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125891);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/25\");\n\n script_cve_id(\"CVE-2018-13379\");\n script_bugtraq_id(108693);\n script_xref(name:\"IAVA\", value:\"0001-A-0002-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-NCAS\", value:\"AA22-011A\");\n\n script_name(english:\"Fortinet FortiOS (Mac OS X) 5.4.6 <= 5.4.12 / 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN Directory Traversal (FG-IR-18-384) (deprecated)\");\n script_summary(english:\"Checks the version of FortiOS.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"The plugin was deprecated due to checking hosts for FortiClient instead of FortiOS. Use fortios_FG-IR-18-384.nasl\n(plugin ID 125885) instead.\");\n # https://fortiguard.com/psirt/FG-IR-18-384\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fa8b8063\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-13379\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Fortinet FortiGate SSL VPN File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/14\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fortinet:fortios\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macos_forticlient_detect.nbin\");\n script_require_keys(\"installed_sw/FortiClient (macOS)\", \"Host/MacOSX/Version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\nexit(0, 'This plugin has been deprecated. Use fortios_FG-IR-18-384.nasl (plugin ID 125885) instead.');\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:37:39", "description": "The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7790 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-12T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : bind (ALSA-2022:7790)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2022-11-29T00:00:00", "cpe": ["p-cpe:/a:alma:linux:bind", "p-cpe:/a:alma:linux:bind-chroot", "p-cpe:/a:alma:linux:bind-devel", "p-cpe:/a:alma:linux:bind-export-devel", "p-cpe:/a:alma:linux:bind-export-libs", "p-cpe:/a:alma:linux:bind-libs", "p-cpe:/a:alma:linux:bind-libs-lite", "p-cpe:/a:alma:linux:bind-license", "p-cpe:/a:alma:linux:bind-lite-devel", "p-cpe:/a:alma:linux:bind-pkcs11", "p-cpe:/a:alma:linux:bind-pkcs11-devel", "p-cpe:/a:alma:linux:bind-pkcs11-libs", "p-cpe:/a:alma:linux:bind-pkcs11-utils", "p-cpe:/a:alma:linux:bind-sdb", "p-cpe:/a:alma:linux:bind-sdb-chroot", "p-cpe:/a:alma:linux:bind-utils", "p-cpe:/a:alma:linux:python3-bind", "cpe:/o:alma:linux:8", "cpe:/o:alma:linux:8::appstream", "cpe:/o:alma:linux:8::baseos"], "id": "ALMA_LINUX_ALSA-2022-7790.NASL", "href": "https://www.tenable.com/plugins/nessus/167306", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:7790.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167306);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\"CVE-2021-25220\");\n script_xref(name:\"ALSA\", value:\"2022:7790\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"AlmaLinux 8 : bind (ALSA-2022:7790)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the\nALSA-2022:7790 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-7790.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-export-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-export-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-sdb-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::baseos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'bind-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-devel-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-libs-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-lite-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-license-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-lite-devel-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-devel-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-libs-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-utils-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-chroot-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chroot / bind-devel / bind-export-devel / bind-export-libs / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:35:37", "description": "According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-10-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : bind (EulerOS-SA-2022-2545)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2022-11-29T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bind", "p-cpe:/a:huawei:euleros:bind-chroot", "p-cpe:/a:huawei:euleros:bind-export-devel", "p-cpe:/a:huawei:euleros:bind-export-libs", "p-cpe:/a:huawei:euleros:bind-libs", "p-cpe:/a:huawei:euleros:bind-libs-lite", "p-cpe:/a:huawei:euleros:bind-license", "p-cpe:/a:huawei:euleros:bind-pkcs11", "p-cpe:/a:huawei:euleros:bind-pkcs11-libs", "p-cpe:/a:huawei:euleros:bind-pkcs11-utils", "p-cpe:/a:huawei:euleros:bind-utils", "p-cpe:/a:huawei:euleros:python3-bind", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2022-2545.NASL", "href": "https://www.tenable.com/plugins/nessus/165935", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165935);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\"CVE-2021-25220\");\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : bind (EulerOS-SA-2022-2545)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2545\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?83b01a30\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-export-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-export-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bind-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-chroot-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-export-devel-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-export-libs-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-libs-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-libs-lite-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-license-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-pkcs11-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-pkcs11-libs-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-pkcs11-utils-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-utils-9.11.4-10.P2.h29.eulerosv2r8\",\n \"python3-bind-9.11.4-10.P2.h29.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:37", "description": "According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-06-22T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : bind (EulerOS-SA-2022-1922)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2022-12-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bind", "p-cpe:/a:huawei:euleros:bind-chroot", "p-cpe:/a:huawei:euleros:bind-export-devel", "p-cpe:/a:huawei:euleros:bind-export-libs", "p-cpe:/a:huawei:euleros:bind-libs", "p-cpe:/a:huawei:euleros:bind-libs-lite", "p-cpe:/a:huawei:euleros:bind-license", "p-cpe:/a:huawei:euleros:bind-pkcs11", "p-cpe:/a:huawei:euleros:bind-pkcs11-libs", "p-cpe:/a:huawei:euleros:bind-pkcs11-utils", "p-cpe:/a:huawei:euleros:bind-utils", "p-cpe:/a:huawei:euleros:python3-bind", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1922.NASL", "href": "https://www.tenable.com/plugins/nessus/162430", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162430);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/09\");\n\n script_cve_id(\"CVE-2021-25220\");\n\n script_name(english:\"EulerOS 2.0 SP8 : bind (EulerOS-SA-2022-1922)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1922\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dc107a1c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-export-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-export-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bind-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-chroot-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-export-devel-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-export-libs-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-libs-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-libs-lite-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-license-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-pkcs11-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-pkcs11-libs-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-pkcs11-utils-9.11.4-10.P2.h29.eulerosv2r8\",\n \"bind-utils-9.11.4-10.P2.h29.eulerosv2r8\",\n \"python3-bind-9.11.4-10.P2.h29.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:30:53", "description": "According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-06-15T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : bind (EulerOS-SA-2022-1833)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2022-12-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bind", "p-cpe:/a:huawei:euleros:bind-chroot", "p-cpe:/a:huawei:euleros:bind-export-libs", "p-cpe:/a:huawei:euleros:bind-libs", "p-cpe:/a:huawei:euleros:bind-libs-lite", "p-cpe:/a:huawei:euleros:bind-pkcs11", "p-cpe:/a:huawei:euleros:bind-utils", "p-cpe:/a:huawei:euleros:python3-bind", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1833.NASL", "href": "https://www.tenable.com/plugins/nessus/162280", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162280);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/09\");\n\n script_cve_id(\"CVE-2021-25220\");\n\n script_name(english:\"EulerOS 2.0 SP9 : bind (EulerOS-SA-2022-1833)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1833\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?765ce3b1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-export-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bind-9.11.4-17.h16.eulerosv2r9\",\n \"bind-chroot-9.11.4-17.h16.eulerosv2r9\",\n \"bind-export-libs-9.11.4-17.h16.eulerosv2r9\",\n \"bind-libs-9.11.4-17.h16.eulerosv2r9\",\n \"bind-libs-lite-9.11.4-17.h16.eulerosv2r9\",\n \"bind-pkcs11-9.11.4-17.h16.eulerosv2r9\",\n \"bind-utils-9.11.4-17.h16.eulerosv2r9\",\n \"python3-bind-9.11.4-17.h16.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:34:51", "description": "The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8385 advisory.\n\n - bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-15T00:00:00", "type": "nessus", "title": "RHEL 9 : dhcp (RHSA-2022:8385)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:9.2", "cpe:/o:redhat:rhel_e4s:9.2", "cpe:/o:redhat:rhel_eus:9.2", "p-cpe:/a:redhat:enterprise_linux:dhcp-client", "p-cpe:/a:redhat:enterprise_linux:dhcp-common", "p-cpe:/a:redhat:enterprise_linux:dhcp-relay", "p-cpe:/a:redhat:enterprise_linux:dhcp-server", "cpe:/o:redhat:enterprise_linux:9"], "id": "REDHAT-RHSA-2022-8385.NASL", "href": "https://www.tenable.com/plugins/nessus/167567", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:8385. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167567);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2021-25220\");\n script_xref(name:\"RHSA\", value:\"2022:8385\");\n\n script_name(english:\"RHEL 9 : dhcp (RHSA-2022:8385)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:8385 advisory.\n\n - bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-25220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:8385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064512\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-server\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel9/9.2/x86_64/appstream/debug',\n 'content/aus/rhel9/9.2/x86_64/appstream/os',\n 'content/aus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel9/9.2/x86_64/baseos/debug',\n 'content/aus/rhel9/9.2/x86_64/baseos/os',\n 'content/aus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/appstream/debug',\n 'content/e4s/rhel9/9.2/aarch64/appstream/os',\n 'content/e4s/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/baseos/debug',\n 'content/e4s/rhel9/9.2/aarch64/baseos/os',\n 'content/e4s/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/debug',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/os',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/appstream/debug',\n 'content/e4s/rhel9/9.2/s390x/appstream/os',\n 'content/e4s/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/baseos/debug',\n 'content/e4s/rhel9/9.2/s390x/baseos/os',\n 'content/e4s/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/highavailability/debug',\n 'content/e4s/rhel9/9.2/s390x/highavailability/os',\n 'content/e4s/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/os',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/sap/debug',\n 'content/e4s/rhel9/9.2/s390x/sap/os',\n 'content/e4s/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.2/x86_64/appstream/os',\n 'content/e4s/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.2/x86_64/baseos/os',\n 'content/e4s/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap/os',\n 'content/e4s/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/appstream/debug',\n 'content/eus/rhel9/9.2/aarch64/appstream/os',\n 'content/eus/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/baseos/debug',\n 'content/eus/rhel9/9.2/aarch64/baseos/os',\n 'content/eus/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/os',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/highavailability/debug',\n 'content/eus/rhel9/9.2/aarch64/highavailability/os',\n 'content/eus/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/supplementary/debug',\n 'content/eus/rhel9/9.2/aarch64/supplementary/os',\n 'content/eus/rhel9/9.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.2/ppc64le/appstream/os',\n 'content/eus/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.2/ppc64le/baseos/os',\n 'content/eus/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap/os',\n 'content/eus/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/appstream/debug',\n 'content/eus/rhel9/9.2/s390x/appstream/os',\n 'content/eus/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/baseos/debug',\n 'content/eus/rhel9/9.2/s390x/baseos/os',\n 'content/eus/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/debug',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/os',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/highavailability/debug',\n 'content/eus/rhel9/9.2/s390x/highavailability/os',\n 'content/eus/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/os',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/sap/debug',\n 'content/eus/rhel9/9.2/s390x/sap/os',\n 'content/eus/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/supplementary/debug',\n 'content/eus/rhel9/9.2/s390x/supplementary/os',\n 'content/eus/rhel9/9.