DATABASE RESOURCES PRICING ABOUT US

{"id": "55642C3815B3D4E270BF79F60E3EE4741DBBE7C0EC94AD5B93E9F051BCA44D7E", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-v", "description": "## Summary\n\nAT&amp;T has released version 1801-v for the Vyatta 5600. \n \nDetails of this release can be found at https://cloud.ibm.com/docs/infrastructure/virtual-router-appliance?topic=virtual-router-appliance-at-t-vyatta-5600-vrouter-software-patches#at-t-vyatta-5600-vrouter-software-patches\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-8905](<https://vulners.com/cve/CVE-2018-8905>) \n**DESCRIPTION:** LibTIFF is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the LZWDecodeCompat function in tif_lzw.c. By persuading a victim to open a specially crafted TIFF file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140633> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-7456](<https://vulners.com/cve/CVE-2018-7456>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by a NULL pointer dereference in TIFFPrintDirectory function in tif_print.c. By persuaded a victim to use the tiffinfo tool to print specially crafted TIFF information, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139536> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-5784](<https://vulners.com/cve/CVE-2018-5784>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the TIFFSetDirectory function of tif_dir.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138035> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-18557](<https://vulners.com/cve/CVE-2018-18557>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by an out-of-bounds write in the JBIGDecode function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151860> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-1710](<https://vulners.com/cve/CVE-2018-1710>) \n**DESCRIPTION:** IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 146364. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146364> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-16335](<https://vulners.com/cve/CVE-2018-16335>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by a heap-baesd buffer overflow in the newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149245> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-15209](<https://vulners.com/cve/CVE-2018-15209>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer overflow in the ChopUpSingleUncompressedStrip in tif_dirread.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148105> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-10963](<https://vulners.com/cve/CVE-2018-10963>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by an assertion failure in the TIFFWriteDirectorySec() function in tif_dirwrite.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143186> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-17095](<https://vulners.com/cve/CVE-2017-17095>) \n**DESCRIPTION:** Libtiff is vulnerable to a denial of service, caused by a heap-based buffer overflow in tools/pal2rgb.c in pal2rgb. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135816> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-11613](<https://vulners.com/cve/CVE-2017-11613>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by a flaw in the TIFFOpen function. By using a specially-crafted file, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/129463> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-8905](<https://vulners.com/cve/CVE-2018-8905>) \n**DESCRIPTION:** LibTIFF is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the LZWDecodeCompat function in tif_lzw.c. By persuading a victim to open a specially crafted TIFF file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140633> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-7456](<https://vulners.com/cve/CVE-2018-7456>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by a NULL pointer dereference in TIFFPrintDirectory function in tif_print.c. By persuaded a victim to use the tiffinfo tool to print specially crafted TIFF information, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139536> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-5784](<https://vulners.com/cve/CVE-2018-5784>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the TIFFSetDirectory function of tif_dir.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138035> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-18557](<https://vulners.com/cve/CVE-2018-18557>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by an out-of-bounds write in the JBIGDecode function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151860> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-1710](<https://vulners.com/cve/CVE-2018-1710>) \n**DESCRIPTION:** IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 146364. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146364> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-16335](<https://vulners.com/cve/CVE-2018-16335>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by a heap-baesd buffer overflow in the newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149245> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-15209](<https://vulners.com/cve/CVE-2018-15209>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer overflow in the ChopUpSingleUncompressedStrip in tif_dirread.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148105> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-10963](<https://vulners.com/cve/CVE-2018-10963>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by an assertion failure in the TIFFWriteDirectorySec() function in tif_dirwrite.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143186> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-17095](<https://vulners.com/cve/CVE-2017-17095>) \n**DESCRIPTION:** Libtiff is vulnerable to a denial of service, caused by a heap-based buffer overflow in tools/pal2rgb.c in pal2rgb. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135816> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-11613](<https://vulners.com/cve/CVE-2017-11613>) \n**DESCRIPTION:** LibTIFF is vulnerable to a denial of service, caused by a flaw in the TIFFOpen function. By using a specially-crafted file, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/129463> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-19788](<https://vulners.com/cve/CVE-2018-19788>) \n**DESCRIPTION:** PolicyKit could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user authorization. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary systemctl commands on the system. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153644> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-19628](<https://vulners.com/cve/CVE-2018-19628>) \n**DESCRIPTION:** Wireshark is vulnerable to a denial of service, caused by a divide-by-zero flaw in the ZigBee ZCL dissector. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153528> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-19627](<https://vulners.com/cve/CVE-2018-19627>) \n**DESCRIPTION:** Wireshark is vulnerable to a denial of service, caused by a flaw in the IxVeriWave file parser. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153527> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-18226](<https://vulners.com/cve/CVE-2018-18226>) \n**DESCRIPTION:** Wireshark is vulnerable to a denial of service, caused by a flaw in the Steam IHS Discovery dissector in epan/dissectors/packet-steam-ihs-discovery.c. By persuading a victim to open a specially-crafted packet, a remote attacker could exploit this vulnerability to consume system memory. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151241> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-18225](<https://vulners.com/cve/CVE-2018-18225>) \n**DESCRIPTION:** Wireshark is vulnerable to a denial of service, caused by a flaw in the CoAP dissector in epan/dissectors/packet-coap.c. By persuading a victim to open a specially-crafted packet, a remote attacker could exploit this vulnerability to consume system memory. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151242> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12086](<https://vulners.com/cve/CVE-2018-12086>) \n**DESCRIPTION:** OPC Foundation UA applications is vulnerable to a denial of service, caused by a buffer overflow. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150147> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-16866](<https://vulners.com/cve/CVE-2018-16866>) \n**DESCRIPTION:** systemd could allow a local attacker to obtain sensitive information, caused by an out-of-bounds read in journald. By sending specially-crafted command arguments, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155360> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-16865](<https://vulners.com/cve/CVE-2018-16865>) \n**DESCRIPTION:** systemd is vulnerable to a denial of service, caused by a memory corruption flaw when calling the alloca function. By sending specially-crafted command arguments, a local attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155359> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-16864](<https://vulners.com/cve/CVE-2018-16864>) \n**DESCRIPTION:** systemd is vulnerable to a denial of service, caused by a memory corruption flaw when calling the syslog function. By sending specially-crafted command arguments, a local attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155358> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-6250](<https://vulners.com/cve/CVE-2019-6250>) \n**DESCRIPTION:** ZeroMQ libzmq could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer overflow in the src/v2_decoder.cpp. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155542> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-19788](<https://vulners.com/cve/CVE-2018-19788>) \n**DESCRIPTION:** PolicyKit could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user authorization. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary systemctl commands on the system. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153644> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-19628](<https://vulners.com/cve/CVE-2018-19628>) \n**DESCRIPTION:** Wireshark is vulnerable to a denial of service, caused by a divide-by-zero flaw in the ZigBee ZCL dissector. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153528> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-19627](<https://vulners.com/cve/CVE-2018-19627>) \n**DESCRIPTION:** Wireshark is vulnerable to a denial of service, caused by a flaw in the IxVeriWave file parser. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153527> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-18226](<https://vulners.com/cve/CVE-2018-18226>) \n**DESCRIPTION:** Wireshark is vulnerable to a denial of service, caused by a flaw in the Steam IHS Discovery dissector in epan/dissectors/packet-steam-ihs-discovery.c. By persuading a victim to open a specially-crafted packet, a remote attacker could exploit this vulnerability to consume system memory. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151241> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-18225](<https://vulners.com/cve/CVE-2018-18225>) \n**DESCRIPTION:** Wireshark is vulnerable to a denial of service, caused by a flaw in the CoAP dissector in epan/dissectors/packet-coap.c. By persuading a victim to open a specially-crafted packet, a remote attacker could exploit this vulnerability to consume system memory. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151242> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12086](<https://vulners.com/cve/CVE-2018-12086>) \n**DESCRIPTION:** OPC Foundation UA applications is vulnerable to a denial of service, caused by a buffer overflow. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150147> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-16866](<https://vulners.com/cve/CVE-2018-16866>) \n**DESCRIPTION:** systemd could allow a local attacker to obtain sensitive information, caused by an out-of-bounds read in journald. By sending specially-crafted command arguments, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155360> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-16865](<https://vulners.com/cve/CVE-2018-16865>) \n**DESCRIPTION:** systemd is vulnerable to a denial of service, caused by a memory corruption flaw when calling the alloca function. By sending specially-crafted command arguments, a local attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155359> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-16864](<https://vulners.com/cve/CVE-2018-16864>) \n**DESCRIPTION:** systemd is vulnerable to a denial of service, caused by a memory corruption flaw when calling the syslog function. By sending specially-crafted command arguments, a local attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155358> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-6250](<https://vulners.com/cve/CVE-2019-6250>) \n**DESCRIPTION:** ZeroMQ libzmq could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer overflow in the src/v2_decoder.cpp. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155542> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-19967](<https://vulners.com/cve/CVE-2018-19967>) \n**DESCRIPTION:** Xen is vulnerable to a denial of service, caused by an error when using instructions with the XACQUIRE prefix on the host physical memory range. A local attacker could exploit this vulnerability using HLE constructs to cause the CPU to hang and lock up the host. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152603> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-19965](<https://vulners.com/cve/CVE-2018-19965>) \n**DESCRIPTION:** Xen is vulnerable to a denial of service, caused by an error from attempting to use INVPCID with a non-canonical address. A local attacker could exploit this vulnerability to cause the host to crash. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153185> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-19962](<https://vulners.com/cve/CVE-2018-19962>) \n**DESCRIPTION:** Xen could allow a local attacker to gain elevated privileges on the system, caused by the improper combining of small IOMMU mappings into larger ones. An attacker could exploit this vulnerability to gain host OS privileges. \nCVSS Base Score: 9.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153188> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-19961](<https://vulners.com/cve/CVE-2018-19961>) \n**DESCRIPTION:** Xen could allow a local attacker to gain elevated privileges on the system, caused by an error when TLB flushes do not always occur after IOMMU mapping changes. An attacker could exploit this vulnerability to gain host OS privileges. \nCVSS Base Score: 9.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/154085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2019-3462](<https://vulners.com/cve/CVE-2019-3462>) \n**DESCRIPTION:** Advanced Package Tool (APT) package manager, used by many major Linux distributions, could allow a remote attacker to execute arbitrary code on the system, caused by the improper validation of certain parameters during HTTP redirects. An attacker could exploit this vulnerability using man-in-the-middle techniques to inject malicious content in the HTTP transport method to trick the system into installing altered packages and execute arbitrary code with root privileges. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155966> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-19967](<https://vulners.com/cve/CVE-2018-19967>) \n**DESCRIPTION:** Xen is vulnerable to a denial of service, caused by an error when using instructions with the XACQUIRE prefix on the host physical memory range. A local attacker could exploit this vulnerability using HLE constructs to cause the CPU to hang and lock up the host. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152603> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-19965](<https://vulners.com/cve/CVE-2018-19965>) \n**DESCRIPTION:** Xen is vulnerable to a denial of service, caused by an error from attempting to use INVPCID with a non-canonical address. A local attacker could exploit this vulnerability to cause the host to crash. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153185> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-19962](<https://vulners.com/cve/CVE-2018-19962>) \n**DESCRIPTION:** Xen could allow a local attacker to gain elevated privileges on the system, caused by the improper combining of small IOMMU mappings into larger ones. An attacker could exploit this vulnerability to gain host OS privileges. \nCVSS Base Score: 9.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153188> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-19961](<https://vulners.com/cve/CVE-2018-19961>) \n**DESCRIPTION:** Xen could allow a local attacker to gain elevated privileges on the system, caused by an error when TLB flushes do not always occur after IOMMU mapping changes. An attacker could exploit this vulnerability to gain host OS privileges. \nCVSS Base Score: 9.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/154085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2019-3462](<https://vulners.com/cve/CVE-2019-3462>) \n**DESCRIPTION:** Advanced Package Tool (APT) package manager, used by many major Linux distributions, could allow a remote attacker to execute arbitrary code on the system, caused by the improper validation of certain parameters during HTTP redirects. An attacker could exploit this vulnerability using man-in-the-middle techniques to inject malicious content in the HTTP transport method to trick the system into installing altered packages and execute arbitrary code with root privileges. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155966> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-0737](<https://vulners.com/cve/CVE-2018-0737>) \n**DESCRIPTION:** OpenSSL could allow a local attacker to obtain sensitive information, caused by a cache-timing side channel attack in the RSA Key generation algorithm. An attacker with access to mount cache timing attacks during the RSA key generation process could exploit this vulnerability to recover the private key and obtain sensitive information. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141679> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0735](<https://vulners.com/cve/CVE-2018-0735>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152086> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0734](<https://vulners.com/cve/CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0732](<https://vulners.com/cve/CVE-2018-0732>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key agreement in a TLS handshake. By spending an unreasonably long period of time generating a key for this prime, a remote attacker could exploit this vulnerability to cause the client to hang. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144658> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-0737](<https://vulners.com/cve/CVE-2018-0737>) \n**DESCRIPTION:** OpenSSL could allow a local attacker to obtain sensitive information, caused by a cache-timing side channel attack in the RSA Key generation algorithm. An attacker with access to mount cache timing attacks during the RSA key generation process could exploit this vulnerability to recover the private key and obtain sensitive information. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141679> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0735](<https://vulners.com/cve/CVE-2018-0735>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152086> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0734](<https://vulners.com/cve/CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0732](<https://vulners.com/cve/CVE-2018-0732>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key agreement in a TLS handshake. By spending an unreasonably long period of time generating a key for this prime, a remote attacker could exploit this vulnerability to cause the client to hang. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144658> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-5407](<https://vulners.com/cve/CVE-2018-5407>) \n**DESCRIPTION:** Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU''s internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-19966](<https://vulners.com/cve/CVE-2018-19966>) \n**DESCRIPTION:** Xen is vulnerable to a denial of service, caused by a conflict between mitigation for PV guests and shadow paging. A local attacker could exploit this vulnerability to cause the host to crash. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153184> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nVRA - Vyatta 5600\n\n## Remediation/Fixes\n\nPlease contact IBM Cloud Support to request that the ISO for the 1801-v be pushed to your Vyatta system. Users will need to apply the upgraded code according to their defined processes (for example during a defined maintenance window).\n\n## Monitor IBM Cloud Status for Future Security Bulletins\n\nMonitor the [security notifications](<https://cloud.ibm.com/status?selected=security>) on the IBM Cloud Status page to be advised of future security bulletins.