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/appstream/debug',\n 'content/eus/rhel9/9.2/x86_64/appstream/os',\n 'content/eus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/baseos/debug',\n 'content/eus/rhel9/9.2/x86_64/baseos/os',\n 'content/eus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.2/x86_64/highavailability/os',\n 'content/eus/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap/debug',\n 'content/eus/rhel9/9.2/x86_64/sap/os',\n 'content/eus/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.2/x86_64/supplementary/os',\n 'content/eus/rhel9/9.2/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'dhcp-client-4.4.2-17.b1.el9', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'12'},\n {'reference':'dhcp-common-4.4.2-17.b1.el9', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'12'},\n {'reference':'dhcp-relay-4.4.2-17.b1.el9', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'12'},\n {'reference':'dhcp-server-4.4.2-17.b1.el9', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'12'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/aarch64/appstream/debug',\n 'content/dist/rhel9/9/aarch64/appstream/os',\n 'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/baseos/debug',\n 'content/dist/rhel9/9/aarch64/baseos/os',\n 'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/codeready-builder/debug',\n 'content/dist/rhel9/9/aarch64/codeready-builder/os',\n 'content/dist/rhel9/9/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/highavailability/debug',\n 'content/dist/rhel9/9/aarch64/highavailability/os',\n 'content/dist/rhel9/9/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/supplementary/debug',\n 'content/dist/rhel9/9/aarch64/supplementary/os',\n 'content/dist/rhel9/9/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/appstream/debug',\n 'content/dist/rhel9/9/ppc64le/appstream/os',\n 'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/baseos/debug',\n 'content/dist/rhel9/9/ppc64le/baseos/os',\n 'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/debug',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/os',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/highavailability/debug',\n 'content/dist/rhel9/9/ppc64le/highavailability/os',\n 'content/dist/rhel9/9/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/debug',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/os',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/debug',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/os',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap/debug',\n 'content/dist/rhel9/9/ppc64le/sap/os',\n 'content/dist/rhel9/9/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/supplementary/debug',\n 'content/dist/rhel9/9/ppc64le/supplementary/os',\n 'content/dist/rhel9/9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/s390x/appstream/debug',\n 'content/dist/rhel9/9/s390x/appstream/os',\n 'content/dist/rhel9/9/s390x/appstream/source/SRPMS',\n 'content/dist/rhel9/9/s390x/baseos/debug',\n 'content/dist/rhel9/9/s390x/baseos/os',\n 'content/dist/rhel9/9/s390x/baseos/source/SRPMS',\n 'content/dist/rhel9/9/s390x/codeready-builder/debug',\n 'content/dist/rhel9/9/s390x/codeready-builder/os',\n 'content/dist/rhel9/9/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/s390x/highavailability/debug',\n 'content/dist/rhel9/9/s390x/highavailability/os',\n 'content/dist/rhel9/9/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/s390x/resilientstorage/debug',\n 'content/dist/rhel9/9/s390x/resilientstorage/os',\n 'content/dist/rhel9/9/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/s390x/sap/debug',\n 'content/dist/rhel9/9/s390x/sap/os',\n 'content/dist/rhel9/9/s390x/sap/source/SRPMS',\n 'content/dist/rhel9/9/s390x/supplementary/debug',\n 'content/dist/rhel9/9/s390x/supplementary/os',\n 'content/dist/rhel9/9/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'dhcp-client-4.4.2-17.b1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'12'},\n {'reference':'dhcp-common-4.4.2-17.b1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'12'},\n {'reference':'dhcp-relay-4.4.2-17.b1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'12'},\n {'reference':'dhcp-server-4.4.2-17.b1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'12'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dhcp-client / dhcp-common / dhcp-relay / dhcp-server');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:58:28", "description": "The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0945-1 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-25T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2022:0945-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libdns1605", "p-cpe:/a:novell:suse_linux:libirs-devel", "p-cpe:/a:novell:suse_linux:libirs1601", "p-cpe:/a:novell:suse_linux:libisc1606", "p-cpe:/a:novell:suse_linux:libisccc1600", "p-cpe:/a:novell:suse_linux:libisccfg1600", "p-cpe:/a:novell:suse_linux:libns1604", "p-cpe:/a:novell:suse_linux:python3-bind", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:bind", "p-cpe:/a:novell:suse_linux:bind-chrootenv", "p-cpe:/a:novell:suse_linux:bind-devel", "p-cpe:/a:novell:suse_linux:bind-doc", "p-cpe:/a:novell:suse_linux:bind-utils", "p-cpe:/a:novell:suse_linux:libbind9-1600"], "id": "SUSE_SU-2022-0945-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159231", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0945-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159231);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2021-25220\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0945-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2022:0945-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by a\nvulnerability as referenced in the SUSE-SU-2022:0945-1 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197135\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-25220\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-March/010511.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bf3b1da0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbind9-1600\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns1605\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libirs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libirs1601\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libisc1606\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libisccc1600\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libisccfg1600\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libns1604\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLED_SAP15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED_SAP15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP3/4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'bind-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'bind-chrootenv-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'bind-devel-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'bind-devel-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'bind-doc-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'bind-utils-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'bind-utils-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libbind9-1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libbind9-1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libdns1605-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libdns1605-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libirs-devel-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libirs-devel-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libirs1601-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libirs1601-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libisc1606-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libisc1606-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libisccc1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libisccc1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libisccfg1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libisccfg1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libns1604-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'libns1604-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'python3-bind-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'python3-bind-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'bind-chrootenv-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'bind-devel-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'bind-devel-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libbind9-1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libbind9-1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libdns1605-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libdns1605-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libirs-devel-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libirs-devel-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libirs1601-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libirs1601-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libisc1606-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libisc1606-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libisccc1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libisccc1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libisccfg1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libisccfg1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libns1604-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libns1604-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'bind-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-server-applications-release-15.3', 'sles-release-15.3']},\n {'reference':'bind-chrootenv-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-server-applications-release-15.3', 'sles-release-15.3']},\n {'reference':'bind-devel-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'bind-devel-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'bind-doc-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-server-applications-release-15.3', 'sles-release-15.3']},\n {'reference':'bind-utils-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'bind-utils-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libbind9-1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libbind9-1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libdns1605-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libdns1605-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libirs-devel-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libirs-devel-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libirs1601-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libirs1601-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libisc1606-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libisc1606-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libisccc1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libisccc1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libisccfg1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libisccfg1600-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libns1604-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libns1604-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'python3-bind-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'python3-bind-9.16.6-150300.22.16.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'bind-chrootenv-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-server-applications-release-15.4', 'sles-release-15.4']},\n {'reference':'bind-devel-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'bind-devel-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libbind9-1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libbind9-1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libdns1605-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libdns1605-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libirs-devel-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libirs-devel-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libirs1601-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libirs1601-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libisc1606-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libisc1606-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libisccc1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libisccc1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libisccfg1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libisccfg1600-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libns1604-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libns1604-9.16.6-150300.22.16.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:37:17", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7790 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-16T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : bind (ELSA-2022-7790)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2022-11-29T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-export-devel", "p-cpe:/a:oracle:linux:bind-export-libs", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-libs-lite", "p-cpe:/a:oracle:linux:bind-license", "p-cpe:/a:oracle:linux:bind-lite-devel", "p-cpe:/a:oracle:linux:bind-pkcs11", "p-cpe:/a:oracle:linux:bind-pkcs11-devel", "p-cpe:/a:oracle:linux:bind-pkcs11-libs", "p-cpe:/a:oracle:linux:bind-pkcs11-utils", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind-sdb-chroot", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:python3-bind"], "id": "ORACLELINUX_ELSA-2022-7790.NASL", "href": "https://www.tenable.com/plugins/nessus/167580", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-7790.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167580);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\"CVE-2021-25220\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"Oracle Linux 8 : bind (ELSA-2022-7790)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-7790 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-7790.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-export-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-export-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-bind\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'bind-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.11.36-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-devel-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-devel-9.11.36-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-devel-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-libs-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-libs-9.11.36-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-libs-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.11.36-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-lite-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-lite-9.11.36-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-lite-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-license-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-lite-devel-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-lite-devel-9.11.36-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-lite-devel-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-devel-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-devel-9.11.36-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-devel-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-libs-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-libs-9.11.36-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-libs-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-utils-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-utils-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-chroot-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-chroot-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.11.36-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.11.36-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind-9.11.36-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chroot / bind-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:53:30", "description": "The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5332-2 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-17T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM : Bind vulnerability (USN-5332-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2023-10-23T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "p-cpe:/a:canonical:ubuntu_linux:bind9", "p-cpe:/a:canonical:ubuntu_linux:bind9-host", "p-cpe:/a:canonical:ubuntu_linux:bind9utils", "p-cpe:/a:canonical:ubuntu_linux:dnsutils", "p-cpe:/a:canonical:ubuntu_linux:host", "p-cpe:/a:canonical:ubuntu_linux:libbind-dev", "p-cpe:/a:canonical:ubuntu_linux:libbind-export-dev", "p-cpe:/a:canonical:ubuntu_linux:libbind9-140", "p-cpe:/a:canonical:ubuntu_linux:libbind9-90", "p-cpe:/a:canonical:ubuntu_linux:libdns-export162", "p-cpe:/a:canonical:ubuntu_linux:libdns100", "p-cpe:/a:canonical:ubuntu_linux:libdns162", "p-cpe:/a:canonical:ubuntu_linux:libirs-export141", "p-cpe:/a:canonical:ubuntu_linux:libirs141", "p-cpe:/a:canonical:ubuntu_linux:libisc-export160", "p-cpe:/a:canonical:ubuntu_linux:libisc160", "p-cpe:/a:canonical:ubuntu_linux:libisc95", "p-cpe:/a:canonical:ubuntu_linux:libisccc-export140", "p-cpe:/a:canonical:ubuntu_linux:libisccc-export140-udeb", "p-cpe:/a:canonical:ubuntu_linux:libisccc140", "p-cpe:/a:canonical:ubuntu_linux:libisccc90", "p-cpe:/a:canonical:ubuntu_linux:libisccfg-export140", "p-cpe:/a:canonical:ubuntu_linux:libisccfg140", "p-cpe:/a:canonical:ubuntu_linux:libisccfg90", "p-cpe:/a:canonical:ubuntu_linux:liblwres141", "p-cpe:/a:canonical:ubuntu_linux:liblwres90", "p-cpe:/a:canonical:ubuntu_linux:lwresd"], "id": "UBUNTU_USN-5332-2.NASL", "href": "https://www.tenable.com/plugins/nessus/159020", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5332-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159020);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/23\");\n\n script_cve_id(\"CVE-2021-25220\");\n script_xref(name:\"USN\", value:\"5332-2\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"Ubuntu 16.04 ESM : Bind vulnerability (USN-5332-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the\nUSN-5332-2 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5332-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dnsutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind-export-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-140\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-90\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns-export162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns100\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libirs-export141\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libirs141\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc-export160\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc160\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc95\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc-export140\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc-export140-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc140\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc90\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg-export140\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg140\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg90\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres141\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres90\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lwresd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'bind9', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'bind9-host', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'bind9utils', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'dnsutils', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'host', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libbind-dev', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libbind-export-dev', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libbind9-140', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libdns-export162', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libdns162', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libirs-export141', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libirs141', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libisc-export160', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libisc160', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libisccc-export140', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libisccc-export140-udeb', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libisccc140', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libisccfg-export140', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'libisccfg140', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'liblwres141', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'},\n {'osver': '16.04', 'pkgname': 'lwresd', 'pkgver': '1:9.10.3.dfsg.P4-8ubuntu1.19+esm2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind9 / bind9-host / bind9utils / dnsutils / host / libbind-dev / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T11:19:16", "description": "The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7790 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-17T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : bind (RLSA-2022:7790)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:bind", "p-cpe:/a:rocky:linux:bind-chroot", "p-cpe:/a:rocky:linux:bind-debuginfo", "p-cpe:/a:rocky:linux:bind-debugsource", "p-cpe:/a:rocky:linux:bind-devel", "p-cpe:/a:rocky:linux:bind-export-devel", "p-cpe:/a:rocky:linux:bind-export-libs", "p-cpe:/a:rocky:linux:bind-export-libs-debuginfo", "p-cpe:/a:rocky:linux:bind-libs", "p-cpe:/a:rocky:linux:bind-libs-debuginfo", "p-cpe:/a:rocky:linux:bind-libs-lite", "p-cpe:/a:rocky:linux:bind-libs-lite-debuginfo", "p-cpe:/a:rocky:linux:bind-license", "p-cpe:/a:rocky:linux:bind-lite-devel", "p-cpe:/a:rocky:linux:bind-pkcs11", "p-cpe:/a:rocky:linux:bind-pkcs11-debuginfo", "p-cpe:/a:rocky:linux:bind-pkcs11-devel", "p-cpe:/a:rocky:linux:bind-pkcs11-libs", "p-cpe:/a:rocky:linux:bind-pkcs11-libs-debuginfo", "p-cpe:/a:rocky:linux:bind-pkcs11-utils", "p-cpe:/a:rocky:linux:bind-pkcs11-utils-debuginfo", "p-cpe:/a:rocky:linux:bind-sdb", "p-cpe:/a:rocky:linux:bind-sdb-chroot", "p-cpe:/a:rocky:linux:bind-sdb-debuginfo", "p-cpe:/a:rocky:linux:bind-utils", "p-cpe:/a:rocky:linux:bind-utils-debuginfo", "p-cpe:/a:rocky:linux:python3-bind", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-7790.NASL", "href": "https://www.tenable.com/plugins/nessus/167829", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:7790.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167829);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\"CVE-2021-25220\");\n script_xref(name:\"RLSA\", value:\"2022:7790\");\n\n script_name(english:\"Rocky Linux 8 : bind (RLSA-2022:7790)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nRLSA-2022:7790 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2064512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:7790\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-export-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-export-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-export-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-libs-lite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-pkcs11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-pkcs11-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-pkcs11-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-sdb-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-sdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'bind-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-chroot-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debuginfo-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debuginfo-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debuginfo-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debugsource-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debugsource-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-debugsource-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-devel-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-devel-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-devel-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-devel-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-libs-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-libs-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-libs-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-libs-debuginfo-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-libs-debuginfo-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-export-libs-debuginfo-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-debuginfo-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-debuginfo-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-debuginfo-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-lite-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-lite-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-lite-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-lite-debuginfo-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-lite-debuginfo-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-libs-lite-debuginfo-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-license-9.11.36-5.el8_7.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-lite-devel-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-lite-devel-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-lite-devel-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-debuginfo-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-debuginfo-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-devel-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-devel-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-devel-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-libs-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-libs-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-libs-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-libs-debuginfo-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-libs-debuginfo-9.11.36-5.el8_7.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-libs-debuginfo-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-utils-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-utils-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-utils-debuginfo-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-pkcs11-utils-debuginfo-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-chroot-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-chroot-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-debuginfo-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-sdb-debuginfo-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-debuginfo-9.11.36-5.el8_7.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'bind-utils-debuginfo-9.11.36-5.el8_7.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},\n {'reference':'python3-bind-9.11.36-5.el8_7.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chroot / bind-debuginfo / bind-debugsource / bind-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:33:46", "description": "According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-07-29T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : bind (EulerOS-SA-2022-2195)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2022-12-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bind", "p-cpe:/a:huawei:euleros:bind-chroot", "p-cpe:/a:huawei:euleros:bind-export-libs", "p-cpe:/a:huawei:euleros:bind-libs", "p-cpe:/a:huawei:euleros:bind-libs-lite", "p-cpe:/a:huawei:euleros:bind-pkcs11", "p-cpe:/a:huawei:euleros:bind-utils", "p-cpe:/a:huawei:euleros:python3-bind", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2022-2195.NASL", "href": "https://www.tenable.com/plugins/nessus/163609", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163609);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/08\");\n\n script_cve_id(\"CVE-2021-25220\");\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : bind (EulerOS-SA-2022-2195)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2195\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8395256b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-export-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bind-9.11.4-17.h16.eulerosv2r9\",\n \"bind-chroot-9.11.4-17.h16.eulerosv2r9\",\n \"bind-export-libs-9.11.4-17.h16.eulerosv2r9\",\n \"bind-libs-9.11.4-17.h16.eulerosv2r9\",\n \"bind-libs-lite-9.11.4-17.h16.eulerosv2r9\",\n \"bind-pkcs11-9.11.4-17.h16.eulerosv2r9\",\n \"bind-utils-9.11.4-17.h16.eulerosv2r9\",\n \"python3-bind-9.11.4-17.h16.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:59:31", "description": "The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0908-1 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-22T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : bind (SUSE-SU-2022:0908-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bind", "p-cpe:/a:novell:suse_linux:bind-chrootenv", "p-cpe:/a:novell:suse_linux:bind-devel", "p-cpe:/a:novell:suse_linux:bind-doc", "p-cpe:/a:novell:suse_linux:bind-utils", "p-cpe:/a:novell:suse_linux:libbind9-161", "p-cpe:/a:novell:suse_linux:libdns1110", "p-cpe:/a:novell:suse_linux:libirs161", "p-cpe:/a:novell:suse_linux:libisc1107", "p-cpe:/a:novell:suse_linux:libisc1107-32bit", "p-cpe:/a:novell:suse_linux:libisccc161", "p-cpe:/a:novell:suse_linux:libisccfg163", "p-cpe:/a:novell:suse_linux:liblwres161", "p-cpe:/a:novell:suse_linux:python-bind", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-0908-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159128", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0908-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159128);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2021-25220\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0908-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : bind (SUSE-SU-2022:0908-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced\nin the SUSE-SU-2022:0908-1 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197135\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-25220\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-March/010486.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cb46c572\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbind9-161\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdns1110\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libirs161\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libisc1107\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libisc1107-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libisccc161\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libisccfg163\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblwres161\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP4/5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'bind-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'bind-chrootenv-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'bind-doc-9.11.22-3.40.1', 'sp':'4', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'bind-utils-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libbind9-161-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libdns1110-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libirs161-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libisc1107-32bit-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libisc1107-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libisccc161-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libisccfg163-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'liblwres161-9.11.22-3.40.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'python-bind-9.11.22-3.40.1', 'sp':'4', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'bind-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'bind-chrootenv-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'bind-devel-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'bind-doc-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'bind-utils-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libbind9-161-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libdns1110-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libirs161-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libisc1107-32bit-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libisc1107-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libisccc161-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libisccfg163-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'liblwres161-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'python-bind-9.11.22-3.40.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'bind-devel-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'bind-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'bind-chrootenv-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'bind-doc-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'bind-utils-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libbind9-161-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libdns1110-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libirs161-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libisc1107-32bit-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libisc1107-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libisccc161-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libisccfg163-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'liblwres161-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'python-bind-9.11.22-3.40.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'bind-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'bind-chrootenv-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'bind-doc-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'bind-utils-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libbind9-161-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libdns1110-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libirs161-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libisc1107-32bit-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libisc1107-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libisccc161-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libisccfg163-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'liblwres161-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'python-bind-9.11.22-3.40.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-15T14:52:10", "description": "The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1616-1 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-01T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : bind (SUSE-SU-2022:1616-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bind", "p-cpe:/a:novell:suse_linux:bind-chrootenv", "p-cpe:/a:novell:suse_linux:bind-doc", "p-cpe:/a:novell:suse_linux:bind-libs", "p-cpe:/a:novell:suse_linux:bind-libs-32bit", "p-cpe:/a:novell:suse_linux:bind-utils", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-1616-1.NASL", "href": "https://www.tenable.com/plugins/nessus/161741", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:1616-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161741);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2021-25220\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:1616-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : bind (SUSE-SU-2022:1616-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced\nin the SUSE-SU-2022:1616-1 advisory.\n\n - BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->\n 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including\n Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.\n The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,\n which might also result in false information being returned to clients. (CVE-2021-25220)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197135\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-25220\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-May/011206.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ad2993e7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'bind-9.9.9P1-63.34.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'bind-chrootenv-9.9.9P1-63.34.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'bind-doc-9.9.9P1-63.34.1', 'sp':'3', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'bind-libs-32bit-9.9.9P1-63.34.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'bind-libs-9.9.9P1-63.34.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'bind-utils-9.9.9P1-63.34.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'bind-9.9.9P1-63.34.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'bind-chrootenv-9.9.9P1-63.34.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'bind-doc-9.9.9P1-63.34.1', 'sp':'2', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'bind-libs-32bit-9.9.9P1-63.34.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'bind-libs-9.9.9P1-63.34.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'bind-utils-9.9.9P1-63.34.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'bind-9.9.9P1-63.34.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-9.9.9P1-63.34.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-chrootenv-9.9.9P1-63.34.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-chrootenv-9.9.9P1-63.34.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-doc-9.9.9P1-63.34.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-doc-9.9.9P1-63.34.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-libs-32bit-9.9.9P1-63.34.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-libs-32bit-9.9.9P1-63.34.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-libs-9.9.9P1-63.34.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-libs-9.9.9P1-63.34.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-utils-9.9.9P1-63.34.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'bind-utils-9.9.9P1-63.34.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chrootenv / bind-doc / bind-libs / bind-libs-32bit / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:16:04", "description": "The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-25220 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "ISC BIND 9.11.0 < 9.11.37 / 9.11.4-S1 < 9.11.37-S1 / 9.12.0 < 9.16.27 / 9.16.8-S1 < 9.16.27-S1 / 9.17.0 < 9.18.1 Vulnerability (CVE-2021-25220)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-25220"], "modified": "2022-12-12T00:00:00", "cpe": ["cpe:/a:isc:bind"], "id": "BIND9_CVE-2021-25220.NASL", "href": "https://www.tenable.com/plugins/nessus/159110", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159110);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/12\");\n\n script_cve_id(\"CVE-2021-25220\");\n script_xref(name:\"IAVA\", value:\"2022-A-0122-S\");\n\n script_name(english:\"ISC BIND 9.11.0 < 9.11.37 / 9.11.4-S1 < 9.11.37-S1 / 9.12.0 < 9.16.27 / 9.16.8-S1 < 9.16.27-S1 / 9.17.0 < 9.18.1 Vulnerability (CVE-2021-25220)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server is affected by a vulnerability vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a\nvulnerability as referenced in the CVE-2021-25220 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.isc.org/v1/docs/CVE-2021-25220\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to ISC BIND version 9.11.37 / 9.11.37-S1 / 9.16.27 / 9.16.27-S1 / 9.18.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-25220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:bind\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"DNS\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"bind_version.nasl\");\n script_require_keys(\"bind/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvcf::bind::initialize();\n\nvar app_info = vcf::get_app_info(app:'BIND', port:53, kb_ver:'bind/version', service:TRUE, proto:'UDP');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar constraints = [\n { 'min_version' : '9.11.0', 'max_version' : '9.11.36', 'fixed_version' : '9.11.37' },\n { 'min_version' : '9.11.4-S1', 'max_version' : '9.11.36-S1', 'fixed_version' : '9.11.37-S1' },\n { 'min_version' : '9.12.0', 'max_version' : '9.16.26', 'fixed_version' : '9.16.27' },\n { 'min_version' : '9.16.8-S1', 'max_version' : '9.16.26-S1', 'fixed_version' : '9.16.27-S1' },\n { 'min_version' : '9.17.0', 'max_version' : '9.18.0', 'fixed_version' : '9.18.1' }\n];\nconstraints = vcf::bind::filter_constraints(constraints:constraints, version:app_info.version);\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "freebsd": [{"lastseen": "2023-12-02T16:48:23", "description": "\n\nChrome Releases reports:\n\nThis release contains 11 security fixes, including:\n\n[1299422] Critical CVE-2022-0971: Use after free in Blink\n\t Layout. Reported by Sergei Glazunov of Google Project Zero on\n\t 2022-02-21\n[1301320] High CVE-2022-0972: Use after free in Extensions.\n\t Reported by Sergei Glazunov of Google Project Zero on\n\t 2022-02-28\n[1297498] High CVE-2022-0973: Use after free in Safe Browsing.\n\t Reported by avaue and Buff3tts at S.S.L. on 2022-02-15\n[1291986] High CVE-2022-0974: Use after free in Splitscreen.\n\t Reported by @ginggilBesel on 2022-01-28\n[1295411] High CVE-2022-0975: Use after free in ANGLE. Reported\n\t by SeongHwan Park (SeHwa) on 2022-02-09\n[1296866] High CVE-2022-0976: Heap buffer overflow in GPU.\n\t Reported by Omair on 2022-02-13\n[1299225] High CVE-2022-0977: Use after free in Browser UI.\n\t Reported by Khalil Zhani on 2022-02-20\n[1299264] High CVE-2022-0978: Use after free in ANGLE. Reported\n\t by Cassidy Kim of Amber Security Lab, OPPO Mobile\n\t Telecommunications Corp. Ltd. on 2022-02-20\n[1302644] High CVE-2022-0979: Use after free in Safe Browsing.\n\t Reported by anonymous on 2022-03-03\n[1302157] Medium CVE-2022-0980: Use after free in New Tab Page.\n\t Reported by Krace on 2022-03-02\n\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-15T00:00:00", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2022-03-15T00:00:00", "id": "857BE71A-A4B0-11EC-95FC-3065EC8FD3EC", "href": "https://vuxml.freebsd.org/freebsd/857be71a-a4b0-11ec-95fc-3065ec8fd3ec.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2022-11-06T10:39:22", "description": "An update that fixes 10 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Update to version 99.0.4844.74 (boo#1197163)\n\n * CVE-2022-0971: Use after free in Blink Layout\n * CVE-2022-0972: Use after free in Extensions\n * CVE-2022-0973: Use after free in Safe Browsing\n * CVE-2022-0974: Use after free in Splitscreen\n * CVE-2022-0975: Use after free in ANGLE\n * CVE-2022-0976: Heap buffer overflow in GPU\n * CVE-2022-0977: Use after free in Browser UI\n * CVE-2022-0978: Use after free in ANGLE\n * CVE-2022-0979: Use after free in Safe Browsing\n * CVE-2022-0980: Use after free in New Tab Page\n * Various fixes from internal audits, fuzzing and other initiatives\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP3:\n\n zypper in -t patch openSUSE-2022-85=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-20T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2022-03-20T00:00:00", "id": "OPENSUSE-SU-2022:0085-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4Z4LLOJXXGP4GXUSNG4BEUSYEPI3FBAL/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-08T06:09:37", "description": "An update that solves three vulnerabilities, contains one\n feature and has two fixes is now available.\n\nDescription:\n\n This update for bind fixes the following issues:\n\n - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely\n degrade resolver performance (bsc#1192146).\n - CVE-2021-25220: Fixed potentially incorrect answers by cached forwarders\n (bsc#1197135).\n - CVE-2022-0396: Fixed a incorrect handling of TCP connection slots time\n frame leading to deny of service (bsc#1197136).\n\n The following non-security bugs were fixed:\n\n - Update to release 9.16.31 (jsc#SLE-24600).\n - Logrotation broken since dropping chroot (bsc#1200685).\n - A non-existent initialization script (eg a leftorver\n \"createNamedConfInclude\" in /etc/sysconfig/named) may cause named not to\n start. A warning message is printed in named.prep and the fact is\n ignored. Also, the return value of a failed script was not handled\n properly causing a failed script to not prevent named to start. This is\n now fixed properly. [bsc#1199044, vendor-files.tar.bz2]\n\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-2713=1\n\n - SUSE Linux Enterprise Module for Server Applications 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-2713=1\n\n - SUSE Linux Enterprise Module for Basesystem 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2713=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-08-09T00:00:00", "type": "suse", "title": "Security update for bind (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25219", "CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-08-09T00:00:00", "id": "SUSE-SU-2022:2713-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UJ3Z2QLCJURVX25KNGOCILMX6PWMBZK5/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2023-12-02T20:47:31", "description": "The chromium-browser-stable package has been updated to the 99.0.4844.74 version that fixes multiples security vulnerabilities. [1299422] Critical CVE-2022-0971: Use after free in Blink Layout. [1301320] High CVE-2022-0972: Use after free in Extensions. [1297498] High CVE-2022-0973: Use after free in Safe Browsing. [1291986] High CVE-2022-0974 : Use after free in Splitscreen. [1295411] High CVE-2022-0975: Use after free in ANGLE. [1296866] High CVE-2022-0976: Heap buffer overflow in GPU. [1299225] High CVE-2022-0977: Use after free in Browser UI. [1299264] High CVE-2022-0978: Use after free in ANGLE. [1302644] High CVE-2022-0979: Use after free in Safe Browsing. [1302157] Medium CVE-2022-0980: Use after free in New Tab Page. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-21T23:18:30", "type": "mageia", "title": "Updated chromium-browser-stable packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2022-03-21T23:18:30", "id": "MGASA-2022-0107", "href": "https://advisories.mageia.org/MGASA-2022-0107.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-02T20:47:31", "description": "DNS forwarders - cache poisoning vulnerability. (CVE-2021-25220) \n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-03-21T23:18:30", "type": "mageia", "title": "Updated bind packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-03-21T23:18:30", "id": "MGASA-2022-0108", "href": "https://advisories.mageia.org/MGASA-2022-0108.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "chrome": [{"lastseen": "2023-12-02T20:11:59", "description": "The Stable channel has been updated to 99.0.4844.74 for Windows, Mac and Linux which will roll out over the coming days/weeks. \n\nA full list of changes in this build is available in the [log](<https://chromium.googlesource.com/chromium/src/+log/99.0.4844.51..99.0.4844.74?pretty=fuller&n=10000>). Interested in switching release channels? Find out how [here](<https://www.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<https://crbug.com/>). The [community help forum](<https://productforums.google.com/forum/#!forum/chrome>) is also a great place to reach out for help or learn about common issues.