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud &amp; Data Platform\"},\"Product\":{\"code\":\"SSH5QD\",\"label\":\"Vyatta 5600\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "published": "2019-04-18T16:40:01", "modified": "2019-04-18T16:40:01", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.3}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://www.ibm.com/support/pages/node/881778", "reporter": "IBM", "references": [], "cvelist": ["CVE-2017-11613", "CVE-2017-17095", "CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-0737", "CVE-2018-10963", "CVE-2018-12086", "CVE-2018-15209", "CVE-2018-16335", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2018-1710", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18557", "CVE-2018-19627", "CVE-2018-19628", "CVE-2018-19788", "CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19966", "CVE-2018-19967", "CVE-2018-5407", "CVE-2018-5784", "CVE-2018-7456", "CVE-2018-8905", "CVE-2019-3462", "CVE-2019-6250"], "immutableFields": [], "lastseen": "2023-02-23T21:47:35", "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY27.ASC", "OPENSSL_ADVISORY28.ASC", "OPENSSL_ADVISORY29.ASC"]}, {"type": "amazon", "idList": ["ALAS-2018-1000", "ALAS-2018-1098", "ALAS-2019-1153", "ALAS-2019-1188", "ALAS-2019-1306", "ALAS2-2018-1004", "ALAS2-2018-1102", "ALAS2-2019-1141", "ALAS2-2019-1153", "ALAS2-2019-1160", "ALAS2-2019-1188", "ALAS2-2019-1327", "ALAS2-2019-1331", "ALAS2-2019-1345", "ALAS2-2019-1362", "ALAS2-2021-1643", "ALAS2-2021-1647"]}, {"type": "archlinux", "idList": ["ASA-201810-9", "ASA-201811-17", "ASA-201811-18", "ASA-201812-3", "ASA-201812-5", "ASA-201812-6", "ASA-201812-7", "ASA-201812-8", "ASA-201901-2", "ASA-201901-4", "ASA-201901-9"]}, {"type": "avleonov", "idList": ["AVLEONOV:101A90D5F21CD7ACE01781C2913D1B6D"]}, {"type": "broadcom", "idList": ["BSA-2022-627"]}, {"type": "centos", "idList": ["CESA-2018:3221", "CESA-2019:0049", "CESA-2019:0201", "CESA-2019:0483", "CESA-2019:2046", "CESA-2019:2051", "CESA-2019:2053", "CESA-2019:2091", "CESA-2019:2125", "CESA-2019:2304"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-1596", "CPAI-2019-0075", "CPAI-2019-0250", "CPAI-2019-0253", "CPAI-2019-0301"]}, {"type": "citrix", "idList": ["CTX239432"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:419C347150598833F1C493E269FE4871", "CFOUNDRY:B1BFB1BD3BA9A90D6CA66F05AB2DCBAE", "CFOUNDRY:B5964D2AB72D599E586D491432260541", "CFOUNDRY:B5D83AC354415BC5963DDEA25217434D", "CFOUNDRY:BDB6F8275A06CC11A9EB2C43CBB82E42", "CFOUNDRY:C768FE56A2CAF17D23742FB506948084", "CFOUNDRY:DCF842DDD89D1624E7B2FFAA64957639", "CFOUNDRY:EFC04687630119FCBBD9AD5BD4734A0F"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1632262317"]}, {"type": "cnvd", "idList": ["CNVD-2022-64486"]}, {"type": "cve", "idList": ["CVE-2017-11613", "CVE-2017-17095", "CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-0737", "CVE-2018-10963", "CVE-2018-12086", "CVE-2018-15209", "CVE-2018-16335", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2018-1710", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18557", "CVE-2018-19627", "CVE-2018-19628", "CVE-2018-19788", "CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19966", "CVE-2018-19967", "CVE-2018-5407", "CVE-2018-5784", "CVE-2018-7456", "CVE-2018-8905", "CVE-2019-3462", "CVE-2019-3815", "CVE-2019-6250", "CVE-2020-11091"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1346-1:1B772", "DEBIAN:DLA-1346-1:1C03A", "DEBIAN:DLA-1347-1:5B7B5", "DEBIAN:DLA-1347-1:AD24F", "DEBIAN:DLA-1377-1:5B4BA", "DEBIAN:DLA-1377-1:D306A", "DEBIAN:DLA-1378-1:A6EC0", "DEBIAN:DLA-1378-1:B3144", "DEBIAN:DLA-1391-1:510FC", "DEBIAN:DLA-1391-1:9EF01", "DEBIAN:DLA-1411-1:A79C4", "DEBIAN:DLA-1411-1:EBCC1", "DEBIAN:DLA-1449-1:6B9AF", "DEBIAN:DLA-1449-1:EF247", "DEBIAN:DLA-1557-1:89690", "DEBIAN:DLA-1586-1:00096", "DEBIAN:DLA-1637-1:575F5", "DEBIAN:DLA-1637-1:93B1E", "DEBIAN:DLA-1637-1:9E21E", "DEBIAN:DLA-1637-1:A6957", "DEBIAN:DLA-1639-1:E2273", "DEBIAN:DLA-1644-1:60A38", "DEBIAN:DLA-1644-1:F7007", "DEBIAN:DLA-1711-1:DE671", "DEBIAN:DLA-1711-1:E8CC3", "DEBIAN:DLA-1949-1:95A46", "DEBIAN:DLA-2009-1:97403", "DEBIAN:DSA-4348-1:05673", "DEBIAN:DSA-4349-1:DA7EF", "DEBIAN:DSA-4350-1:F0E6F", "DEBIAN:DSA-4355-1:1415E", "DEBIAN:DSA-4359-1:68CD3", "DEBIAN:DSA-4367-1:3D2E5", "DEBIAN:DSA-4367-1:BF4F4", "DEBIAN:DSA-4368-1:7CC0F", "DEBIAN:DSA-4369-1:07573", "DEBIAN:DSA-4371-1:FF7D6"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-11613", "DEBIANCVE:CVE-2017-17095", "DEBIANCVE:CVE-2018-0732", "DEBIANCVE:CVE-2018-0734", "DEBIANCVE:CVE-2018-0735", "DEBIANCVE:CVE-2018-0737", "DEBIANCVE:CVE-2018-10963", "DEBIANCVE:CVE-2018-12086", "DEBIANCVE:CVE-2018-15209", "DEBIANCVE:CVE-2018-16335", "DEBIANCVE:CVE-2018-16864", "DEBIANCVE:CVE-2018-16865", "DEBIANCVE:CVE-2018-16866", "DEBIANCVE:CVE-2018-18225", "DEBIANCVE:CVE-2018-18226", "DEBIANCVE:CVE-2018-18557", "DEBIANCVE:CVE-2018-19627", "DEBIANCVE:CVE-2018-19628", "DEBIANCVE:CVE-2018-19788", "DEBIANCVE:CVE-2018-19961", "DEBIANCVE:CVE-2018-19962", "DEBIANCVE:CVE-2018-19965", "DEBIANCVE:CVE-2018-19966", "DEBIANCVE:CVE-2018-19967", "DEBIANCVE:CVE-2018-5407", "DEBIANCVE:CVE-2018-5784", "DEBIANCVE:CVE-2018-7456", "DEBIANCVE:CVE-2018-8905", "DEBIANCVE:CVE-2019-3462", "DEBIANCVE:CVE-2019-3815", "DEBIANCVE:CVE-2019-6250"]}, {"type": "exploitdb", "idList": ["EDB-ID:45785"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:A973689D6080CBEE3C764AC41CE0B4D5"]}, {"type": "f5", "idList": ["F5:K04185528", "F5:K06044762", "F5:K21665601", "F5:K22040951", "F5:K22356857", "F5:K30683410", "F5:K43429502", "F5:K43741620", "F5:K49711130", "F5:K70117303", "F5:K91040959", "F5:K94133434"]}, {"type": "fedora", "idList": ["FEDORA:05CC8610B02D", "FEDORA:08AC0606CFA2", "FEDORA:1D3596042F2D", "FEDORA:1E6AC6079276", "FEDORA:2BC6B6076968", "FEDORA:3617360769EA", "FEDORA:3716960460DF", "FEDORA:394456047310", "FEDORA:4413B6120A17", "FEDORA:471E6607126F", "FEDORA:4E0E1604D2DA", "FEDORA:501B260EC97D", "FEDORA:5267F604C2BD", "FEDORA:67D5B602F037", "FEDORA:69A7A604D2CE", "FEDORA:6F712609154B", "FEDORA:830BA60779B9", "FEDORA:87EA260C6161", "FEDORA:8C18D60CC4DB", "FEDORA:8D9BA60468B9", "FEDORA:9A70A612DEE8", "FEDORA:A65C46509BD7", "FEDORA:AB5346014BB3", "FEDORA:AFDBD60E76E0", "FEDORA:B0007604D9B4", "FEDORA:B56AC605DCD2", "FEDORA:BB0F9605F088", "FEDORA:BED2C6068713", "FEDORA:C30656062E50", "FEDORA:C5613607A3CF", "FEDORA:C8F726082DB8", "FEDORA:CF74160AEBD4", "FEDORA:D013361742CE", "FEDORA:D16B26094E7B", "FEDORA:D208C60874AA", "FEDORA:D752B601C826", "FEDORA:E1F03604CCFB", "FEDORA:E66CE6076F5E", "FEDORA:E77A46090E70", "FEDORA:EA1BA60A9A95"]}, {"type": "freebsd", "idList": ["0904E81F-A89D-11E8-AFBB-BC5FF4F77B71", "238AE7DE-DBA2-11E8-B713-B499BAEBFEAF", "2A86F45A-FC3C-11E8-A414-00155D006B02", "6F170CF2-E6B7-11E8-A9A8-B499BAEBFEAF", "8E48365A-214D-11E9-9F8A-0050562A4D7B", "8F353420-4197-11E8-8777-B499BAEBFEAF", "C82ECAC5-6E3F-11E8-8777-B499BAEBFEAF"]}, {"type": "gentoo", "idList": ["GLSA-201811-03", "GLSA-201811-21", "GLSA-201903-07", "GLSA-201903-10", "GLSA-201903-22", "GLSA-201904-15", "GLSA-201908-14", "GLSA-202003-25"]}, {"type": "github", "idList": ["GHSA-59QG-GRP7-5R73", "GHSA-782P-53WQ-CXMJ"]}, {"type": "hackerone", "idList": ["H1:364964", "H1:477073", "H1:819717"]}, {"type": "hp", "idList": ["HP:C06179472"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20181212-01-CACHE"]}, {"type": "ibm", "idList": ["0A5B13C8983BE4491518367535A0427B2CBE5B0B75C8384C4657D2E9D8B12509", "0CA188EFC7CDADE90601F290707CAA5BD78A8BC55F51F5FEBB8DE6973755F589", "0EE6D6218450CBB90429540D9FE611B8C2F3A999EBD2EBC6D9062EA9EEC2DB09", "0F0A825C07A03880DD39EA5C5014BCE8191E8BEC536CC2446F889DF92FF626E7", "1718B068186F074A8BEAB75FE19E004C6905FFDD9A62AFCE1EB50FB9FF7CC764", "1753BC62442BE4CF992F4D8242EB34368CF93CCB6BB6464B1B6744B5BFB4A859", "17D7D828B3E6A9F1E9C0A8E814E614CE20018EC729DD0927FA998FB80F5932E6", "1CF4DF59D95DCE9E928A40113C23889474EEB490805691F3A20844F7C3E7E8C4", "1EE6A9FE4BA67B644CF284DD602D2172C5B63FD07D6A0117C4A372E7C9EF1921", "1EE8179E7306BC22EA2DAC35B20FCC9F61017EC7C0F3E0F23878FD248FDCBF5C", "1F234EFC9BCA33D00375D73A19EA38D309527628B71CCB02CAF517D9F70083C2", "1FE8CBFD143AEE75B9E3E758B04FAAEB9E0299C133474FCE02F7561E2C393562", "22C6665D00A9702426CEE593F4765FD3CD4EE170F8AA7F50D0505C6B2799BC21", "231E423B28752DD6263DBEC8D8F06E8A6EC0C4DA14543D958731A02C8193E5EE", "23FB85E4A4524EAF001F53197F29C0F104443FA007C725351B59D636C5772DBB", "2781352DDABD04472A60AF63C2C53E5BD309AE38F103165B7AB8627F1EADB57E", "285F9BF0EA13439680572DA9FF47D0280AF7DF1BB82847134FC2B0DCB6325C22", "2938738DF3DDBB63A043DF986F34D6A71B49D913722E7B5256E7CB282FB094AD", "2CB506A94738DFBB431632CE3D9915F6D234C784303B80AC974DE0F7A1C637C9", "2CFF419F7EEB85DC018012960296DE833DF10413DC7BD1B5D804985583C4E2CA", "2E02CFA370343A3C7EEAC334E531C7CFAEA239C1B84CCF33ED5FCA261F338F03", "2EE525D2EA98139EECBD98B625477DDDD5A658E5F81D79BC18E2A76F2D1FAAC6", "2F6DCE2C99CCDBE682ED08A9421CED8979F6A988BEE9A17025F9CD412547C8CE", "2FBFC8754472F738C7AE8FA2FE0E40CE57F32871B6806A87607793EA6E977399", "31ADB6C8E8FF600D11DB6D7A8786A3E889599DA69349D9CD7C480130A5790D3C", "3495F9B812339D5B1BD78637C1F420145AAD93AFB44B6E35782DE0160CF7211B", "35CE36470C6858208CBE35C645C86A8D11D93A44B60AA51330017D13664912F6", "396101D065CD03063D3EDD8ECD4D04328593EA9E668CA28B3D46C33D8DBC0CD3", "3C65676BB318E7F626C40886AE1DA0CDBF3A57C601ABE8A15883EA7D4C7A0F96", "3D3BF59CC576F554C3F716540167D85670B56CE61C0AA690764AE05CC62E23C5", "3F517C6EB3F580D15A8688927C2FEDE369F340156A939E9A19A6F6469765380E", "3F709EA726EB2BD99A9BF0A52B5FBF758B042727BAB188CBB7DC446E3FE28E4C", "3F9F8F4832E2C9540EEE2DE7A8990AC60FA7592E705F735C05D36CB15E03989D", "414CD2ED8A4DB39966322AAA5EC3E25F6665F6B43B7145FD3AAB4B99AEF6A15C", "41D74490768E1FEA65BA04768E1BBABF9B0B30814EAF5BAAE6962979F0600776", "41DDC82A157023E312F96344BBA7783A54EA393826891156E038C3C2F4900D76", "42B553A5257DBCE0553E09359217D9B58850595C4F83DD12BEB3762A7D09FF2D", "431382DB113A5AA827C6DF689025451816886598A8DBE3FF020843B5C1B983BE", "43354655A73B799F71F60AEA52DAD1D75E6E63CDBD03EA7A4682B6B8C07D3615", "473B42A0AD3ADFD11193F1FA0491433B6C2F49AB442C2703D8ED509C2300C6D6", "4740D31DDDB60D6591786B0C7BECFA2FC57E0C921AAEB32D15BD10AC2E70469A", "47DDA2A418E0FF6C96DFB84335DCAEDE1A8B3CE26DF31660F71744BC1ABD71AE", "47E4120B9285789AC2F5A2D577CA4BE3452EDD04208DFB9AE539ADF65FAE5391", "4B06DA3E8A1BA9BB2F9A26A1D2FDDC88BD32F7007691DE07AB36ED891AD85988", "4BD0A578AC85BE4A404D10EC419136C4CE32988E7B285336E8F81B41BC84892B", "4C79E288BC340613D1B1B84DD16C4C5D8F508A64A400E10BDCB88A06FA574EDF", "50125E27447170BE98036399FE253A8FC89AB90C88039855C5EB3DF65F56614B", "54FB6726805D886796865FF32608051BEE914B969DCB3300B1E662574A92A04E", "55DC0E3C026178E5F61BF57A45946FCB60AE3F058FC5FB886D807736D5B573D2", "5A23BE34322F36780B2821378B1628B3331997E99E3A9C4B3B0067399EEBC3F5", "5DC1D4450F2C10180A54188407BC570F1264B8BCF3369F25AFDDF5EC5E93DA09", "5E0E32B39EEDE0FD2DF597014A313B4760C8CCD85774132829C4BB7B6A2ECEEF", "5F3E26ED26EA2394AEF8CFD57D8113E0E0F4266C1E583DF03C0980A9BE5A932E", "5F957B5E06ACCABE54D87CD6147B8E68B673F925251FED25DCB9B0E9A50E046A", "618977912AAF0DCA5FBB71864A1A9D187CC967B0E0C5867770412440259ACE09", "633101892424998D20120B3DD7F6989828A31FA0294F49F44921A8AC25511C41", "66085D7F9CED2307611DE0A2C699D11FC2C6F022E835E9DA63DBB97E0B78CA23", "6725498E60BAE87422EAF3456CE0CDB09BA37F2486FF5387F29D50C5D6450CFE", "6AFE0225FF449F7A6AD90F9665790E82664E148663D54920693EFD869839FCE0", "6C936525CC05B74329AB8247175C9D1ED80298555690B448306C6F657CE244B2", "6F6768C352D35E635941DEB363A246932AED6F313203D35ADA25B85FA350C55A", "6FF75962CB7DDD7579E6FD1A7074307D64F2739B039FDA656F0F483D64BA1F23", "70A3DA093ABDE18F72C315FEE3BB4BF5BC15B78D8580EF9CAE5E47A72E111EE0", "732500E18BE7C9ED830D9D2C86A1F758E95A1A12A09BE8FE102B75F50E6A1E5B", "742A5EE5095C2D25FD4C21E1BCFF447C64FB309C1797EDABFD78DFF9772CD9C4", "7B753C368ACA27C22C23CCCF0ADAC34B8D0ABE013F91E91F77FAA106033ADC8E", "7CFB9BE2DA6D94FEBCA1C4AA8CF9F47ECB13D1F735997F5255B4A85A3E13B4E7", "81B43D7CFC92C499BCB5A612BA8889A175C9862AB5DCCB9C95EB8CAB818B2D5F", "82210BD4F424EF00588141E5FD63C4C6C29D49F0E7BDFE7C1D44F4A5ED88465A", "824ADAF8E5DE88375EFC5412C86554019A1D20AE993BF46D6E6A634FA7987D24", "82A5F2C9706BD66C797BC6A7F8BACE57F9828B34609CF0365037187895397090", "84BB486A16164E9E9FFD8E6D5DA45CDDD2999475349031D618B321E598A27C51", "859E9503503A634C300E460C2F12FCA56E167B475CCBFA01CFD35167C415E188", "85A9CCC329280354A0F8271CF2AC6C4D6A82AF417642C72236CF8B3B9902B024", "8A242C548ADF3E615FE6BA32C7E6F5B2DB8B1FA250ABF2329DC20A0FB32D3700", "8C0129814949D722F2963CAFBD1856188A64AE8EEC7A15813CEE888467B6FB34", "8CB9D0387141654C3CF6D4DE9206C4786C02BFC2860F29D379CC3D78BAF86A49", "8FC34A0E6146DFD832B9B42867CB12205D41BFE933E8EDE61DFDAE06C5339ABC", "9015B3024053E33993F6C31216DAD607F6216CD5AC759977FCFEA2292D1A3F6D", "9304092E63FBA16253D493D2E1E4C422EF1498D05C9ADDCBBA838C3C29B1EF87", "99E8EFD982702D0DA3B71A579F8DE7ED0EE792CBC5A6CC73A7B091F68F5F71F4", "A1547A458E01103818454427D9CBF914A72D3F13D80277B6658A6A2B4E85543C", "A2517EC145D95278A8866855009EC2BCF9A702C6A9E1E46B6A3EC8B8660ED5CE", "A4829964562D4DA75AC835389538AF91BE820F503BFE614BB74E402BC80BACA1", "AC937FC2D06F7497A7DAE7DB8BAA56276E0A32D9882D10507A01E8A788B2E77C", "AF1B7F69319D99120AB2CC7B05E220642F57066BEA685FEF87055B6FE861FE45", "AFC88E550B6899AB50B41FE6D888AB57146D76F8E3B4D34C479A605C233ED6FB", "B3446AFA47BD664B99B6DC653C6AF10D8AFCE06B43C0C23D364D628FAD4130CA", "B3E6D054507AB3B2747CD81EF1321A37C5EECBBAA25C47BEBF1156723BC9BC6F", "B645A1884F55B8D23E89889934405E297A29DD4C710A7CC08A400CAB85EC2792", "B9E9CED15D52245923C5C522920522901C04440B4FB14B24474C1033AA731D66", "BBE7FF4DAEA8010E181E474400E4894F3A3C3629A390D248B35972338EC21A14", "BC2283C42C5754BA56D4B137D9299A766BC1E54917CDB4BD5C57BE600AAD1E60", "BC6791BE1BE27712E7F93A3CF6425D4DFC9F597812F25D8188ADDCC84186E81E", "C33A3EA0A894FC142F79013DE2B47A32ABDD698A23D88250CBA254A8EE181DAC", "CC5089F9744A6B5AF776C8A1234A9BCA32E0798D396B5C631C8D215B02EA08AB", "CC522CEFDA1CDA2D6A41F4CEB23188FCDCB5B9C7684188F7ACD43070E2E91B27", "CC90511999CDCFF078D628EABBA53FB2DAD95FDB412A61D2D60AF25820C65A9B", "CD89E62E061E2DB346452CB6F3ADA1C2F77A9A0CAF6EDE19D5644E0E19870A46", "CEEF59A551C3AFEE61046BE5D2CE2C317337786EB04B404FBE60DBD7BCD0A90D", "D1CE2D9E2B9A3419FE3C9AB3A447623523F119DE8D1288401E98053F1834B378", "D2104DCF6D54F521E7CB0EE6FF8345E3D8D09F16610E41A8AFC827D663F63D7C", "D272B1ACFC08FB00F71DAECEAF120EF8F47B4AA0F575849F81F09FF6E35CBFB5", "D454B083C2F6C01D5FB789AAD7FBA7EC3275CE75337FDA7E432D981B6497D940", "D5FAA4D531F2C77FCA796CDBE24E353B88AF07EF4901D113FCF9A8A7AA86B84A", "DB77FA682E1C424D5DC75EF1D7E867B818764A3DCA318FD78F7BB076B3F08B21", "DC3AF6BC1F25ACFCE5025C6EBCDDF8639AE9C29FC2AD2069B5ADB56738E565BE", "DC9E5D6FE6B88F5D89DB03218074A114E27EE0F2AD7860DAF0C76ACBE1476BE5", "DD47B4552E11B2F2EB65F3C1C6571A088D9607DD2592022E7183BE7773571CDA", "E24545639D10A648BCB6D9F4AAE7525E072A1C6A4E5448AFD0E797BA58867591", "E27CF59C9E2E6C51C822E91F4392208E7D3759A654890A485CF9095C81FD8C05", "E6FCDAF229D9B08B47522BF5A52A247A437CC2DC9C2822EEE2F847066D8AF4D4", "E79BC6C34DAD829FAB4182BB79212B7400A2BCB673A1FFCDE7E446FA6EFAF11B", "E7F636A27638AC94395F093FEC504E57FEDAADB77E04FEB152B79FE3736BBB84", "E84103203BFA1B36218CCDE369C2BBCCD152D2AD6B7B2E3DFF1E7CB95ABB6E90", "E9F526279967C49905FC615BE4B623F1E1673884718AFE186BA43E5FCA0DB5EE", "EBACE003ECE04EFB687B32B1C56A8544D399C6F6EF5AD3DF3696388A24535AAB", "EBBF00D1C8DFAC2AF76D93E0B377EBA032F2F9F1AAFD2C87CD6605C0927AEA08", "EF8BCCAA9DAA84FFDF67B2B605E8F5219EBA4E7EDAA69B40EA2B0BCFC1D1C708", "F076572D51F6FA773F2EE1CFD786E38C65FE2769E50B4681E53C22C366D4CAD2", "F17C09CA9366DB4B46C2D2458B4B0B2F150A45007792754545A5B15C91CA9BBA", "F3E828A110F6286563EC4AB88047BFE6A226087FA154E15D29BE64E79A0A80F0", "F5E4E7E94A5B5416B7962B49F2B3AB24AF78940915813B594DD105945CECD269", "F5FE69C711C352F19B25282CC284084A78FE3478FA6E88CE4A5FADA3AE8C466F", "F7980932C2678735C2BC72D859D9BE9BD6A2E613155F6CE731318CF3B17871DA", "F872F8566F9FD82E04F4F560133262995FD83D6A264C910C9967DE1B18E27727", "FA72645AEA039BA3B00779CC846F404BEAFC0CD1CF57E01D9602CBEC8B491F79", "FDF6E8F7CD2218245453540A985C40ED7D9C20F3F61D50E98DA8EC923B1A387A", "FEDCA267965BBB9468CAE56A08FFCE9E72E44378F7136A8300FF61E129DBD9CE", "FEDE4F7915CF8E683DBC7AB56D68872D5740EF9C5D19FED52B140130771052A2"]}, {"type": "ics", "idList": ["ICSA-21-159-08"]}, {"type": "kaspersky", "idList": ["KLA11337", "KLA11339", "KLA11377", "KLA11405"]}, {"type": "kitploit", "idList": ["KITPLOIT:7323577050718865961"]}, {"type": "mageia", "idList": ["MGASA-2018-0109", "MGASA-2018-0180", "MGASA-2018-0208", "MGASA-2018-0246", "MGASA-2018-0365", "MGASA-2018-0437", "MGASA-2018-0470", "MGASA-2018-0493", "MGASA-2019-0054"]}, {"type": "myhack58", "idList": ["MYHACK58:62201992676"]}, {"type": "nessus", "idList": ["700390.PRM", "700391.PRM", "700392.PRM", "700623.PRM", "700628.PRM", "700630.PRM", "700631.PRM", "AIX_OPENSSL_ADVISORY27.NASL", "AIX_OPENSSL_ADVISORY28.NASL", "AIX_OPENSSL_ADVISORY29.NASL", "AL2_ALAS-2018-1004.NASL", "AL2_ALAS-2018-1102.NASL", "AL2_ALAS-2019-1141.NASL", "AL2_ALAS-2019-1153.NASL", "AL2_ALAS-2019-1160.NASL", "AL2_ALAS-2019-1188.NASL", "AL2_ALAS-2019-1327.NASL", "AL2_ALAS-2019-1331.NASL", "AL2_ALAS-2019-1345.NASL", "AL2_ALAS-2019-1362.NASL", "AL2_ALAS-2021-1643.NASL", "AL2_ALAS-2021-1647.NASL", "ALA_ALAS-2018-1000.NASL", "ALA_ALAS-2018-1098.NASL", "ALA_ALAS-2019-1153.NASL", "ALA_ALAS-2019-1188.NASL", "ALA_ALAS-2019-1306.NASL", "CENTOS8_RHSA-2019-3700.NASL", "CENTOS_RHSA-2018-3221.NASL", "CENTOS_RHSA-2019-0049.NASL", "CENTOS_RHSA-2019-0201.NASL", "CENTOS_RHSA-2019-0483.NASL", "CENTOS_RHSA-2019-2046.NASL", "CENTOS_RHSA-2019-2051.NASL", "CENTOS_RHSA-2019-2053.NASL", "CENTOS_RHSA-2019-2091.NASL", "CENTOS_RHSA-2019-2125.NASL", "CENTOS_RHSA-2019-2304.NASL", "CITRIX_XENSERVER_CTX239432.NASL", "DEBIAN_DLA-1346.NASL", "DEBIAN_DLA-1347.NASL", "DEBIAN_DLA-1377.NASL", "DEBIAN_DLA-1378.NASL", "DEBIAN_DLA-1391.NASL", "DEBIAN_DLA-1411.NASL", "DEBIAN_DLA-1449.NASL", "DEBIAN_DLA-1557.NASL", "DEBIAN_DLA-1586.NASL", "DEBIAN_DLA-1637.NASL", "DEBIAN_DLA-1639.NASL", "DEBIAN_DLA-1644.NASL", "DEBIAN_DLA-1711.NASL", "DEBIAN_DLA-1949.NASL", "DEBIAN_DLA-2009.NASL", "DEBIAN_DSA-4348.NASL", "DEBIAN_DSA-4349.NASL", "DEBIAN_DSA-4350.NASL", "DEBIAN_DSA-4355.NASL", "DEBIAN_DSA-4359.NASL", "DEBIAN_DSA-4367.NASL", "DEBIAN_DSA-4368.NASL", "DEBIAN_DSA-4369.NASL", "DEBIAN_DSA-4371.NASL", "EULEROS_SA-2018-1214.NASL", "EULEROS_SA-2018-1306.NASL", "EULEROS_SA-2018-1383.NASL", "EULEROS_SA-2018-1392.NASL", "EULEROS_SA-2018-1420.NASL", "EULEROS_SA-2018-1434.NASL", "EULEROS_SA-2019-1009.NASL", "EULEROS_SA-2019-1045.NASL", "EULEROS_SA-2019-1060.NASL", "EULEROS_SA-2019-1084.NASL", "EULEROS_SA-2019-1107.NASL", "EULEROS_SA-2019-1128.NASL", "EULEROS_SA-2019-1145.NASL", "EULEROS_SA-2019-1164.NASL", "EULEROS_SA-2019-1185.NASL", "EULEROS_SA-2019-1201.NASL", "EULEROS_SA-2019-1227.NASL", "EULEROS_SA-2019-1233.NASL", "EULEROS_SA-2019-1242.NASL", "EULEROS_SA-2019-1267.NASL", "EULEROS_SA-2019-1326.NASL", "EULEROS_SA-2019-1400.NASL", "EULEROS_SA-2019-1412.NASL", "EULEROS_SA-2019-1416.NASL", "EULEROS_SA-2019-1546.NASL", "EULEROS_SA-2019-1643.NASL", "EULEROS_SA-2019-1654.NASL", "EULEROS_SA-2019-1656.NASL", "EULEROS_SA-2019-1732.NASL", "EULEROS_SA-2019-1748.NASL", "EULEROS_SA-2019-1752.NASL", "EULEROS_SA-2019-1755.NASL", "EULEROS_SA-2019-1785.NASL", "EULEROS_SA-2019-1807.NASL", "EULEROS_SA-2019-1828.NASL", "EULEROS_SA-2019-1857.NASL", "EULEROS_SA-2019-1937.NASL", "EULEROS_SA-2019-1943.NASL", "EULEROS_SA-2019-1981.NASL", "EULEROS_SA-2019-1998.NASL", "EULEROS_SA-2019-2008.NASL", "EULEROS_SA-2019-2042.NASL", "EULEROS_SA-2019-2056.NASL", "EULEROS_SA-2019-2133.NASL", "EULEROS_SA-2019-2209.NASL", "EULEROS_SA-2019-2218.NASL", "EULEROS_SA-2019-2223.NASL", "EULEROS_SA-2019-2232.NASL", "EULEROS_SA-2019-2244.NASL", "EULEROS_SA-2019-2265.NASL", "EULEROS_SA-2019-2314.NASL", "EULEROS_SA-2019-2430.NASL", "EULEROS_SA-2019-2466.NASL", "EULEROS_SA-2019-2621.NASL", "EULEROS_SA-2020-1193.NASL", "EULEROS_SA-2020-1216.NASL", "EULEROS_SA-2020-1235.NASL", "EULEROS_SA-2020-1447.NASL", "EULEROS_SA-2020-1451.NASL", "EULEROS_SA-2020-1463.NASL", "EULEROS_SA-2020-1629.NASL", "EULEROS_SA-2020-1924.NASL", "EULEROS_SA-2020-1963.NASL", "EULEROS_SA-2020-2145.NASL", "EULEROS_SA-2020-2361.NASL", "EULEROS_SA-2020-2448.NASL", "EULEROS_SA-2021-2145.NASL", "EULEROS_SA-2021-2542.NASL", "EULEROS_SA-2021-2566.NASL", "EULEROS_SA-2021-2758.NASL", "EULEROS_SA-2021-2785.NASL", "F5_BIGIP_SOL06044762.NASL", "F5_BIGIP_SOL21665601.NASL", "F5_BIGIP_SOL22040951.NASL", "F5_BIGIP_SOL49711130.NASL", "FEDORA_2018-02A38AF202.NASL", "FEDORA_2018-1B6CB1DF72.NASL", "FEDORA_2018-2F8696869E.NASL", "FEDORA_2018-335AEC0507.NASL", "FEDORA_2018-35D435F362.NASL", "FEDORA_2018-399BCE9F8F.NASL", "FEDORA_2018-44C6F91560.NASL", "FEDORA_2018-4AC3C68EE4.NASL", "FEDORA_2018-520E4C5B4E.NASL", "FEDORA_2018-67A6BF4AC1.NASL", "FEDORA_2018-7A0F7F5768.NASL", "FEDORA_2018-89413A04E0.NASL", "FEDORA_2018-9E0A37E7A2.NASL", "FEDORA_2018-BD18C784DE.NASL", "FEDORA_2018-C7A234C440.NASL", "FEDORA_2018-CB410A3812.NASL", "FEDORA_2018-D41D114D3E.NASL", "FEDORA_2018-E6A51E99A4.NASL", "FEDORA_2019-00C25B9379.NASL", "FEDORA_2019-18B3A10C7F.NASL", "FEDORA_2019-9A0A7C0986.NASL", "FEDORA_2019-A8FFCFF7EE.NASL", "FEDORA_2019-BCE6498890.NASL", "FEDORA_2019-DB06EFDEA1.NASL", "FREEBSD_PKG_0904E81FA89D11E8AFBBBC5FF4F77B71.NASL", "FREEBSD_PKG_238AE7DEDBA211E8B713B499BAEBFEAF.NASL", "FREEBSD_PKG_2A86F45AFC3C11E8A41400155D006B02.NASL", "FREEBSD_PKG_6F170CF2E6B711E8A9A8B499BAEBFEAF.NASL", "FREEBSD_PKG_8E48365A214D11E99F8A0050562A4D7B.NASL", "FREEBSD_PKG_8F353420419711E88777B499BAEBFEAF.NASL", "FREEBSD_PKG_C82ECAC56E3F11E88777B499BAEBFEAF.NASL", "GENTOO_GLSA-201811-03.NASL", "GENTOO_GLSA-201811-21.NASL", "GENTOO_GLSA-201903-07.NASL", "GENTOO_GLSA-201903-10.NASL", "GENTOO_GLSA-201903-22.NASL", "GENTOO_GLSA-201904-15.NASL", "GENTOO_GLSA-201908-14.NASL", "GENTOO_GLSA-202003-25.NASL", "IBM_TEM_9_5_12.NASL", "JUNIPER_JSA10919.NASL", "LCE_5_1_1.NASL", "MACOSX_WIRESHARK_2_4_11.NASL", "MACOSX_WIRESHARK_2_6_4.NASL", "MACOSX_WIRESHARK_2_6_5.NASL", "MYSQL_5_6_43.NASL", "MYSQL_5_7_25.NASL", "MYSQL_8_0_14.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_14.NASL", "NESSUS_TNS_2018_14.NASL", "NESSUS_TNS_2018_16.NASL", "NESSUS_TNS_2018_17.NASL", "NEWSTART_CGSL_NS-SA-2019-0051_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2019-0057_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2019-0065_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0185_LIBTIFF.NASL", "NEWSTART_CGSL_NS-SA-2019-0194_COMPAT-LIBTIFF3.NASL", "NEWSTART_CGSL_NS-SA-2019-0196_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2019-0206_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0207_POLKIT.NASL", "NEWSTART_CGSL_NS-SA-2019-0218_OVMF.NASL", "NEWSTART_CGSL_NS-SA-2019-0227_LIBTIFF.NASL", "NEWSTART_CGSL_NS-SA-2019-0238_COMPAT-LIBTIFF3.NASL", "NEWSTART_CGSL_NS-SA-2019-0239_OVMF.NASL", "NEWSTART_CGSL_NS-SA-2019-0242_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2019-0254_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0256_POLKIT.NASL", "NEWSTART_CGSL_NS-SA-2021-0180_OVMF.NASL", "NEWSTART_CGSL_NS-SA-2022-0009_OVMF.NASL", "NODEJS_2018_AUG.NASL", "NODEJS_2018_NOV.NASL", "NUTANIX_NXSA-AOS-5_10_9.NASL", "NUTANIX_NXSA-AOS-5_11_2.NASL", "NUTANIX_NXSA-AOS-5_16.NASL", "OPENSSL_1_0_2P.NASL", "OPENSSL_1_0_2Q.NASL", "OPENSSL_1_1_0I.NASL", "OPENSSL_1_1_0J.NASL", "OPENSSL_1_1_1A.NASL", "OPENSUSE-2018-1041.NASL", "OPENSUSE-2018-1047.NASL", "OPENSUSE-2018-1091.NASL", "OPENSUSE-2018-1109.NASL", "OPENSUSE-2018-1110.NASL", "OPENSUSE-2018-1238.NASL", "OPENSUSE-2018-1242.NASL", "OPENSUSE-2018-1249.NASL", "OPENSUSE-2018-1330.NASL", "OPENSUSE-2018-1464.NASL", "OPENSUSE-2018-1465.NASL", "OPENSUSE-2018-1479.NASL", "OPENSUSE-2018-1480.NASL", "OPENSUSE-2018-1518.NASL", "OPENSUSE-2018-1529.NASL", "OPENSUSE-2018-1530.NASL", "OPENSUSE-2018-1617.NASL", "OPENSUSE-2018-1620.NASL", "OPENSUSE-2018-1624.NASL", "OPENSUSE-2018-443.NASL", "OPENSUSE-2018-677.NASL", "OPENSUSE-2018-704.NASL", "OPENSUSE-2018-728.NASL", "OPENSUSE-2018-763.NASL", "OPENSUSE-2018-777.NASL", "OPENSUSE-2018-991.NASL", "OPENSUSE-2018-997.NASL", "OPENSUSE-2019-10.NASL", "OPENSUSE-2019-1045.NASL", "OPENSUSE-2019-1046.NASL", "OPENSUSE-2019-1199.NASL", "OPENSUSE-2019-1226.NASL", "OPENSUSE-2019-138.NASL", "OPENSUSE-2019-152.NASL", "OPENSUSE-2019-1547.NASL", "OPENSUSE-2019-1814.NASL", "OPENSUSE-2019-234.NASL", "OPENSUSE-2019-508.NASL", "OPENSUSE-2019-549.NASL", "OPENSUSE-2019-550.NASL", "OPENSUSE-2019-64.NASL", "OPENSUSE-2019-718.NASL", "OPENSUSE-2019-751.NASL", "OPENSUSE-2019-753.NASL", "OPENSUSE-2019-837.NASL", "OPENSUSE-2019-84.NASL", "OPENSUSE-2019-847.NASL", "OPENSUSE-2019-863.NASL", "OPENSUSE-2019-87.NASL", "OPENSUSE-2019-88.NASL", "OPENSUSE-2019-956.NASL", "OPENSUSE-2019-962.NASL", "OPENSUSE-2019-97.NASL", "OPENSUSE-2019-98.NASL", "OPENSUSE-2019-985.NASL", "OPENSUSE-2020-362.NASL", "OPENSUSE-2022-0480-1.NASL", "ORACLELINUX_ELSA-2018-3221.NASL", "ORACLELINUX_ELSA-2018-4248.NASL", "ORACLELINUX_ELSA-2018-4249.NASL", "ORACLELINUX_ELSA-2019-0049.NASL", "ORACLELINUX_ELSA-2019-0201.NASL", "ORACLELINUX_ELSA-2019-0483.NASL", "ORACLEVM_OVMSA-2019-0040.NASL", "ORACLEVM_OVMSA-2020-0039.NASL", "ORACLE_E-BUSINESS_CPU_APR_2019.NASL", "ORACLE_ENTERPRISE_MANAGER_APR_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JAN_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2019_CPU.NASL", "ORACLE_OATS_CPU_JAN_2019.