\n\n\n\n\nSecurity Fixes and Rewards\n\n\nNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed. \n\nThis update includes [11](<https://bugs.chromium.org/p/chromium/issues/list?can=1&q=type%3Abug-security+os%3DAndroid%2Cios%2Clinux%2Cmac%2Cwindows%2Call%2Cchrome+label%3ARelease-1-M99>) security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the [Chrome Security Page](<https://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more information. \n\n\n\n\n[$NA][[1299422](<https://crbug.com/1299422>)] Critical CVE-2022-0971: Use after free in Blink Layout. Reported by Sergei Glazunov of Google Project Zero on 2022-02-21 \n\n[$NA][[1301320](<https://crbug.com/1301320>)] High CVE-2022-0972: Use after free in Extensions. Reported by Sergei Glazunov of Google Project Zero on 2022-02-28 \n\n[$15000][[1297498](<https://crbug.com/1297498>)] High CVE-2022-0973: Use after free in Safe Browsing. Reported by avaue and Buff3tts at S.S.L. on 2022-02-15 \n\n[$7000][[1291986](<https://crbug.com/1291986>)] High CVE-2022-0974 : Use after free in Splitscreen. Reported by @ginggilBesel on 2022-01-28 \n\n[$7000][[1295411](<https://crbug.com/1295411>)] High CVE-2022-0975: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-02-09 \n\n[$7000][[1296866](<https://crbug.com/1296866>)] High CVE-2022-0976: Heap buffer overflow in GPU. Reported by Omair on 2022-02-13 \n\n[$3000][[1299225](<https://crbug.com/1299225>)] High CVE-2022-0977: Use after free in Browser UI. Reported by Khalil Zhani on 2022-02-20 \n\n[$TBD][[1299264](<https://crbug.com/1299264>)] High CVE-2022-0978: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-20 \n\n[$TBD][[1302644](<https://crbug.com/1302644>)] High CVE-2022-0979: Use after free in Safe Browsing. Reported by anonymous on 2022-03-03 \n\n[$TBD][[1302157](<https://crbug.com/1302157>)] Medium CVE-2022-0980: Use after free in New Tab Page. Reported by Krace on 2022-03-02 \n\n\nWe would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. \n\n\n\nAs usual, our ongoing internal security work was responsible for a wide range of fixes: \n[[1305655](<https://crbug.com/1305655>)] Various fixes from internal audits, fuzzing and other initiatives \n\nMany of our security bugs are detected using [AddressSanitizer](<https://code.google.com/p/address-sanitizer/wiki/AddressSanitizer>), [MemorySanitizer](<https://code.google.com/p/memory-sanitizer/wiki/MemorySanitizer>), [UndefinedBehaviorSanitizer](<https://www.chromium.org/developers/testing/undefinedbehaviorsanitizer>), [Control Flow Integrity](<https://sites.google.com/a/chromium.org/dev/developers/testing/control-flow-integrity>), [libFuzzer](<https://sites.google.com/a/chromium.org/dev/developers/testing/libfuzzer>), or [AFL](<https://github.com/google/afl>).\n\nInterested in switching release channels? Find out how [here](<https://www.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<https://crbug.com/>). The [community help forum](<https://productforums.google.com/forum/#!forum/chrome>) is also a great place to reach out for help or learn about common issues.\n\n\n\n\n\nPrudhvikumar Bommana\n\nGoogle Chrome", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-15T00:00:00", "type": "chrome", "title": "Stable Channel Update for Desktop", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2022-03-15T00:00:00", "id": "GCSA-7849219922267498677", "href": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2023-12-02T15:37:08", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5104-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 18, 2022 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium\nCVE ID : CVE-2022-0971 CVE-2022-0972 CVE-2022-0973 CVE-2022-0974 \n CVE-2022-0975 CVE-2022-0976 CVE-2022-0977 CVE-2022-0978 \n CVE-2022-0979 CVE-2022-0980\n\nMultiple security issues were discovered in Chromium, which\ncould result in the execution of arbitrary code, denial of service\nor information disclosure.\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 99.0.4844.74-1~deb11u1.\n\nWe recommend that you upgrade your chromium packages.\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-18T18:56:05", "type": "debian", "title": "[SECURITY] [DSA 5104-1] chromium security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2022-03-18T18:56:05", "id": "DEBIAN:DSA-5104-1:FCFAF", "href": "https://lists.debian.org/debian-security-announce/2022/msg00072.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-02T15:37:05", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5105-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 18, 2022 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bind9\nCVE ID : CVE-2021-25220 CVE-2022-0396\n\nTwo vulnerabilities were found in the BIND DNS server, which could\nresult in denial of service or cache poisoning.\n\nFor the oldstable distribution (buster), this problem has been fixed\nin version 1:9.11.5.P4+dfsg-5.1+deb10u7.\n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 1:9.16.27-1~deb11u1.\n\nWe recommend that you upgrade your bind9 packages.\n\nFor the detailed security status of bind9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/bind9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-03-18T19:03:00", "type": "debian", "title": "[SECURITY] [DSA 5105-1] bind9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-03-18T19:03:00", "id": "DEBIAN:DSA-5105-1:A867B", "href": "https://lists.debian.org/debian-security-announce/2022/msg00073.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T15:29:51", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2955-2 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Markus Koschany\nMarch 19, 2022 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : bind9\nVersion : 1:9.10.3.dfsg.P4-12.3+deb9u12\nCVE ID : CVE-2021-25220\nDebian Bug : 1007945\n\nThe security update announced as DLA 2955-1 caused a regression in named due to\nan incomplete fix for CVE-2021-25220 when the Forwarders option was configured.\nUpdated bind9 packages are now available to correct this issue.\n\nFor Debian 9 stretch, this problem has been fixed in version\n1:9.10.3.dfsg.P4-12.3+deb9u12.\n\nWe recommend that you upgrade your bind9 packages.\n\nFor the detailed security status of bind9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/bind9\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-03-19T16:30:57", "type": "debian", "title": "[SECURITY] [DLA 2955-2] bind9 regression update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-03-19T16:30:57", "id": "DEBIAN:DLA-2955-2:CDB18", "href": "https://lists.debian.org/debian-lts-announce/2022/03/msg00027.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "kaspersky": [{"lastseen": "2023-12-02T19:29:03", "description": "### *Detect date*:\n03/15/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.\n\n### *Affected products*:\nGoogle Chrome earlier than 99.0.4844.74\n\n### *Solution*:\nUpdate to the latest version \n[Download Google Chrome](<https://www.google.com/chrome/>)\n\n### *Original advisories*:\n[Stable Channel Update for Desktop](<https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2022-0972](<https://vulners.com/cve/CVE-2022-0972>)5.0Warning \n[CVE-2022-0975](<https://vulners.com/cve/CVE-2022-0975>)5.0Warning \n[CVE-2022-0976](<https://vulners.com/cve/CVE-2022-0976>)5.0Warning \n[CVE-2022-0973](<https://vulners.com/cve/CVE-2022-0973>)5.0Warning \n[CVE-2022-0980](<https://vulners.com/cve/CVE-2022-0980>)5.0Warning \n[CVE-2022-0978](<https://vulners.com/cve/CVE-2022-0978>)5.0Warning \n[CVE-2022-0977](<https://vulners.com/cve/CVE-2022-0977>)5.0Warning \n[CVE-2022-0979](<https://vulners.com/cve/CVE-2022-0979>)5.0Warning \n[CVE-2022-0971](<https://vulners.com/cve/CVE-2022-0971>)5.0Warning \n[CVE-2022-0974](<https://vulners.com/cve/CVE-2022-0974>)5.0Warning", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-15T00:00:00", "type": "kaspersky", "title": "KLA12487 Multiple vulnerabilities in Google Chrome", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-09-29T00:00:00", "id": "KLA12487", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12487/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-02T19:28:57", "description": "### *Detect date*:\n03/17/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges.\n\n### *Affected products*:\nMicrosoft Edge (Chromium-based)\n\n### *Solution*:\nInstall necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option) \n[Microsoft Edge update settings](<https://support.microsoft.com/en-us/topic/microsoft-edge-update-settings-af8aaca2-1b69-4870-94fe-18822dbb7ef1>)\n\n### *Original advisories*:\n[CVE-2022-0979](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0979>) \n[CVE-2022-0972](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0972>) \n[CVE-2022-0973](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0973>) \n[CVE-2022-0971](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0971>) \n[CVE-2022-0978](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0978>) \n[CVE-2022-0974](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0974>) \n[CVE-2022-0976](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0976>) \n[CVE-2022-0977](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0977>) \n[CVE-2022-0975](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0975>) \n[CVE-2022-26899](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26899>) \n[CVE-2022-0980](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0980>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Edge](<https://threats.kaspersky.com/en/product/Microsoft-Edge/>)\n\n### *CVE-IDS*:\n[CVE-2022-0972](<https://vulners.com/cve/CVE-2022-0972>)5.0Warning \n[CVE-2022-0975](<https://vulners.com/cve/CVE-2022-0975>)5.0Warning \n[CVE-2022-0976](<https://vulners.com/cve/CVE-2022-0976>)5.0Warning \n[CVE-2022-0973](<https://vulners.com/cve/CVE-2022-0973>)5.0Warning \n[CVE-2022-0980](<https://vulners.com/cve/CVE-2022-0980>)5.0Warning \n[CVE-2022-0978](<https://vulners.com/cve/CVE-2022-0978>)5.0Warning \n[CVE-2022-0977](<https://vulners.com/cve/CVE-2022-0977>)5.0Warning \n[CVE-2022-0979](<https://vulners.com/cve/CVE-2022-0979>)5.0Warning \n[CVE-2022-0971](<https://vulners.com/cve/CVE-2022-0971>)5.0Warning \n[CVE-2022-0974](<https://vulners.com/cve/CVE-2022-0974>)5.0Warning \n[CVE-2022-26899](<https://vulners.com/cve/CVE-2022-26899>)5.0Warning\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-17T00:00:00", "type": "kaspersky", "title": "KLA12490 Multiple vulnerabilities in Microsoft Browser", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980", "CVE-2022-26899"], "modified": "2023-09-29T00:00:00", "id": "KLA12490", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12490/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redos": [{"lastseen": "2023-12-02T16:25:56", "description": "DNS server BIND vulnerability is related to reachable assertion in DNS query processing. Exploitation\r\n The vulnerability allows an attacker acting remotely to send repeated patterns of specific requests to servers with DNSSEC-Validated Cache (synth-from-rom) enabled.\r\n queries to servers with the DNSSEC-Validated Cache (synth-from-dnssec) feature enabled and cause the\r\n INSIST error in query.c:query_dname, causing named to terminate unexpectedly.\n\nDNS server vulnerability BIND is related to flaws in HTTP request processing. Exploitation of the vulnerability\r\n allows a remote attacker to affect data integrity\n\nDNS server vulnerability BIND is related to the processing of a DS record request that needs to be\r\n redirect, BIND waits until this processing is complete or until the wait time for the wait time timer\r\n wait time expires, this timeout results in a call to resume_dslookup(), which\r\n does not check if the fetch was previously completed. Exploitation of the vulnerability allows an attacker acting\r\n remotely to cause the binding process to terminate.\n\nThe DNS BIND server vulnerability is related to improper resource termination or release,\r\n which results in an incomplete cleanup. Exploitation of the vulnerability allows an attacker acting\r\n remotely, to send specially crafted TCP streams with 'keep-response-order' enabled, which could\r\n cause binding connections to remain in the CLOSE_WAIT state for an indefinite period,\r\n even after the client has terminated the connection.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-04-14T00:00:00", "type": "redos", "title": "ROS-20230414-02", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396", "CVE-2022-0635", "CVE-2022-0667"], "modified": "2023-04-14T00:00:00", "id": "ROS-20230414-02", "href": "https://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-bind-cve-2021-25220-cve-2022-0396-cve-2022-0635-cve-2022-0667/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "hivepro": [{"lastseen": "2022-03-22T10:15:32", "description": "THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here The Internet Systems Consortium (ISC) has published security upgrades to address several vulnerabilities in the widely used Berkeley Internet Name Domain (BIND) server software. An attacker could take advantage of some of these vulnerabilities to gain elevated privileges, cause BIND process to terminate, or cause DNS cache poisoning. None of these vulnerabilities have been known to be exploited in the wild so far. All these vulnerabilities have been fixed in versions 9.16.27 & 9.18.1. Organizations should update them using the patch links below Potential MITRE ATT&CK TTPs are: TA0042: Resource Development T1588: Obtain Capabilities T1588.006: Obtain Capabilities: Vulnerabilities TA0001: Initial Access T1190: Exploit Public-Facing Application TA0040: Impact T1498: Network Denial of Service T1498.001: Network Denial of Service: Direct Network Flood TA0006: Credential Access TA0009: Collection T1557: Adversary-in-the-Middle Vulnerability Details Patch Link https://www.isc.org/bind/ References https://kb.isc.org/docs/cve-2021-25220 https://kb.isc.org/docs/cve-2022-0635 https://kb.isc.org/docs/cve-2022-0667 https://kb.isc.org/docs/cve-2022-0396 https://www.cisa.gov/uscert/ncas/current-activity/2022/03/17/isc-releases-security-advisories-bind", "cvss3": {}, "published": "2022-03-22T07:19:52", "type": "hivepro", "title": "Berkeley Internet Name Domain (BIND) affected by multiple vulnerabilities", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396", "CVE-2022-0635", "CVE-2022-0667"], "modified": "2022-03-22T07:19:52", "id": "HIVEPRO:E8FD3A77E9767CCAEFD160DF64A486A3", "href": "https://www.hivepro.com/berkeley-internet-name-domain-bind-affected-by-multiple-vulnerabilities/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-03-15T12:02:03", "description": "THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Since September 2021, LockBit 2.0 has targeted 500+ organizations in vital areas globally. The most recent attack targeted well-known tire producer Bridgestone, software behemoth Accenture, and the French Ministry of Justice. LockBit 2.0 ransomware compromises victim networks through a variety of techniques, including, but not limited to, purchased access, unpatched vulnerabilities, insider access, and zero-day exploit. Some of the know vulnerabilities exploited are CVE-2021-22986 affecting BIG-IP products and CVE-2018-13379 impacting FortiOS. The ransomware first assesses the system and user language settings and only targets those that do not match a predefined list of Eastern European languages. It then erases system logs and shadow copies on disk as soon as the infection begins. In addition to this, it also collects system data such as hostname, host configuration, domain information, local drive configuration, remote shares, and mounted external storage devices. Furthermore, it tries to encrypt all data stored to any local or remote device, but it ignores files linked with critical system operations. After the encryption, the ransomware deletes itself from the disk and creates persistence upon startup. Lockbit 2.0 affiliates typically employ the Stealbit program received straight from the Lockbit panel to exfiltrate certain file types prior to encryption. The affiliate can adjust the desired file types to adapt the attack to the target. Additionally, they frequently employ publicly accessible file-sharing platforms such as privatlab.net, anonfiles.com, sendspace.com, fex.net, transfer.sh, and send.exploit.in. While some of these programs and services may serve legitimate reasons, others may be exploited by threat actors. The Organizations can mitigate the risk by following the