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_APR_2019.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_JAN_2019.NASL", "ORACLE_TUXEDO_CPU_APR_2019.NASL", "PALO_ALTO_PAN-SA-2018-0015.NASL", "PHOTONOS_PHSA-2018-1_0-0149.NASL", "PHOTONOS_PHSA-2018-1_0-0149_OPENSSL.NASL", "PHOTONOS_PHSA-2018-1_0-0175_OPENSSL.NASL", "PHOTONOS_PHSA-2018-1_0-0199_OPENSSL.NASL", "PHOTONOS_PHSA-2018-2_0-0017.NASL", "PHOTONOS_PHSA-2018-2_0-0017_LIBTIFF.NASL", "PHOTONOS_PHSA-2018-2_0-0039.NASL", "PHOTONOS_PHSA-2018-2_0-0039_LIBTIFF.NASL", "PHOTONOS_PHSA-2018-2_0-0048.NASL", "PHOTONOS_PHSA-2018-2_0-0048_LIBTIFF.NASL", "PHOTONOS_PHSA-2018-2_0-0060.NASL", "PHOTONOS_PHSA-2018-2_0-0060_LIBTIFF.NASL", "PHOTONOS_PHSA-2018-2_0-0078.NASL", "PHOTONOS_PHSA-2018-2_0-0078_OPENSSL.NASL", "PHOTONOS_PHSA-2018-2_0-0084.NASL", "PHOTONOS_PHSA-2018-2_0-0084_OPENSSL.NASL", "PHOTONOS_PHSA-2019-1_0-0205_SYSTEMD.NASL", "PHOTONOS_PHSA-2019-1_0-0227_POLKIT.NASL", "PHOTONOS_PHSA-2019-2_0-0118_LIBTIFF.NASL", "PHOTONOS_PHSA-2019-2_0-0153_POLKIT.NASL", "PHOTONOS_PHSA-2019-3_0-0026_ZEROMQ.NASL", "PHOTONOS_PHSA-2020-1_0-0298_NODEJS.NASL", "PHOTONOS_PHSA-2020-2_0-0210_NODEJS.NASL", "REDHAT-RHSA-2018-2552.NASL", "REDHAT-RHSA-2018-2553.NASL", "REDHAT-RHSA-2018-3221.NASL", "REDHAT-RHSA-2019-0049.NASL", "REDHAT-RHSA-2019-0201.NASL", "REDHAT-RHSA-2019-0204.NASL", "REDHAT-RHSA-2019-0271.NASL", "REDHAT-RHSA-2019-0342.NASL", "REDHAT-RHSA-2019-0361.NASL", "REDHAT-RHSA-2019-0483.NASL", "REDHAT-RHSA-2019-1297.NASL", "REDHAT-RHSA-2019-2046.NASL", "REDHAT-RHSA-2019-2051.NASL", "REDHAT-RHSA-2019-2053.NASL", "REDHAT-RHSA-2019-2091.NASL", "REDHAT-RHSA-2019-2125.NASL", "REDHAT-RHSA-2019-2304.NASL", "REDHAT-RHSA-2019-2402.NASL", "REDHAT-RHSA-2019-3222.NASL", "REDHAT-RHSA-2019-3232.NASL", "REDHAT-RHSA-2019-3700.NASL", "REDHAT-RHSA-2019-3929.NASL", "REDHAT-RHSA-2019-3932.NASL", "REDHAT-RHSA-2019-3933.NASL", "REDHAT-RHSA-2020-0593.NASL", "REDHAT-RHSA-2020-1264.NASL", "SECURITYCENTER_5_7_1_TNS_2018_12.NASL", "SLACKWARE_SSA_2018-226-01.NASL", "SLACKWARE_SSA_2018-316-01.NASL", "SLACKWARE_SSA_2018-325-01.NASL", "SL_20181030_OPENSSL_ON_SL7_X.NASL", "SL_20190114_SYSTEMD_ON_SL7_X.NASL", "SL_20190129_SYSTEMD_ON_SL7_X.NASL", "SL_20190313_OPENSSL_ON_SL7_X.NASL", "SL_20190806_COMPAT_LIBTIFF3_ON_SL7_X.NASL", "SL_20190806_LIBTIFF_ON_SL7_X.NASL", "SL_20190806_OPENSSL_ON_SL7_X.NASL", "SL_20190806_OVMF_ON_SL7_X.NASL", "SL_20190806_POLKIT_ON_SL7_X.NASL", "SL_20190806_SYSTEMD_ON_SL7_X.NASL", "SUSE_SU-2018-1180-1.NASL", "SUSE_SU-2018-1826-1.NASL", "SUSE_SU-2018-1835-1.NASL", "SUSE_SU-2018-1887-1.NASL", "SUSE_SU-2018-1887-2.NASL", "SUSE_SU-2018-1889-1.NASL", "SUSE_SU-2018-1968-1.NASL", "SUSE_SU-2018-2036-1.NASL", "SUSE_SU-2018-2041-1.NASL", "SUSE_SU-2018-2207-1.NASL", "SUSE_SU-2018-2486-1.NASL", "SUSE_SU-2018-2492-1.NASL", "SUSE_SU-2018-2647-1.NASL", "SUSE_SU-2018-2683-1.NASL", "SUSE_SU-2018-2796-1.NASL", "SUSE_SU-2018-2812-1.NASL", "SUSE_SU-2018-2928-1.NASL", "SUSE_SU-2018-2928-2.NASL", "SUSE_SU-2018-2956-1.NASL", "SUSE_SU-2018-2965-1.NASL", "SUSE_SU-2018-3282-1.NASL", "SUSE_SU-2018-3289-1.NASL", "SUSE_SU-2018-3327-1.NASL", "SUSE_SU-2018-3391-1.NASL", "SUSE_SU-2018-3590-1.NASL", "SUSE_SU-2018-3590-2.NASL", "SUSE_SU-2018-3863-1.NASL", "SUSE_SU-2018-3864-1.NASL", "SUSE_SU-2018-3866-1.NASL", "SUSE_SU-2018-3911-1.NASL", "SUSE_SU-2018-3911-2.NASL", "SUSE_SU-2018-3925-1.NASL", "SUSE_SU-2018-3945-1.NASL", "SUSE_SU-2018-3989-1.NASL", "SUSE_SU-2018-4001-1.NASL", "SUSE_SU-2018-4068-1.NASL", "SUSE_SU-2018-4070-1.NASL", "SUSE_SU-2018-4274-1.NASL", "SUSE_SU-2018-4295-1.NASL", "SUSE_SU-2018-4298-1.NASL", "SUSE_SU-2018-4300-1.NASL", "SUSE_SU-2019-0003-1.NASL", "SUSE_SU-2019-0015-1.NASL", "SUSE_SU-2019-0019-1.NASL", "SUSE_SU-2019-0020-1.NASL", "SUSE_SU-2019-0053-1.NASL", "SUSE_SU-2019-0054-1.NASL", "SUSE_SU-2019-0110-1.NASL", "SUSE_SU-2019-0117-1.NASL", "SUSE_SU-2019-0135-1.NASL", "SUSE_SU-2019-0137-1.NASL", "SUSE_SU-2019-0197-1.NASL", "SUSE_SU-2019-0395-1.NASL", "SUSE_SU-2019-0825-1.NASL", "SUSE_SU-2019-0827-1.NASL", "SUSE_SU-2019-0875-1.NASL", "SUSE_SU-2019-0921-1.NASL", "SUSE_SU-2019-13921-1.NASL", "SUSE_SU-2019-1553-1.NASL", "SUSE_SU-2020-0388-1.NASL", "SUSE_SU-2020-0693-1.NASL", "SUSE_SU-2022-0480-1.NASL", "SUSE_SU-2022-0496-1.NASL", "SYMANTEC_PROXY_SG_SA1462.NASL", "UBUNTU_USN-3602-1.NASL", "UBUNTU_USN-3606-1.NASL", "UBUNTU_USN-3628-1.NASL", "UBUNTU_USN-3692-1.NASL", "UBUNTU_USN-3840-1.NASL", "UBUNTU_USN-3855-1.NASL", "UBUNTU_USN-3861-1.NASL", "UBUNTU_USN-3863-1.NASL", "UBUNTU_USN-3864-1.NASL", "VIRTUALBOX_5_2_20.NASL", "VIRTUALBOX_JAN_2019_CPU.NASL", "WIRESHARK_2_4_10.NASL", "WIRESHARK_2_4_11.NASL", "WIRESHARK_2_6_4.NASL", "WIRESHARK_2_6_5.NASL", "XEN_SERVER_XSA-275.NASL", "XEN_SERVER_XSA-279.NASL", "XEN_SERVER_XSA-280.NASL", "XEN_SERVER_XSA-282.NASL"]}, {"type": "nodejsblog", "idList": ["NODEJSBLOG:AUGUST-2018-SECURITY-RELEASES", "NODEJSBLOG:NOVEMBER-2018-SECURITY-RELEASES"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2018-0732", "OPENSSL:CVE-2018-0734", "OPENSSL:CVE-2018-0735", "OPENSSL:CVE-2018-0737", "OPENSSL:CVE-2018-5407"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107358", "OPENVAS:1361412562310107443", "OPENVAS:1361412562310107444", "OPENVAS:1361412562310107838", "OPENVAS:1361412562310108483", "OPENVAS:1361412562310108484", "OPENVAS:1361412562310112408", "OPENVAS:1361412562310112409", "OPENVAS:1361412562310112410", "OPENVAS:1361412562310112411", "OPENVAS:1361412562310112488", "OPENVAS:1361412562310112489", "OPENVAS:1361412562310704348", "OPENVAS:1361412562310704349", "OPENVAS:1361412562310704350", "OPENVAS:1361412562310704355", "OPENVAS:1361412562310704359", "OPENVAS:1361412562310704367", "OPENVAS:1361412562310704368", "OPENVAS:1361412562310704369", "OPENVAS:1361412562310704371", "OPENVAS:1361412562310812582", "OPENVAS:1361412562310813153", "OPENVAS:1361412562310813154", "OPENVAS:1361412562310814133", "OPENVAS:1361412562310814134", "OPENVAS:1361412562310814264", "OPENVAS:1361412562310814265", "OPENVAS:1361412562310814266", "OPENVAS:1361412562310814506", "OPENVAS:1361412562310814507", "OPENVAS:1361412562310814514", "OPENVAS:1361412562310814515", "OPENVAS:1361412562310814658", "OPENVAS:1361412562310814659", "OPENVAS:1361412562310814660", "OPENVAS:1361412562310843483", "OPENVAS:1361412562310843569", "OPENVAS:1361412562310843673", "OPENVAS:1361412562310843848", "OPENVAS:1361412562310843868", "OPENVAS:1361412562310843874", "OPENVAS:1361412562310843877", "OPENVAS:1361412562310843878", "OPENVAS:1361412562310851801", "OPENVAS:1361412562310851810", "OPENVAS:1361412562310851885", "OPENVAS:1361412562310851888", "OPENVAS:1361412562310851907", "OPENVAS:1361412562310851920", "OPENVAS:1361412562310851949", "OPENVAS:1361412562310851955", "OPENVAS:1361412562310851991", "OPENVAS:1361412562310851997", "OPENVAS:1361412562310852023", "OPENVAS:1361412562310852049", "OPENVAS:1361412562310852061", "OPENVAS:1361412562310852073", "OPENVAS:1361412562310852086", "OPENVAS:1361412562310852142", "OPENVAS:1361412562310852145", "OPENVAS:1361412562310852150", "OPENVAS:1361412562310852153", "OPENVAS:1361412562310852155", "OPENVAS:1361412562310852177", "OPENVAS:1361412562310852178", "OPENVAS:1361412562310852214", "OPENVAS:1361412562310852219", "OPENVAS:1361412562310852221", "OPENVAS:1361412562310852225", "OPENVAS:1361412562310852238", "OPENVAS:1361412562310852251", "OPENVAS:1361412562310852253", "OPENVAS:1361412562310852254", "OPENVAS:1361412562310852259", "OPENVAS:1361412562310852260", "OPENVAS:1361412562310852272", "OPENVAS:1361412562310852279", "OPENVAS:1361412562310852311", "OPENVAS:1361412562310852418", "OPENVAS:1361412562310852436", "OPENVAS:1361412562310852554", "OPENVAS:1361412562310852640", "OPENVAS:1361412562310853075", "OPENVAS:1361412562310874303", "OPENVAS:1361412562310874385", "OPENVAS:1361412562310874654", "OPENVAS:1361412562310874656", "OPENVAS:1361412562310874681", "OPENVAS:1361412562310874685", "OPENVAS:1361412562310875095", "OPENVAS:1361412562310875133", "OPENVAS:1361412562310875210", "OPENVAS:1361412562310875292", "OPENVAS:1361412562310875294", "OPENVAS:1361412562310875300", "OPENVAS:1361412562310875351", "OPENVAS:1361412562310875367", "OPENVAS:1361412562310875422", "OPENVAS:1361412562310875436", "OPENVAS:1361412562310875464", "OPENVAS:1361412562310875502", "OPENVAS:1361412562310875528", "OPENVAS:1361412562310875596", "OPENVAS:1361412562310875646", "OPENVAS:1361412562310875672", "OPENVAS:1361412562310875785", "OPENVAS:1361412562310875889", "OPENVAS:1361412562310875894", "OPENVAS:1361412562310876042", "OPENVAS:1361412562310876102", "OPENVAS:1361412562310876116", "OPENVAS:1361412562310876137", "OPENVAS:1361412562310876441", "OPENVAS:1361412562310876553", "OPENVAS:1361412562310876728", "OPENVAS:1361412562310876816", "OPENVAS:1361412562310876840", "OPENVAS:1361412562310876846", "OPENVAS:1361412562310877008", "OPENVAS:1361412562310877283", "OPENVAS:1361412562310882992", "OPENVAS:1361412562310882996", "OPENVAS:1361412562310883021", "OPENVAS:1361412562310891346", "OPENVAS:1361412562310891347", "OPENVAS:1361412562310891377", "OPENVAS:1361412562310891378", "OPENVAS:1361412562310891391", "OPENVAS:1361412562310891411", "OPENVAS:1361412562310891449", "OPENVAS:1361412562310891557", "OPENVAS:1361412562310891586", "OPENVAS:1361412562310891637", "OPENVAS:1361412562310891639", "OPENVAS:1361412562310891644", "OPENVAS:1361412562310891711", "OPENVAS:1361412562310891949", "OPENVAS:1361412562310892009", "OPENVAS:1361412562311220181214", "OPENVAS:1361412562311220181306", "OPENVAS:1361412562311220181383", "OPENVAS:1361412562311220181392", "OPENVAS:1361412562311220181420", "OPENVAS:1361412562311220181434", "OPENVAS:1361412562311220191009", "OPENVAS:1361412562311220191045", "OPENVAS:1361412562311220191060", "OPENVAS:1361412562311220191084", "OPENVAS:1361412562311220191107", "OPENVAS:1361412562311220191128", "OPENVAS:1361412562311220191145", "OPENVAS:1361412562311220191164", "OPENVAS:1361412562311220191185", "OPENVAS:1361412562311220191201", "OPENVAS:1361412562311220191227", "OPENVAS:1361412562311220191233", "OPENVAS:1361412562311220191242", "OPENVAS:1361412562311220191267", "OPENVAS:1361412562311220191326", "OPENVAS:1361412562311220191345", "OPENVAS:1361412562311220191400", "OPENVAS:1361412562311220191412", "OPENVAS:1361412562311220191416", "OPENVAS:1361412562311220191546", "OPENVAS:1361412562311220191643", "OPENVAS:1361412562311220191654", "OPENVAS:1361412562311220191656", "OPENVAS:1361412562311220191732", "OPENVAS:1361412562311220191748", "OPENVAS:1361412562311220191752", "OPENVAS:1361412562311220191755", "OPENVAS:1361412562311220191785", "OPENVAS:1361412562311220191807", "OPENVAS:1361412562311220191828", "OPENVAS:1361412562311220191857", "OPENVAS:1361412562311220191937", "OPENVAS:1361412562311220191943", "OPENVAS:1361412562311220191981", "OPENVAS:1361