recommendations: \u2022Use multi-factor authentication. \u2022Keep all operating systems and software up to date. \u2022Remove unnecessary access to administrative shares. \u2022Maintain offline backups of data and Ensure all backup data is encrypted and immutable. \u2022Enable protected files in the Windows Operating System for critical files. The Mitre TTPs commonly used by LockBit 2.0 are: TA0040 - ImpactTA0042 - Resource Development TA0001 - Initial Access TA0002 - Execution TA0003 - Persistence TA0005 - Defense Evasion TA0006 - Credential Access TA0007 - Discovery TA0008 - Lateral Movement TA0009 - Collection TA0011 - Command and ControlTA0010 - ExfiltrationT1190: Exploit Public-Facing ApplicationT1047: Windows Management InstrumentationT1059: Command and Scripting InterpreterT1059.003: Windows Command ShellT1547.001: Boot or Logon Autostart Execution: Registry Run Keys / Startup FolderT1055: Process InjectionT1070.004: Indicator Removal on Host: File DeletionT1112: Modify RegistryT1497: Virtualization/Sandbox EvasionT1110: Brute ForceT1056.004: Credential API HookingT1012: Query RegistryT1018: Remote System DiscoveryT1057: Process DiscoveryT1021: Remote ServicesT1021.001: Remote Services: Remote Desktop ProtocolT1021.002: Remote Services: SMB/Windows Admin SharesT1056.004: Credential API HookingT1090.003: Proxy: Multi-hop ProxyT1567.002: Exfiltration Over Web Service: Exfiltration to Cloud StorageT1486: Data Encrypted for ImpactT1490: Inhibit System Recovery Vulnerability Details Indicators of Compromise (IoCs) Recent Breaches bridgestoneamericas.com accenture.com justice.fr Patch Link https://www.fortiguard.com/psirt/FG-IR-18-384 https://support.f5.com/csp/article/K03009991 References https://www.ic3.gov/Media/News/2022/220204.pdf https://threatpost.com/accenture-lockbit-ransomware-attack/168594/", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2022-03-15T10:07:18", "type": "hivepro", "title": "LockBit 2.0 Ransomware affiliates targeting Renowned Organizations", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-13379", "CVE-2021-22986"], "modified": "2022-03-15T10:07:18", "id": "HIVEPRO:1825C4046C6054693C41D7D5DFD7BA10", "href": "https://www.hivepro.com/lockbit-2-0-ransomware-affiliates-targeting-renowned-organizations/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-21T14:25:27", "description": "THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A system environment variables leak security bug was found in Chromium 92 version. Multiple web browsers are based on the chromium engine, such as Google Chrome, Microsoft Edge, Opera, and Brave. Most of them are reported to be vulnerable, except Brave. The vulnerability tracked as CVE-2022-0337 affects the \u2018window.showSaveFilePicker()\u2019 method in the File system access API. An attacker can exploit this vulnerability to gain access to the victim's system environment variables by crafting a malicious html file and enticing a victim user to open it. Environment variables are the variables where users can store secrets like tokens, passwords, keys to some services (ex. Microsoft Azure or Twilio SendGrid). This vulnerability only affects Windows operating system. Potential MITRE ATT&CK TTPs are:TA0042: Resource DevelopmentT1588: Obtain CapabilitiesT1588.006: Obtain Capabilities: VulnerabilitiesTA0001: Initial AccessT1190: Exploit Public-Facing ApplicationTA0005: Defense EvasionT1027: Obfuscated Files or InformationT1027.006: Obfuscated Files or Information: HTML Smuggling Vulnerability Details Patch Link https://www.google.com/intl/en/chrome/?standalone=1 https://download3.operacdn.com/pub/opera/desktop/84.0.4316.42/win/Opera_84.0.4316.42_Setup_x64.exe https://www.microsoft.com/en-us/edge References https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html", "cvss3": {}, "published": "2022-03-21T13:54:21", "type": "hivepro", "title": "Environment Variables Leak affect Multiple browsers", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-0337"], "modified": "2022-03-21T13:54:21", "id": "HIVEPRO:D96F886304BCBB7550726C207C2FE66E", "href": "https://www.hivepro.com/environment-variables-leak-affect-multiple-browsers/", "cvss": {"score": 0.0, "vector": "NONE"}}], "cisa": [{"lastseen": "2022-11-29T13:59:06", "description": "The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.\n\nCISA encourages users and administrators to review the following ISC advisories and apply the necessary updates or workarounds.\n\n * [CVE-2021-25220](<https://kb.isc.org/docs/cve-2021-25220>)\n * [CVE-2022-0396](<https://kb.isc.org/docs/cve-2022-0396>)\n * [CVE-2022-0635](<https://kb.isc.org/docs/cve-2022-0635>)\n * [CVE-2022-0667](<https://kb.isc.org/docs/cve-2022-0667>)\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2022/03/17/isc-releases-security-advisories-bind>); we'd welcome your feedback.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-17T00:00:00", "type": "cisa", "title": "ISC Releases Security Advisories for BIND", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396", "CVE-2022-0635", "CVE-2022-0667"], "modified": "2022-03-17T00:00:00", "id": "CISA:1602F24139E2AB029448E5489B3B6427", "href": "https://us-cert.cisa.gov/ncas/current-activity/2022/03/17/isc-releases-security-advisories-bind", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-26T18:09:51", "description": "Microsoft has released mitigations and workarounds to address a remote code execution vulnerability (CVE-2021-40444) in Microsoft Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. This vulnerability has been detected in exploits in the wild. \n\nCISA encourages users and administrators to review [Microsoft\u2019s advisory](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444 >) and to implement the mitigations and workarounds.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2021/09/07/microsoft-releases-mitigations-and-workarounds-cve-2021-40444>); we'd welcome your feedback.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-07T00:00:00", "type": "cisa", "title": "Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-07T00:00:00", "id": "CISA:C70D91615E3DC8B589B493118D474566", "href": "https://us-cert.cisa.gov/ncas/current-activity/2021/09/07/microsoft-releases-mitigations-and-workarounds-cve-2021-40444", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2023-12-02T16:45:34", "description": "New bind packages are available for Slackware 14.0, 14.1, 14.2, 15.0,\nand -current to fix security issues.\n\n\nHere are the details from the Slackware 15.0 ChangeLog:\n\npatches/packages/bind-9.18.1-i586-1_slack15.0.txz: Upgraded.\n This update fixes bugs and the following security issues:\n An assertion could occur in resume_dslookup() if the fetch had been shut\n down earlier.\n Lookups involving a DNAME could trigger an INSIST when \"synth-from-dnssec\"\n was enabled.\n A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()\n to be called recursively, which in turn left TCP connections hanging in the\n CLOSE_WAIT state blocking indefinitely when out-of-order processing was\n disabled.\n The rules for acceptance of records into the cache have been tightened to\n prevent the possibility of poisoning if forwarders send records outside\n the configured bailiwick.\n For more information, see:\n https://vulners.com/cve/CVE-2022-0667\n https://vulners.com/cve/CVE-2022-0635\n https://vulners.com/cve/CVE-2022-0396\n https://vulners.com/cve/CVE-2021-25220\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.11.37-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.11.37-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.11.37-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.11.37-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/bind-9.11.37-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/bind-9.11.37-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware 15.0:\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/bind-9.18.1-i586-1_slack15.0.txz\n\nUpdated package for Slackware x86_64 15.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/bind-9.18.1-x86_64-1_slack15.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.18.1-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.18.1-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n30b8c73da95a67f8ba7ace5d4234b051 bind-9.11.37-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nc6da042d76a5b13344d00908437bf38e bind-9.11.37-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n7ad9205be658ef4d5c629ec5f787f294 bind-9.11.37-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n2d91cbc09f415f8195fc14f7075c5e75 bind-9.11.37-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\n412056ed709660c1376e2bef44cea105 bind-9.11.37-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n2daf65e0ef7bb38c12902b9972600e5b bind-9.11.37-x86_64-1_slack14.2.txz\n\nSlackware 15.0 package:\n448695e0d12690a8607c03adf7d5c14e bind-9.18.1-i586-1_slack15.0.txz\n\nSlackware x86_64 15.0 package:\n6a72e9719ee12d68f7052a6c77e801db bind-9.18.1-x86_64-1_slack15.0.txz\n\nSlackware -current package:\n1df5145498187ea97e8a9ca9ddabe114 n/bind-9.18.1-i586-1.txz\n\nSlackware x86_64 -current package:\n4c97d0bfb4f113bf4477ddfb5ab15abc n/bind-9.18.1-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.18.1-i586-1_slack15.0.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-17T19:58:44", "type": "slackware", "title": "[slackware-security] bind", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396", "CVE-2022-0635", "CVE-2022-0667"], "modified": "2022-03-17T19:58:44", "id": "SSA-2022-076-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2022&m=slackware-security.523032", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T16:45:32", "description": "New bind packages are available for Slackware 15.0, since the previous patch\nmistakenly moved to a newer BIND branch. These packages do not fix any security\nissues that weren't already fixed in the bind-9.18.1 packages, which have been\nmoved into /testing, but the BIND 9.16 LTS version is the correct one for\nSlackware 15.0.\n\n\nHere are the details from the Slackware 15.0 ChangeLog:\n\npatches/packages/bind-9.16.27-i586-1_slack15.0.txz: Upgraded.\n Sorry folks, I had not meant to bump BIND to the newer branch. I've moved\n the other packages into /testing. Thanks to Nobby6 for pointing this out.\n This update fixes bugs and the following security issues:\n A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()\n to be called recursively, which in turn left TCP connections hanging in the\n CLOSE_WAIT state blocking indefinitely when out-of-order processing was\n disabled.\n The rules for acceptance of records into the cache have been tightened to\n prevent the possibility of poisoning if forwarders send records outside\n the configured bailiwick.\n For more information, see:\n https://vulners.com/cve/CVE-2022-0396\n https://vulners.com/cve/CVE-2021-25220\n (* Security fix *)\ntesting/packages/bind-9.18.1-i586-1_slack15.0.txz: Moved.\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 15.0:\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/bind-9.16.27-i586-1_slack15.0.txz\n\nUpdated package for Slackware x86_64 15.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/bind-9.16.27-x86_64-1_slack15.0.txz\n\n\nMD5 signatures:\n\nSlackware 15.0 package:\ncb7677e69257e3e6fdb37b2c2d2055a6 bind-9.16.27-i586-1_slack15.0.txz\n\nSlackware x86_64 15.0 package:\n629150da7488246c739456e332d5b8e6 bind-9.16.27-x86_64-1_slack15.0.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.16.27-i586-1_slack15.0.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-03-21T20:30:23", "type": "slackware", "title": "[slackware-security] Slackware 15.0 bind", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-03-21T20:30:23", "id": "SSA-2022-080-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2022&m=slackware-security.382950", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2023-12-02T16:45:16", "description": "Arch Linux Security Advisory ASA-202204-5\n=========================================\n\nSeverity: High\nDate : 2022-04-04\nCVE-ID : CVE-2021-25220 CVE-2022-0396 CVE-2022-0635 CVE-2022-0667\nPackage : bind\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2661\n\nSummary\n=======\n\nThe package bind before version 9.18.1-1 is vulnerable to multiple\nissues including denial of service and content spoofing.\n\nResolution\n==========\n\nUpgrade to 9.18.1-1.\n\n# pacman -Syu \"bind>=9.18.1-1\"\n\nThe problems have been fixed upstream in version 9.18.1.\n\nWorkaround\n==========\n\n- CVE-2021-25220\n\nIf applicable, modify your configuration to either remove all\nforwarding or all possibility of recursion. Depending on your use-case,\nit may be possible to use other zone types to replace forward zones.\n\n- CVE-2022-0396\n\nuse the default setting of keep-response-order { none; }.\n\n- CVE-2022-0635\n\nThe failure can be avoided by adding this option to named.conf:\n\n synth-from-dnssec no;\n\nHowever we do not recommend disabling this feature other than as a\ntemporary workaround because it provides protection from pseudo-random-\nsubdomain attacks against DNSSEC-signed zones.\n\nDescription\n===========\n\n- CVE-2021-25220 (content spoofing)\n\nWhen using forwarders in BIND, bogus NS records supplied by, or via,\nthose forwarders may be cached and used by named if it needs to recurse\nfor any reason, causing it to obtain and pass on potentially incorrect\nanswers. The cache could become poisoned with incorrect records leading\nto queries being made to the wrong servers, which might also result in\nfalse information being returned to clients. Authoritative-only BIND 9\nservers are not vulnerable to this flaw.\n\n- CVE-2022-0396 (denial of service)\n\nISC recently discovered an issue in BIND that allows TCP connection\nslots to be consumed for an indefinite time frame via a specifically\ncrafted TCP stream sent from a client. This issue is present in BIND\n9.16.11 to 9.16.26 (including S editions), and 9.18.0.\n\nThis issue can only be triggered on BIND servers which have keep-\nresponse-order enabled, which is not the default configuration. The\nkeep-response-order option is an ACL block; any hosts which are\nspecified within it will be able to trigger this issue on affected\nversions. Specifically crafted TCP streams can cause connections to\nBIND to remain in CLOSE_WAIT status for an indefinite period of time,\neven after the client has terminated the connection.\n\n- CVE-2022-0635 (denial of service)\n\nBIND 9.18.0 stable release refactored the RFC 8198 Aggressive Use of\nDNSSEC-Validated Cache feature (synth-from-dnssec) and changed the\ndefault so that is now automatically enabled for dnssec-validating\nresolvers. Subsequently it was found that repeated patterns of specific\nqueries to servers with this feature enabled could cause an INSIST\nfailure in query.c:query_dname which causes named to terminate\nunexpectedly.\n\nThe vulnerability affects BIND resolvers running 9.18.0 that have both\ndnssec-validation and synth-from-dnssec enabled. (Note that dnssec-\nvalidation auto; is the default setting unless configured otherwise in\nnamed.conf and that enabling dnssec-validation automatically enables\nsynth-from-dnssec unless explicitly disabled) When a vulnerable version\nof named receives a series of specific queries, the named process will\neventually terminate due to a failed assertion check.\n\n- CVE-2022-0667 (denial of service)\n\nIn BIND 9.18.0 the recursive client code was refactored that introduced\na \"backstop lifetime timer\". While BIND is processing a request for a\nDS record that needs to be forwarded, it waits until this processing is\ncomplete or until the backstop lifetime timer has timed out. When the\nresume_dslookup() function is called as a result of such a timeout, the\nfunction does not test whether the fetch has previously been shut down.\nThis introduces the possibility of triggering an assertion failure,\nwhich could cause the BIND process to terminate.\n\nImpact\n======\n\nA remote attacker is able to crash the application or force TCP\nconnections to BIND to remain in CLOSE_WAIT status leading to denial of\nservice on the affected host. Furthermore the cache could become\npoisoned leading to queries being made to the wrong servers, which\nmight also result in false information being returned to clients.\n\nReferences\n==========\n\nhttps://kb.isc.org/docs/cve-2021-25220\nhttps://gitlab.isc.org/isc-projects/bind9/-/commit/fc9cb6cf91c1a36b797ffef0a277dbb3989d43dc\nhttps://kb.isc.org/docs/cve-2022-0396\nhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/5987\nhttps://gitlab.isc.org/isc-projects/bind9/-/commit/ae7fa0a3082d1b97b1123a96a78fbbe39d525be5\nhttps://kb.isc.org/docs/cve-2022-0635\nhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/5988\nhttps://gitlab.isc.org/isc-projects/bind9/-/commit/71dd44339f4cf616e514cefa1ac1794d7a14e7db\nhttps://kb.isc.org/docs/cve-2022-0667\nhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/5989\nhttps://gitlab.isc.org/isc-projects/bind9/-/commit/7ba3a069355875409fadd0da094293cd08d7ccb6\nhttps://security.archlinux.org/CVE-2021-25220\nhttps://security.archlinux.org/CVE-2022-0396\nhttps://security.archlinux.org/CVE-2022-0635\nhttps://security.archlinux.org/CVE-2022-0667", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-04-04T00:00:00", "type": "archlinux", "title": "[ASA-202204-5] bind: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396", "CVE-2022-0635", "CVE-2022-0667"], "modified": "2022-04-04T00:00:00", "id": "ASA-202204-5", "href": "https://security.archlinux.org/ASA-202204-5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ibm": [{"lastseen": "2023-12-02T17:47:51", "description": "## Summary\n\nCKEditor open source library used by IBM OpenPages with Watson. CKEditor reported multiple vulnerabilities. These vulnerabilities have been addressed. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-24729](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222037>) \n** DESCRIPTION: **CKEditor is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the dialog plugin. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a significant performance drop and results in a browser tab freeze. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222037](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222037>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-24728](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222035>) \n** DESCRIPTION: **CKEditor is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222035](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222035>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM OpenPages with Watson| 8.2, 8.3 \n \n## Remediation/Fixes\n\nA fix has been created for each affected version of the named product. Download and install the fix as soon as possible. Fixes and installation instructions are provided at the URLs listed below:\n\n**Product**\n\n| \n\n**Remediation** \n \n---|--- \n \nFor IBM OpenPages with Watson **8.3**\n\n \n\\- Apply 8.3 FixPack 1 **(8.3.0.1) **or later. IBM recommends applying Fixpack 2 (**8.3.0.2**) \n\n\n| \n\n**Download URL for 8.3.0.2**\n\n<https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-2> \n \n \nFor IBM OpenPages GRC Platform 8.1/8.2 customers, IBM recommends to upgrade to a fixed and supported versions **8.3** or **9.0** of the product.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-10-05T13:57:50", "type": "ibm", "title": "Security Bulletin: IBM OpenPages with Watson has addressed multiple vulnerabilities from CKEditor (CVE-2022-24728, CVE-2022-24729)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-24728", "CVE-2022-24729"], "modified": "2023-10-05T13:57:50", "id": "407328EFCB60260BBAE25BB1BD13B5839E71760477D3641EC86379112A1E7EE1", "href": "https://www.ibm.com/support/pages/node/7041861", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T18:23:59", "description": "## Summary\n\nISC BIND on IBM i is vulnerable to a denial of service attack by sending specially created TCP packets and DNS cache poisoning attack by using DNS forwarders as described in the vulnerability details section. IBM i has addressed the vulnerabilities in ISC BIND with a fix as described in the remediation/fixes section.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0396](<https://vulners.com/cve/CVE-2022-0396>) \n** DESCRIPTION: **ISC BIND is vulnerable to a denial of service. By sending specially crafted TCP packets, an attacker could exploit this vulnerability to allow TCP connection slots to be consumed for an indefinite time frame. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221990](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221990>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-25220](<https://vulners.com/cve/CVE-2021-25220>) \n** DESCRIPTION: **ISC BIND could allow a remote attacker to bypass security restrictions, caused by an error when using DNS forwarders. An attacker could exploit this vulnerability to poison the cache with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221991](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221991>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM i| 7.5 \nIBM i| 7.4 \nIBM i| 7.3 \nIBM i| 7.2 \n \n## Remediation/Fixes\n\nThe issue can be fixed by applying PTFs to IBM i. IBM i releases 7.5, 7.4, 7.3, and 7.2 will be fixed.\n\nThe IBM i PTF numbers contain the fix for the vulnerabilities.\n\nIBM i Release| 5770-SS1 \nPTF Number| PTF Download Link \n---|---|--- \n7.5| SI80440 \nSI80443 \nSI80458| [SI80440](<https://www.ibm.com/support/pages/ptf/SI80440> \"SI80440\" ) \n[SI80443](<https://www.ibm.com/support/pages/ptf/SI80443> \"SI80443\" ) \n[SI80458](<https://www.ibm.com/support/pages/ptf/SI80458> \"SI80458\" ) \n7.4| SI80430 \nSI80431 \nSI80455| [SI80430](<https://www.ibm.com/support/pages/ptf/SI80430> \"SI80430\" ) \n[SI80431](<https://www.ibm.com/support/pages/ptf/SI80431> \"SI80431\" ) \n[SI80455](<https://www.ibm.com/support/pages/ptf/SI80455> \"SI80455\" ) \n7.3| SI80437 \nSI80438 \nSI80456| [SI80437](<https://www.ibm.com/support/pages/ptf/SI80437> \"SI80437\" ) \n[SI80438](<https://www.ibm.com/support/pages/ptf/SI80438> \"SI80438\" ) \n[SI80456](<https://www.ibm.com/support/pages/ptf/SI80456> \"SI80456\" ) \n7.2| SI80439 \nSI80457| [SI80439](<https://www.ibm.com/support/pages/ptf/SI80439> \"SI80439\" ) \n[SI80457](<https://www.ibm.com/support/pages/ptf/SI80457> \"SI80457\" ) \n \n<https://www.ibm.com/support/fixcentral>\n\n_Important note: IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-07-13T19:36:49", "type": "ibm", "title": "Security Bulletin: IBM i is vulnerable to denial of service and cache poisoning attacks due to flaws in ISC BIND (CVE-2022-0396, CVE-2021-25220)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-07-13T19:36:49", "id": "94578790186F82FB4CA8CF47D896821629E95BE4B528A7A545C9950614CA8636", "href": "https://www.ibm.com/support/pages/node/6595155", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "drupal": [{"lastseen": "2023-11-24T13:58:50", "description": "The Drupal project uses the CKEditor library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal. Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can create or edit content (even without access to CKEditor themselves) may be able to exploit one or more Cross-Site Scripting (XSS) vulnerabilities to target users with access to the WYSIWYG CKEditor, including site admins with privileged access. For more information, see CKEditor's security advisories: CVE-2022-24728: HTML processing vulnerability allowing to execute JavaScript code CVE-2022-24729: Regular expression Denial of Service in dialog plugin This advisory is not covered by Drupal Steward.\n", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2022-03-16T00:00:00", "type": "drupal", "title": "Drupal core - Moderately critical - Third-party libraries - SA-CORE-2022-005\n", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-24728", "CVE-2022-24729"], "modified": "2022-03-16T00:00:00", "id": "DRUPAL-SA-CORE-2022-005", "href": "https://www.drupal.org/sa-core-2022-005", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "almalinux": [{"lastseen": "2023-12-02T17:27:13", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n* bind: DoS from specifically crafted TCP packets (CVE-2022-0396)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-15T00:00:00", "type": "almalinux", "title": "Moderate: bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-18T04:34:04", "id": "ALSA-2022:8068", "href": "https://errata.almalinux.org/9/ALSA-2022-8068.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T17:27:12", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n* bind: DoS from specifically crafted TCP packets (CVE-2022-0396)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-08T00:00:00", "type": "almalinux", "title": "Important: bind9.16 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-11T22:00:52", "id": "ALSA-2022:7643", "href": "https://errata.almalinux.org/8/ALSA-2022-7643.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T17:27:13", "description": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-15T00:00:00", "type": "almalinux", "title": "Moderate: dhcp security and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-11-17T21:26:26", "id": "ALSA-2022:8385", "href": "https://errata.almalinux.org/9/ALSA-2022-8385.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "redhat": [{"lastseen": "2023-12-02T16:41:07", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\n* bind: DoS from specifically crafted TCP packets (CVE-2022-0396)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-08T06:25:20", "type": "redhat", "title": "(RHSA-2022:7643) Important: bind9.16 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-08T07:46:59", "id": "RHSA-2022:7643", "href": "https://access.redhat.com/errata/RHSA-2022:7643", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T16:41:07", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\n* bind: DoS from specifically crafted TCP packets (CVE-2022-0396)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-15T06:14:59", "type": "redhat", "title": "(RHSA-2022:8068) Moderate: bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-15T08:05:03", "id": "RHSA-2022:8068", "href": "https://access.redhat.com/errata/RHSA-2022:8068", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T15:43:19", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-08T06:29:06", "type": "redhat", "title": "(RHSA-2022:7790) Moderate: bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-11-08T07:49:44", "id": "RHSA-2022:7790", "href": "https://access.redhat.com/errata/RHSA-2022:7790", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-12-02T15:43:19", "description": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-15T06:23:05", "type": "redhat", "title": "(RHSA-2022:8385) Moderate: dhcp security and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-11-15T08:05:18", "id": "RHSA-2022:8385", "href": "https://access.redhat.com/errata/RHSA-2022:8385", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "rocky": [{"lastseen": "2023-12-02T17:26:30", "description": "An update is available for bind.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\n* bind: DoS from specifically crafted TCP packets (CVE-2022-0396)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-15T06:14:59", "type": "rocky", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-15T06:14:59", "id": "RLSA-2022:8068", "href": "https://errata.rockylinux.org/RLSA-2022:8068", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T17:26:38", "description": "An update is available for bind9.16.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\n* bind: DoS from specifically crafted TCP packets (CVE-2022-0396)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-08T06:25:20", "type": "rocky", "title": "bind9.16 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-08T06:25:20", "id": "RLSA-2022:7643", "href": "https://errata.rockylinux.org/RLSA-2022:7643", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T17:26:23", "description": "An update is available for dhcp.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-15T06:23:05", "type": "rocky", "title": "dhcp security and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-11-15T06:23:05", "id": "RLSA-2022:8385", "href": "https://errata.rockylinux.org/RLSA-2022:8385", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-12-02T17:26:36", "description": "An update is available for bind.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-08T06:29:06", "type": "rocky", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-11-08T06:29:06", "id": "RLSA-2022:7790", "href": "https://errata.rockylinux.org/RLSA-2022:7790", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "cloudfoundry": [{"lastseen": "2023-12-02T16:53:45", "description": "## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 18.04\n\n## Description\n\nXiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results. (CVE-2021-25220) It was discovered that Bind incorrectly handled certain crafted TCP streams. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 21.10. (CVE-2022-0396)\n\nCVEs contained in this USN include: CVE-2021-25220, CVE-2022-0396.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Bionic Stemcells \n * 1.x versions prior to 1.71\n * All other stemcells not listed.\n * cflinuxfs3 \n * All versions prior to 0.279.0\n * CF Deployment \n * All versions prior to 20.0.0, or later versions with Bionic Stemcells prior to 1.71\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * Bionic Stemcells \n * Upgrade 1.x versions to 1.71 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n * cflinuxfs3 \n * Upgrade all versions to 0.279.0 or greater\n * CF Deployment \n * Upgrade all versions to 20.0.0 or greater and upgrade Bionic Stemcells to 1.71 or greater\n\n## References\n\n * [USN Notice](<https://ubuntu.com/security/notices/USN-5332-1>)\n * [CVE-2021-25220](<https://ubuntu.com/security/CVE-2021-25220>)\n * [CVE-2022-0396](<https://ubuntu.com/security/CVE-2022-0396>)\n\n## History\n\n2022-05-23: Initial vulnerability report published.\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-05-23T00:00:00", "type": "cloudfoundry", "title": "USN-5332-1: Bind vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-05-23T00:00:00", "id": "CFOUNDRY:FD0F51D81CC7E6A50C1B195DBA004E18", "href": "https://www.cloudfoundry.org/blog/usn-5332-1-bind-vulnerabilities/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2023-12-02T18:47:23", "description": "## Releases\n\n * Ubuntu 21.10 \n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 ESM\n\n## Packages\n\n * bind9 \\- Internet Domain Name Server\n\nXiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind \nincorrectly handled certain bogus NS records when using forwarders. A \nremote attacker could possibly use this issue to manipulate cache results. \n(CVE-2021-25220)\n\nIt was discovered that Bind incorrectly handled certain crafted TCP \nstreams. A remote attacker could possibly use this issue to cause Bind to \nconsume resources, leading to a denial of service. This issue only affected \nUbuntu 21.10. (CVE-2022-0396)\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-03-17T00:00:00", "type": "ubuntu", "title": "Bind vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-03-17T00:00:00", "id": "USN-5332-1", "href": "https://ubuntu.com/security/notices/USN-5332-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2023-04-27T00:57:30", "description": "[32:9.16.23-5]\n- Fix possible serve-stale related crash (CVE-2022-3080)\n- Fix memory leak in ECDSA verify processing (CVE-2022-38177)\n- Fix memory leak in EdDSA verify processing (CVE-2022-38178)\n[32:9.16.23-4]\n- Export bind-doc package (#2104863)\n[32:9.16.23-3]\n- Tighten cache protection against record from forwarders (CVE-2021-25220)\n- Include test of forwarders\n[32:9.16.23-2]\n- TCP connections with keep-response-order are properly close in all cases\n (CVE-2022-0396)", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-22T00:00:00", "type": "oraclelinux", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-22T00:00:00", "id": "ELSA-2022-8068", "href": "http://linux.oracle.com/errata/ELSA-2022-8068.