412562311220191998", "OPENVAS:1361412562311220192008", "OPENVAS:1361412562311220192042", "OPENVAS:1361412562311220192056", "OPENVAS:1361412562311220192133", "OPENVAS:1361412562311220192209", "OPENVAS:1361412562311220192218", "OPENVAS:1361412562311220192223", "OPENVAS:1361412562311220192232", "OPENVAS:1361412562311220192244", "OPENVAS:1361412562311220192265", "OPENVAS:1361412562311220192314", "OPENVAS:1361412562311220192430", "OPENVAS:1361412562311220192466", "OPENVAS:1361412562311220192621", "OPENVAS:1361412562311220201193", "OPENVAS:1361412562311220201216", "OPENVAS:1361412562311220201235", "OPENVAS:1361412562311220201447", "OPENVAS:1361412562311220201451", "OPENVAS:1361412562311220201463", "OPENVAS:1361412562311220201629"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2019", "ORACLE:CPUAPR2020", "ORACLE:CPUJAN2019", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJUL2019", "ORACLE:CPUJUL2021", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2019"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-3221", "ELSA-2018-4248", "ELSA-2018-4249", "ELSA-2018-4253", "ELSA-2018-4254", "ELSA-2018-4267", "ELSA-2019-0049", "ELSA-2019-0483", "ELSA-2019-2046", "ELSA-2019-2051", "ELSA-2019-2053", "ELSA-2019-2091", "ELSA-2019-2125", "ELSA-2019-2304", "ELSA-2019-2471", "ELSA-2019-3700", "ELSA-2019-4581", "ELSA-2019-4747", "ELSA-2019-4754", "ELSA-2021-9121", "ELSA-2021-9150"]}, {"type": "osv", "idList": ["OSV:DLA-1346-1", "OSV:DLA-1347-1", "OSV:DLA-1377-1", "OSV:DLA-1378-1", "OSV:DLA-1391-1", "OSV:DLA-1411-1", "OSV:DLA-1449-1", "OSV:DLA-1557-1", "OSV:DLA-1577-1", "OSV:DLA-1586-1", "OSV:DLA-1637-1", "OSV:DLA-1639-1", "OSV:DLA-1644-1", "OSV:DLA-1711-1", "OSV:DLA-1949-1", "OSV:DLA-2009-1", "OSV:DSA-4348-1", "OSV:DSA-4349-1", "OSV:DSA-4350-1", "OSV:DSA-4355-1", "OSV:DSA-4359-1", "OSV:DSA-4367-1", "OSV:DSA-4367-2", "OSV:DSA-4368-1", "OSV:DSA-4369-1", "OSV:DSA-4371-1", "OSV:GHSA-59QG-GRP7-5R73", "OSV:GHSA-782P-53WQ-CXMJ"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:149974"]}, {"type": "paloalto", "idList": ["PAN-SA-2018-0015"]}, {"type": "photon", "idList": ["PHSA-2018-0017", "PHSA-2018-0039", "PHSA-2018-0048", "PHSA-2018-0060", "PHSA-2018-0078", "PHSA-2018-0084", "PHSA-2018-0113", "PHSA-2018-0149", "PHSA-2018-0175", "PHSA-2018-0199", "PHSA-2018-1.0-0149", "PHSA-2018-1.0-0175", "PHSA-2018-1.0-0199", "PHSA-2018-2.0-0017", "PHSA-2018-2.0-0039", "PHSA-2018-2.0-0048", "PHSA-2018-2.0-0060", "PHSA-2018-2.0-0078", "PHSA-2018-2.0-0085", "PHSA-2019-0026", "PHSA-2019-0118", "PHSA-2019-0128", "PHSA-2019-0152", "PHSA-2019-0153", "PHSA-2019-0205", "PHSA-2019-0227", "PHSA-2019-0234", "PHSA-2019-1.0-0205", "PHSA-2019-1.0-0227", "PHSA-2019-1.0-0234", "PHSA-2019-2.0-0118", "PHSA-2019-2.0-0153", "PHSA-2019-3.0-0026", "PHSA-2020-0210", "PHSA-2020-1.0-0298", "PHSA-2020-2.0-0210"]}, {"type": "redhat", "idList": ["RHSA-2018:2552", "RHSA-2018:2553", "RHSA-2018:3221", "RHSA-2018:3505", "RHSA-2019:0049", "RHSA-2019:0201", "RHSA-2019:0204", "RHSA-2019:0271", "RHSA-2019:0342", "RHSA-2019:0361", "RHSA-2019:0483", "RHSA-2019:0651", "RHSA-2019:0652", "RHSA-2019:1296", "RHSA-2019:1297", "RHSA-2019:1543", "RHSA-2019:2046", "RHSA-2019:2051", "RHSA-2019:2053", "RHSA-2019:2091", "RHSA-2019:2125", "RHSA-2019:2304", "RHSA-2019:2402", "RHSA-2019:3222", "RHSA-2019:3232", "RHSA-2019:3700", "RHSA-2019:3929", "RHSA-2019:3931", "RHSA-2019:3932", "RHSA-2019:3933", "RHSA-2019:3935", "RHSA-2020:0593", "RHSA-2020:1264"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-11613", "RH:CVE-2017-17095", "RH:CVE-2018-0732", "RH:CVE-2018-0734", "RH:CVE-2018-0735", "RH:CVE-2018-0737", "RH:CVE-2018-10963", "RH:CVE-2018-12086", "RH:CVE-2018-15209", "RH:CVE-2018-16335", "RH:CVE-2018-16864", "RH:CVE-2018-16865", "RH:CVE-2018-16866", "RH:CVE-2018-18225", "RH:CVE-2018-18226", "RH:CVE-2018-18557", "RH:CVE-2018-19627", "RH:CVE-2018-19628", "RH:CVE-2018-19788", "RH:CVE-2018-19961", "RH:CVE-2018-19962", "RH:CVE-2018-19965", "RH:CVE-2018-19966", "RH:CVE-2018-19967", "RH:CVE-2018-5407", "RH:CVE-2018-5784", "RH:CVE-2018-7456", "RH:CVE-2018-8905", "RH:CVE-2019-3462", "RH:CVE-2019-3815", "RH:CVE-2019-6250"]}, {"type": "slackware", "idList": ["SSA-2018-226-01", "SSA-2018-316-01", "SSA-2018-325-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1834-1", "OPENSUSE-SU-2018:1906-1", "OPENSUSE-SU-2018:1956-1", "OPENSUSE-SU-2018:2117-1", "OPENSUSE-SU-2018:2129-1", "OPENSUSE-SU-2018:2667-1", "OPENSUSE-SU-2018:2695-1", "OPENSUSE-SU-2018:2816-1", "OPENSUSE-SU-2018:2855-1", "OPENSUSE-SU-2018:2957-1", "OPENSUSE-SU-2018:3013-1", "OPENSUSE-SU-2018:3015-1", "OPENSUSE-SU-2018:3368-1", "OPENSUSE-SU-2018:3370-1", "OPENSUSE-SU-2018:3371-1", "OPENSUSE-SU-2018:3890-1", "OPENSUSE-SU-2018:3903-1", "OPENSUSE-SU-2018:3947-1", "OPENSUSE-SU-2018:3948-1", "OPENSUSE-SU-2018:4050-1", "OPENSUSE-SU-2018:4104-1", "OPENSUSE-SU-2018:4111-1", "OPENSUSE-SU-2018:4282-1", "OPENSUSE-SU-2018:4304-1", "OPENSUSE-SU-2018:4307-1", "OPENSUSE-SU-2019:0010-1", "OPENSUSE-SU-2019:0064-1", "OPENSUSE-SU-2019:0084-1", "OPENSUSE-SU-2019:0087-1", "OPENSUSE-SU-2019:0088-1", "OPENSUSE-SU-2019:0097-1", "OPENSUSE-SU-2019:0098-1", "OPENSUSE-SU-2019:0138-1", "OPENSUSE-SU-2019:0152-1", "OPENSUSE-SU-2019:0234-1", "OPENSUSE-SU-2019:1199-1", "OPENSUSE-SU-2019:1226-1", "OPENSUSE-SU-2019:1547-1", "OPENSUSE-SU-2019:1814-1", "OPENSUSE-SU-2020:0362-1", "OPENSUSE-SU-2022:0480-1"]}, {"type": "symantec", "idList": ["SMNTC-104442", "SMNTC-105758", "SMNTC-1462", "SMNTC-1490"]}, {"type": "tenable", "idList": ["TENABLE:06E92CDD3238BF04334DF71161431249", "TENABLE:1B5802D1F3C4D2BAAD7D49F212C928A2", "TENABLE:4E674CF4B21E94DA45B8AAFFBB339230", "TENABLE:9F24FEB7FE0181ECA052DBF157184E58", "TENABLE:9FBA7B0389DAB57A3AE18DB805AD608C", "TENABLE:BCE3A24CD7E9D406351C554BBB9543AC"]}, {"type": "thn", "idList": ["THN:68B5B8B7434409E6670CCBAC8FDD8ABE", "THN:79259291EA0014EAC35FF4604B8D385B", "THN:ED6AA651CF0924A51404298103765C4C", "THN:F6853E831C781800D5D2BCC757A674A8"]}, {"type": "threatpost", "idList": ["THREATPOST:C8DA8A39B0B2F8129283330AD5901020"]}, {"type": "ubuntu", "idList": ["USN-3602-1", "USN-3606-1", "USN-3628-1", "USN-3628-2", "USN-3692-1", "USN-3692-2", "USN-3840-1", "USN-3855-1", "USN-3861-1", "USN-3861-2", "USN-3863-1", "USN-3863-2", "USN-3864-1", "USN-3906-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-11613", "UB:CVE-2017-17095", "UB:CVE-2018-0732", "UB:CVE-2018-0734", "UB:CVE-2018-0735", "UB:CVE-2018-0737", "UB:CVE-2018-10963", "UB:CVE-2018-12086", "UB:CVE-2018-15209", "UB:CVE-2018-16335", "UB:CVE-2018-16864", "UB:CVE-2018-16865", "UB:CVE-2018-16866", "UB:CVE-2018-18225", "UB:CVE-2018-18226", "UB:CVE-2018-18557", "UB:CVE-2018-19627", "UB:CVE-2018-19628", "UB:CVE-2018-19788", "UB:CVE-2018-19961", "UB:CVE-2018-19962", "UB:CVE-2018-19965", "UB:CVE-2018-19966", "UB:CVE-2018-19967", "UB:CVE-2018-5407", "UB:CVE-2018-5784", "UB:CVE-2018-7456", "UB:CVE-2018-8905", "UB:CVE-2019-3462", "UB:CVE-2019-3815", "UB:CVE-2019-6250", "UB:CVE-2020-11091"]}, {"type": "veracode", "idList": ["VERACODE:21108", "VERACODE:26979", "VERACODE:31152"]}, {"type": "xen", "idList": ["XSA-275", "XSA-279", "XSA-280", "XSA-282"]}, {"type": "zdt", "idList": ["1337DAY-ID-31421", "1337DAY-ID-31532", "1337DAY-ID-31916"]}]}, "score": {"value": 1.2, "vector": "NONE"}, "epss": [{"cve": "CVE-2017-11613", "epss": "0.007670000", "percentile": "0.784590000", "modified": "2023-03-20"}, {"cve": "CVE-2017-17095", "epss": "0.064750000", "percentile": "0.925750000", "modified": "2023-03-20"}, {"cve": "CVE-2018-0732", "epss": "0.108730000", "percentile": "0.941560000", "modified": "2023-03-20"}, {"cve": "CVE-2018-0734", "epss": "0.004120000", "percentile": "0.699100000", "modified": "2023-03-20"}, {"cve": "CVE-2018-0735", "epss": "0.006410000", "percentile": "0.760610000", "modified": "2023-03-20"}, {"cve": "CVE-2018-0737", "epss": "0.005640000", "percentile": "0.743400000", "modified": "2023-03-20"}, {"cve": "CVE-2018-10963", "epss": "0.012410000", "percentile": "0.833610000", "modified": "2023-03-20"}, {"cve": "CVE-2018-12086", "epss": "0.011140000", "percentile": "0.823430000", "modified": "2023-03-20"}, {"cve": "CVE-2018-15209", "epss": "0.007950000", "percentile": "0.789640000", "modified": "2023-03-20"}, {"cve": "CVE-2018-16335", "epss": "0.003670000", "percentile": "0.681770000", "modified": "2023-03-20"}, {"cve": "CVE-2018-16864", "epss": "0.000440000", "percentile": "0.081790000", "modified": "2023-03-20"}, {"cve": "CVE-2018-16865", "epss": "0.000440000", "percentile": "0.110480000", "modified": "2023-03-20"}, {"cve": "CVE-2018-16866", "epss": "0.000440000", "percentile": "0.081790000", "modified": "2023-03-20"}, {"cve": "CVE-2018-1710", "epss": "0.000500000", "percentile": "0.174270000", "modified": "2023-03-20"}, {"cve": "CVE-2018-18225", "epss": "0.002050000", "percentile": "0.567070000", "modified": "2023-03-20"}, {"cve": "CVE-2018-18226", "epss": "0.002050000", "percentile": "0.567070000", "modified": "2023-03-20"}, {"cve": "CVE-2018-18557", "epss": "0.883640000", "percentile": "0.980660000", "modified": "2023-03-20"}, {"cve": "CVE-2018-19627", "epss": "0.011880000", "percentile": "0.829320000", "modified": "2023-03-20"}, {"cve": "CVE-2018-19628", "epss": "0.002500000", "percentile": "0.610860000", "modified": "2023-03-20"}, {"cve": "CVE-2018-19788", "epss": "0.008830000", "percentile": "0.800590000", "modified": "2023-03-20"}, {"cve": "CVE-2018-19961", "epss": "0.000450000", "percentile": "0.120000000", "modified": "2023-03-20"}, {"cve": "CVE-2018-19962", "epss": "0.000450000", "percentile": "0.120000000", "modified": "2023-03-20"}, {"cve": "CVE-2018-19965", "epss": "0.000450000", "percentile": "0.121810000", "modified": "2023-03-20"}, {"cve": "CVE-2018-19966", "epss": "0.000450000", "percentile": "0.120000000", "modified": "2023-03-20"}, {"cve": "CVE-2018-19967", "epss": "0.000450000", "percentile": "0.121810000", "modified": "2023-03-20"}, {"cve": "CVE-2018-5407", "epss": "0.000420000", "percentile": "0.004970000", "modified": "2023-03-20"}, {"cve": "CVE-2018-5784", "epss": "0.007050000", "percentile": "0.773280000", "modified": "2023-03-20"}, {"cve": "CVE-2018-7456", "epss": "0.003250000", "percentile": "0.661540000", "modified": "2023-03-20"}, {"cve": "CVE-2018-8905", "epss": "0.003830000", "percentile": "0.688140000", "modified": "2023-03-20"}, {"cve": "CVE-2019-3462", "epss": "0.015900000", "percentile": "0.853660000", "modified": "2023-03-20"}, {"cve": "CVE-2019-6250", "epss": "0.701760000", "percentile": "0.974300000", "modified": "2023-03-20"}], "vulnersScore": 1.2}, "_state": {"dependencies": 1677188873, "score": 1684017862, "affected_software_major_version": 1677394894, "epss": 1679361349}, "_internal": {"score_hash": "513093db22bdd65c5ff79de2e8d9e515"}, "affectedSoftware": [{"version": "any", "operator": "eq", "name": "vyatta 5600"}]}

{"osv": [{"lastseen": "2022-08-10T07:13:33", "description": "\nMultiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service or the\nexecution of arbitrary code if malformed image files are processed.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.0.8-2+deb9u4.\n\n\nWe recommend that you upgrade your tiff packages.\n\n\nFor the detailed security status of tiff please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/tiff](https://security-tracker.debian.org/tracker/tiff)\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-11-30T00:00:00", "type": "osv", "title": "tiff - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10963", "CVE-2018-18557", "CVE-2017-17095", "CVE-2018-8905", "CVE-2018-5784", "CVE-2017-11613", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2018-7456"], "modified": "2022-08-10T07:13:29", "id": "OSV:DSA-4349-1", "href": "https://osv.dev/vulnerability/DSA-4349-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:14:13", "description": "\nMultiple vulnerabilities have been discovered in the Xen hypervisor:\n\n\n* [CVE-2018-19961](https://security-tracker.debian.org/tracker/CVE-2018-19961) /\n [CVE-2018-19962](https://security-tracker.debian.org/tracker/CVE-2018-19962)\nPaul Durrant discovered that incorrect TLB handling could result in\n denial of service, privilege escalation or information leaks.\n* [CVE-2018-19965](https://security-tracker.debian.org/tracker/CVE-2018-19965)\nMatthew Daley discovered that incorrect handling of the INVPCID\n instruction could result in denial of service by PV guests.\n* [CVE-2018-19966](https://security-tracker.debian.org/tracker/CVE-2018-19966)\nIt was discovered that a regression in the fix to address\n [CVE-2017-15595](https://security-tracker.debian.org/tracker/CVE-2017-15595)\n could result in denial of service, privilege\n escalation or information leaks by a PV guest.\n* [CVE-2018-19967](https://security-tracker.debian.org/tracker/CVE-2018-19967)\nIt was discovered that an error in some Intel CPUs could result in\n denial of service by a guest instance.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.8.5+shim4.10.2+xsa282-1+deb9u11.\n\n\nWe recommend that you upgrade your xen packages.\n\n\nFor the detailed security status of xen please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/xen](https://security-tracker.debian.org/tracker/xen)\n\n\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-01-14T00:00:00", "type": "osv", "title": "xen - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19961", "CVE-2018-19966", "CVE-2018-19967", "CVE-2017-15595"], "modified": "2022-08-10T07:14:09", "id": "OSV:DSA-4369-1", "href": "https://osv.dev/vulnerability/DSA-4369-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T07:14:10", "description": "\nSeveral local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.1.0j-1~deb9u1. Going forward, openssl security updates for\nstretch will be based on the 1.1.0x upstream releases.\n\n\nWe recommend that you upgrade your openssl packages.\n\n\nFor the detailed security status of openssl please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/openssl](https://security-tracker.debian.org/tracker/openssl)\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-11-30T00:00:00", "type": "osv", "title": "openssl - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-5407", "CVE-2018-0735", "CVE-2018-0737"], "modified": "2022-08-10T07:14:07", "id": "OSV:DSA-4348-1", "href": "https://osv.dev/vulnerability/DSA-4348-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-21T08:23:36", "description": "\nSeveral local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.0.2q-1~deb9u1. Going forward, openssl1.0 security updates for\nstretch will be based on the 1.0.2x upstream releases.\n\n\nWe recommend that you upgrade your openssl1.0 packages.\n\n\nFor the detailed security status of openssl1.0 please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/openssl1.0>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-19T00:00:00", "type": "osv", "title": "openssl1.0 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-5407", "CVE-2018-0737"], "modified": "2022-07-21T05:50:03", "id": "OSV:DSA-4355-1", "href": "https://osv.dev/vulnerability/DSA-4355-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:14:14", "description": "\nThe Qualys Research Labs discovered multiple vulnerabilities in\nsystemd-journald. Two memory corruption flaws, via attacker-controlled\nallocations using the alloca function ([CVE-2018-16864](https://security-tracker.debian.org/tracker/CVE-2018-16864), \n[CVE-2018-16865](https://security-tracker.debian.org/tracker/CVE-2018-16865))\nand an out-of-bounds read flaw leading to an information leak\n([CVE-2018-16866](https://security-tracker.debian.org/tracker/CVE-2018-16866)), \ncould allow an attacker to cause a denial of service or the execution of\narbitrary code.\n\n\nFurther details in the Qualys Security Advisory at\n<https://www.qualys.com/2019/01/09/system-down/system-down.txt>\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 232-25+deb9u7.\n\n\nWe recommend that you upgrade your systemd packages.\n\n\nFor the detailed security status of systemd please refer to its security\ntracker page at:\n<https://security-tracker.debian.org/tracker/systemd>\n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-01-13T00:00:00", "type": "osv", "title": "systemd - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16865", "CVE-2018-16864", "CVE-2018-16866"], "modified": "2022-08-10T07:14:09", "id": "OSV:DSA-4367-1", "href": "https://osv.dev/vulnerability/DSA-4367-1", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T05:18:14", "description": "\nSeveral issues were discovered in TIFF, the Tag Image File Format\nlibrary, that allowed remote attackers to cause a denial-of-service or\nother unspecified impact via a crafted image file.\n\n\n* [CVE-2017-11613](https://security-tracker.debian.org/tracker/CVE-2017-11613)\nDoS vulnerability:\n A crafted input will lead to a denial of service attack. During the\n TIFFOpen process, td\\_imagelength is not checked. The value of\n td\\_imagelength can be directly controlled by an input file. In the\n ChopUpSingleUncompressedStrip function, the \\_TIFFCheckMalloc\n function is called based on td\\_imagelength. If the value of\n td\\_imagelength is set close to the amount of system memory, it will\n hang the system or trigger the OOM killer.\n* [CVE-2018-10963](https://security-tracker.debian.org/tracker/CVE-2018-10963)\nDoS vulnerability:\n The TIFFWriteDirectorySec() function in tif\\_dirwrite.c in LibTIFF\n allows remote attackers to cause a denial of service (assertion\n failure and application crash) via a crafted file, a different\n vulnerability than [CVE-2017-13726](https://security-tracker.debian.org/tracker/CVE-2017-13726).\n* [CVE-2018-5784](https://security-tracker.debian.org/tracker/CVE-2018-5784)\nDoS vulnerability: \n In LibTIFF, there is an uncontrolled resource consumption in the\n TIFFSetDirectory function of tif\\_dir.c. Remote attackers could\n leverage this vulnerability to cause a denial of service via a\n crafted tif file.\n This occurs because the declared number of directory entries is not\n validated against the actual number of directory entries.\n* [CVE-2018-7456](https://security-tracker.debian.org/tracker/CVE-2018-7456)\nNULL Pointer Dereference:\n A NULL Pointer Dereference occurs in the function TIFFPrintDirectory\n in tif\\_print.c in LibTIFF when using the tiffinfo tool to print\n crafted TIFF information, a different vulnerability than\n [CVE-2017-18013](https://security-tracker.debian.org/tracker/CVE-2017-18013). (This affects an earlier part of the\n TIFFPrintDirectory function that was not addressed by the\n [CVE-2017-18013](https://security-tracker.debian.org/tracker/CVE-2017-18013) patch.)\n* [CVE-2018-8905](https://security-tracker.debian.org/tracker/CVE-2018-8905)\nHeap-based buffer overflow:\n In LibTIFF, a heap-based buffer overflow occurs in the function\n LZWDecodeCompat in tif\\_lzw.c via a crafted TIFF file, as\n demonstrated by tiff2ps.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n4.0.3-12.3+deb8u6.\n\n\nWe recommend that you upgrade your tiff packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-02T00:00:00", "type": "osv", "title": "tiff - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10963", "CVE-2018-8905", "CVE-2018-5784", "CVE-2017-11613", "CVE-2017-18013", "CVE-2017-13726", "CVE-2018-7456"], "modified": "2022-08-05T05:18:11", "id": "OSV:DLA-1411-1", "href": "https://osv.dev/vulnerability/DLA-1411-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:14:14", "description": "\nThe Qualys Research Labs discovered multiple vulnerabilities in\nsystemd-journald. Two memory corruption flaws, via attacker-controlled\nallocations using the alloca function ([CVE-2018-16864](https://security-tracker.debian.org/tracker/CVE-2018-16864), \n[CVE-2018-16865](https://security-tracker.debian.org/tracker/CVE-2018-16865))\nand an out-of-bounds read flaw leading to an information leak\n([CVE-2018-16866](https://security-tracker.debian.org/tracker/CVE-2018-16866)), \ncould allow an attacker to cause a denial of service or the execution of\narbitrary code.\n\n\nFurther details in the Qualys Security Advisory at\n<https://www.qualys.com/2019/01/09/system-down/system-down.txt>\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 232-25+deb9u7.\n\n\nWe recommend that you upgrade your systemd packages.\n\n\nFor the detailed security status of systemd please refer to its security\ntracker page at:\n<https://security-tracker.debian.org/tracker/systemd>\n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-01-13T00:00:00", "type": "osv", "title": "systemd - regression update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16865", "CVE-2018-16864", "CVE-2018-16866"], "modified": "2022-08-10T07:14:09", "id": "OSV:DSA-4367-2", "href": "https://osv.dev/vulnerability/DSA-4367-2", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:19:27", "description": "\nMultiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service:\n\n\n* [CVE-2017-11613](https://security-tracker.debian.org/tracker/CVE-2017-11613)\nDdenial of service vulnerability in the TIFFOpen function. A crafted\n input will lead to a denial of service attack and can either make the\n system hand or trigger the OOM killer.\n* [CVE-2018-5784](https://security-tracker.debian.org/tracker/CVE-2018-5784)\nThere is an uncontrolled resource consumption in TIFFSetDirectory function\n of src/libtiff/tif\\_dir.c, which can cause denial of service through a\n crafted tif file.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n4.0.2-6+deb7u21.\n\n\nWe recommend that you upgrade your tiff packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-05-31T00:00:00", "type": "osv", "title": "tiff - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5784", "CVE-2017-11613"], "modified": "2022-07-21T05:52:09", "id": "OSV:DLA-1391-1", "href": "https://osv.dev/vulnerability/DLA-1391-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-05T05:18:23", "description": "\nMultiple vulnerabilities were found in the journald component of\nsystemd which can lead to a crash or code execution.\n\n\n* [CVE-2018-16864](https://security-tracker.debian.org/tracker/CVE-2018-16864)\nAn allocation of memory without limits, that could result in the\n stack clashing with another memory region, was discovered in\n systemd-journald when many entries are sent to the journal\n socket. A local attacker, or a remote one if\n systemd-journal-remote is used, may use this flaw to crash\n systemd-journald or execute code with journald privileges.\n* [CVE-2018-16865](https://security-tracker.debian.org/tracker/CVE-2018-16865)\nAn allocation of memory without limits, that could result in the\n stack clashing with another memory region, was discovered in\n systemd-journald when a program with long command line arguments\n calls syslog. A local attacker may use this flaw to crash\n systemd-journald or escalate his privileges. Versions through v240\n are vulnerable.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n215-17+deb8u9.