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-28T20:48:06", "description": "[32:9.16.23-0.9.1]\n- Fix possible serve-stale related crash (CVE-2022-3080)\n- Fix memory leak in ECDSA verify processing (CVE-2022-38177)\n- Fix memory leak in EdDSA verify processing (CVE-2022-38178)\n[32:9.16.23-0.9]\n- Tighten cache protection against record from forwarders (CVE-2021-25220)\n- Include test of forwarders\n[32:9.16.23-0.8]\n- TCP connections with keep-response-order are properly close in all cases\n (CVE-2022-0396)", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-15T00:00:00", "type": "oraclelinux", "title": "bind9.16 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396"], "modified": "2022-11-15T00:00:00", "id": "ELSA-2022-7643", "href": "http://linux.oracle.com/errata/ELSA-2022-7643.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-28T20:48:06", "description": "[32:9.11.36-5]\n- Fix memory leak in ECDSA verify processing (CVE-2022-38177)\n- Fix memory leak in EdDSA verify processing (CVE-2022-38178)\n[32:9.11.36-4]\n- Tighten cache protection against record from forwarders (CVE-2021-25220)\n- Include test of forwarders\n[32:9.11.36-2]\n- Reduce memory used per-view on machine with few processors (#2030239)\n[32:9.11.36-2]\n- Rebuilt on a new side-tag (#2013993)\n[32:9.11.36-1]\n- Update to 9.11.36", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-15T00:00:00", "type": "oraclelinux", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-11-15T00:00:00", "id": "ELSA-2022-7790", "href": "http://linux.oracle.com/errata/ELSA-2022-7790.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-04-28T10:57:30", "description": "[12:4.4.2-17.b1]\n- omshell: add support for hmac-sha512 algorithm (#2083553)\n[12:4.4.2-16.b1]\n- Fix for CVE-2021-25220", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-22T00:00:00", "type": "oraclelinux", "title": "dhcp security and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-11-22T00:00:00", "id": "ELSA-2022-8385", "href": "http://linux.oracle.com/errata/ELSA-2022-8385.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2023-12-02T17:37:44", "description": "CKEditor is a text editor to be used inside web pages. It's a WYSIWYG edito r, which means that the text being edited on it looks as similar as possible to the results users have when publishing it. It brings to the web common edit ing features found on desktop editing applications like Microsoft Word and OpenOffice. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-23T09:04:30", "type": "fedora", "title": "[SECURITY] Fedora 36 Update: ckeditor-4.20.0-1.fc36", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41164", "CVE-2022-24728", "CVE-2022-24729"], "modified": "2022-10-23T09:04:30", "id": "FEDORA:3ACF7305E4DA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T17:37:44", "description": "CKEditor is a text editor to be used inside web pages. It's a WYSIWYG edito r, which means that the text being edited on it looks as similar as possible to the results users have when publishing it. It brings to the web common edit ing features found on desktop editing applications like Microsoft Word and OpenOffice. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-10T22:46:03", "type": "fedora", "title": "[SECURITY] Fedora 37 Update: ckeditor-4.20.0-1.fc37", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41164", "CVE-2022-24728", "CVE-2022-24729"], "modified": "2022-11-10T22:46:03", "id": "FEDORA:0C9763072633", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T16:02:17", "description": "DHCP (Dynamic Host Configuration Protocol) ", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-04-18T17:14:57", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: dhcp-4.4.3-2.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-04-18T17:14:57", "id": "FEDORA:A92C6304CAE7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-12-02T16:02:18", "description": "DHCP (Dynamic Host Configuration Protocol) ", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-05-07T05:00:00", "type": "fedora", "title": "[SECURITY] Fedora 36 Update: dhcp-4.4.3-2.fc36", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-05-07T05:00:00", "id": "FEDORA:DABA7306C66B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-12-02T16:02:17", "description": "This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. ", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-03-22T03:44:52", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: bind-dyndb-ldap-11.9-11.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-03-22T03:44:52", "id": "FEDORA:104BC30B6E6A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/45RO77KG2ND63FHXEJYH5377WTJGDAKL/", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-12-02T16:02:17", "description": "This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. ", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-03-26T15:56:26", "type": "fedora", "title": "[SECURITY] Fedora 36 Update: bind-dyndb-ldap-11.9-14.fc36", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-03-26T15:56:26", "id": "FEDORA:9AC8330F8FAC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-12-02T16:02:17", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-03-27T01:40:54", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: bind-9.16.27-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220"], "modified": "2022-03-27T01:40:54", "id": "FEDORA:9B072317D001", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "photon": [{"lastseen": "2023-12-03T03:28:52", "description": "Updates of ['bindutils'] packages of Photon OS have been released.\n", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2022-04-16T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-0467", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-25220", "CVE-2022-0396", "CVE-2023-34060"], "modified": "2022-04-16T00:00:00", "id": "PHSA-2022-0467", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-467", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-11-22T00:32:14", "description": "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-plugin-query-object 2.2.3 allows a malicious user to inject properties into Object.prototype.", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2021-04-23T19:15:00", "type": "prion", "title": "Buffer overflow", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20083"], "modified": "2022-04-22T16:02:00", "id": "PRION:CVE-2021-20083", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-20083", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-11-20T23:28:32", "description": "CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently no known workarounds.", "cvss3": {"cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}}, "published": "2022-03-16T16:15:00", "type": "prion", "title": "Hardcoded credentials", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-24728"], "modified": "2022-12-08T22:22:00", "id": "PRION:CVE-2022-24728", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2022-24728", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-11-20T23:28:33", "description": "CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds.", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2022-03-16T17:15:00", "type": "prion", "title": "Input validation", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-24729"], "modified": "2023-06-30T18:58:00", "id": "PRION:CVE-2022-24729", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2022-24729", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T00:37:45", "description": "On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd BIG-IQ 7.1.0.x before 7.1.0.3 and 7.0.0.x before 7.0.0.2, the iControl REST interface has an unauthenticated remote command execution vulnerability. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-31T15:15:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22986"], "modified": "2022-07-12T17:42:00", "id": "PRION:CVE-2021-22986", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-22986", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T02:32:34", "description": "An Improper Limitation of a Pathname to a Restricted Directory (\"Path Traversal\") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-04T21:29:00", "type": "prion", "title": "Path traversal", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-13379"], "modified": "2021-06-03T11:15:00", "id": "PRION:CVE-2018-13379", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-13379", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T01:01:54", "description": "Microsoft MSHTML Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-15T12:15:00", "type": "prion", "title": "Remote code execution", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2022-10-14T11:49:00", "id": "PRION:CVE-2021-40444", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-40444", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "github": [{"lastseen": "2023-12-02T17:27:22", "description": "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-plugin-query-object 2.2.3 allows a malicious user to inject properties into Object.prototype.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-24T17:48:43", "type": "github", "title": "jquery-plugin-query-object contains prototype pollution vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20083"], "modified": "2023-07-11T17:00:34", "id": "GHSA-Q9XG-H756-8689", "href": "https://github.com/advisories/GHSA-q9xg-h756-8689", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-12-02T17:28:13", "description": "### Affected packages\nThe vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4.\n\n### Impact\nA potential vulnerability has been discovered in CKEditor 4 HTML processing core module. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.18.0.\n\n### Patches\nThe problem has been recognized and patched. The fix will be available in version 4.18.0.\n\n### For more information\nEmail us at security@cksource.com if you have any questions or comments about this advisory.\n\n### Acknowledgements\nThe CKEditor 4 team would like to thank GHSL team member Kevin Backhouse ([@kevinbackhouse](https://github.com/kevinbackhouse)) for recognizing and reporting this vulnerability.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-03-16T22:47:55", "type": "github", "title": "Cross-site Scripting in CKEditor4", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-24728"], "modified": "2023-01-27T05:00:53", "id": "GHSA-4FC4-4P5G-6W89", "href": "https://github.com/advisories/GHSA-4fc4-4p5g-6w89", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}], "impervablog": [{"lastseen": "2021-04-06T10:29:57", "description": "On March 10th F5 published a [security advisory](<https://support.f5.com/csp/article/K02566623>) containing twenty one CVEs, the most critical one (CVE-2021-22986) can be exploited for unauthenticated remote code execution attacks. In the past week, several security researchers have reverse engineered the Java software patch published by BIG-IP and posted tweets and blogs with detailed POCs.\n\nAs a result, we observed multiple exploitation attempts against our customers in the last 5 days, while 90% of all occurred in the last 48 hours (March 21-22, 2021). This is probably due to the publication of a POC written in python, available in a [GitHub](<https://github.com/h4x0r-dz/RCE-Exploit-in-BIG-IP/blob/main/f5_rce.py>) repository.\n\nLooking at the client type of the requests, the vast majority of the attacks were classified as coming from automated software.\n\nSo far, Imperva research lab registered dozens of attacking IPs although the majority of attacks came from a handful of IPs indicating, once again, the usage of an automated software.\n\nThe most targeted industries are Education, Business, Retail and Financial Services, as we can see in the chart below:\n\nThe exploits that were published use different endpoints in the product to allow an unauthenticated user to execute commands using **root privileges**.\n\nWe observed two attack vectors that attempt to execute code on the vulnerable server. The first one is an attack chain that contains an SSRF attack that attempts to gain an authenticated session token as the first level, followed by remote command execution as the second level. Most of the indications of this attack observed by Imperva were pointed to the \u201c/mgmt/shared/auth/login\u201d URL. Another interesting behavior observed is an attacker that attempted to include the \u2018ping\u2019 command as a value in the \u2018FilePath\u2019 parameter, to many different websites, all of them were redirected to the same IP address hosted in Amazon, with nginx server installed with port 80 opened.\n\nThe second attack vector observed was a remote command execution (RCE), that targeted the \u201cmgmt/tm/util/bash\u201d URL, which allows an unauthenticated user to execute commands using the \u2018utilCmdArgs' parameter. In most of the attack attempts of this RCE observed by Imperva, the attacker tried to run \u201ccat /etc/passwd\u201d.\n\nIn several attack attempts, we saw requests containing nslookup to http://<random_domain>.burpcollaborator.net. The Burp Collaborator is a network service that Burp Suite uses when testing web applications for security vulnerabilities.\n\nThese attacks were detected as a new zero-day attack by [Imperva WAF](<https://www.imperva.com/products/web-application-firewall-waf/>) generic security controls. Imperva\u2019s research team has also added new dedicated rules to mitigate these vulnerabilities to block these attacks so Imperva WAF customers are protected Out-Of-the-Box.\n\nThe post [Attacks Spike Following The Disclosure Of CVE-2021-22986: F5 Networks BIG-IP iControl Remote Command Execution Vulnerability](<https://www.imperva.com/blog/attacks-spike-following-the-disclosure-of-cve-2021-22986-f5-networks-big-ip-icontrol-remote-command-execution-vulnerability/>) appeared first on [Blog](<https://www.imperva.com/blog>).", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-22T19:45:18", "type": "impervablog", "title": "Attacks Spike Following The Disclosure Of CVE-2021-22986: F5 Networks BIG-IP iControl Remote Command Execution Vulnerability", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22986"], "modified": "2021-03-22T19:45:18", "id": "IMPERVABLOG:3D5A9B1B55D73BE6810D0DB036F8B83F", "href": "https://www.imperva.com/blog/attacks-spike-following-the-disclosure-of-cve-2021-22986-f5-networks-big-ip-icontrol-remote-command-execution-vulnerability/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "githubexploit": [{"lastseen": "2022-08-15T21:13:41", "description": "# \u4f7f\u7528\r\n\r\n```\r\npython3 f5_rce.py \r\n\r\n-u \u6307\u5b9a\u76ee\u6807URL\r\n-f \u6279\u91cf\u68c0\u6d4b\u6587\u4ef6\r\n-c \u6267\u884c\u547d...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "
Weekly Threat Digest: 14 – 20 March 2022