\n\n\nWe recommend that you upgrade your systemd packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-01-23T00:00:00", "type": "osv", "title": "systemd - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16865", "CVE-2018-16864"], "modified": "2022-08-05T05:18:21", "id": "OSV:DLA-1639-1", "href": "https://osv.dev/vulnerability/DLA-1639-1", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:06:59", "description": "\nMultiple vulnerabilities have been discovered in Wireshark, a network\nprotocol analyzer, which could result in denial of service or the\nexecution of arbitrary code.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.6.5-1~deb9u1.\n\n\nWe recommend that you upgrade your wireshark packages.\n\n\nFor the detailed security status of wireshark please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/wireshark](https://security-tracker.debian.org/tracker/wireshark)\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-27T00:00:00", "type": "osv", "title": "wireshark - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19627", "CVE-2018-12086", "CVE-2018-19626", "CVE-2018-18227", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-19623", "CVE-2018-19624"], "modified": "2022-08-10T07:06:57", "id": "OSV:DSA-4359-1", "href": "https://osv.dev/vulnerability/DSA-4359-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-28T06:20:54", "description": "\n* [CVE-2018-0735](https://security-tracker.debian.org/tracker/CVE-2018-0735)\nSamuel Weiser reported a timing vulnerability in the OpenSSL ECDSA\n signature generation, which might leak information to recover the\n private key.\n* [CVE-2018-5407](https://security-tracker.debian.org/tracker/CVE-2018-5407)\nAlejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar\n Pereida Garcia and Nicola Tuveri reported a vulnerability to a\n timing side channel attack, which might be used to recover the\n private key.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n1.0.1t-1+deb8u10.\n\n\nWe recommend that you upgrade your openssl packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-21T00:00:00", "type": "osv", "title": "openssl - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0735", "CVE-2018-5407"], "modified": "2023-06-28T06:20:49", "id": "OSV:DLA-1586-1", "href": "https://osv.dev/vulnerability/DLA-1586-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2019-07-04T18:56:28", "description": "Multiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service or the\nexecution of arbitrary code if malformed image files are processed.", "cvss3": {}, "published": "2018-11-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4349-1 (tiff - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10963", "CVE-2018-18557", "CVE-2017-17095", "CVE-2018-8905", "CVE-2018-5784", "CVE-2017-11613", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2018-7456"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704349", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704349", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4349-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704349\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-17095\", \"CVE-2018-10963\", \"CVE-2018-15209\", \"CVE-2018-16335\",\n \"CVE-2018-17101\", \"CVE-2018-18557\", \"CVE-2018-5784\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n script_name(\"Debian Security Advisory DSA 4349-1 (tiff - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-30 00:00:00 +0100 (Fri, 30 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4349.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"tiff on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 4.0.8-2+deb9u4.\n\nWe recommend that you upgrade your tiff packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/tiff\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service or the\nexecution of arbitrary code if malformed image files are processed.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"4.0.8-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"4.0.8-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.8-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.8-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff5-dev\", ver:\"4.0.8-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiffxx5\", ver:\"4.0.8-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:46:13", "description": "Multiple vulnerabilities have been discovered in the Xen hypervisor:\n\nCVE-2018-19961 / CVE-2018-19962\n\nPaul Durrant discovered that incorrect TLB handling could result in\ndenial of service, privilege escalation or information leaks.\n\nCVE-2018-19965\n\nMatthew Daley discovered that incorrect handling of the INVPCID\ninstruction could result in denial of service by PV guests.\n\nCVE-2018-19966\n\nIt was discovered that a regression in the fix to address CVE-2017-15595 could result in denial of service, privilege\nescalation or information leaks by a PV guest.\n\nCVE-2018-19967\n\nIt was discovered that an error in some Intel CPUs could result in\ndenial of service by a guest instance.", "cvss3": {}, "published": "2019-01-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4369-1 (xen - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19961", "CVE-2018-19966", "CVE-2018-19967", "CVE-2017-15595"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704369", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704369", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4369-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704369\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2017-15595\", \"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19965\", \"CVE-2018-19966\",\n \"CVE-2018-19967\");\n script_name(\"Debian Security Advisory DSA 4369-1 (xen - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-14 00:00:00 +0100 (Mon, 14 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4369.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"xen on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 4.8.5+shim4.10.2+xsa282-1+deb9u11.\n\nWe recommend that you upgrade your xen packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/xen\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been discovered in the Xen hypervisor:\n\nCVE-2018-19961 / CVE-2018-19962\n\nPaul Durrant discovered that incorrect TLB handling could result in\ndenial of service, privilege escalation or information leaks.\n\nCVE-2018-19965\n\nMatthew Daley discovered that incorrect handling of the INVPCID\ninstruction could result in denial of service by PV guests.\n\nCVE-2018-19966\n\nIt was discovered that a regression in the fix to address CVE-2017-15595 could result in denial of service, privilege\nescalation or information leaks by a PV guest.\n\nCVE-2018-19967\n\nIt was discovered that an error in some Intel CPUs could result in\ndenial of service by a guest instance.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-4.8\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.8-amd64\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.8-arm64\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.8-armhf\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-arm64\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-armhf\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-4.8\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-04T18:56:07", "description": "Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.", "cvss3": {}, "published": "2018-11-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4348-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-5407", "CVE-2018-0735", "CVE-2018-0737"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704348", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704348", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4348-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704348\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_name(\"Debian Security Advisory DSA 4348-1 (openssl - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-30 00:00:00 +0100 (Fri, 30 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4348.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"openssl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 1.1.0j-1~deb9u1. Going forward, openssl security updates for\nstretch will be based on the 1.1.0x upstream releases.\n\nWe recommend that you upgrade your openssl packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/openssl\");\n script_tag(name:\"summary\", value:\"Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.1.0j-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.1\", ver:\"1.1.0j-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openssl\", ver:\"1.1.0j-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T19:30:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-09T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for xen (DLA-1949-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19962", "CVE-2018-19961", "CVE-2018-19966"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891949", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891949", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891949\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19966\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-09 02:00:09 +0000 (Wed, 09 Oct 2019)\");\n script_name(\"Debian LTS: Security Advisory for xen (DLA-1949-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1949-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the DLA-1949-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in the Xen hypervisor, which\ncould result in denial of service, information leaks or privilege\nescalation.\");\n\n script_tag(name:\"affected\", value:\"'xen' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n4.4.4lts5-0+deb8u1.\n\nWe recommend that you upgrade your xen packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-4.4\", ver:\"4.4.4lts5-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.4.4lts5-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.4.4lts5-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.4-amd64\", ver:\"4.4.4lts5-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.4-armhf\", ver:\"4.4.4lts5-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.4.4lts5-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-armhf\", ver:\"4.4.4lts5-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-4.4\", ver:\"4.4.4lts5-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.4.4lts5-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.4.4lts5-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-04T18:56:36", "description": "Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.", "cvss3": {}, "published": "2018-12-19T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4355-1 (openssl1.0 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-5407", "CVE-2018-0737"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704355", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704355", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4355-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704355\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0734\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_name(\"Debian Security Advisory DSA 4355-1 (openssl1.0 - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-12-19 00:00:00 +0100 (Wed, 19 Dec 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4355.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"openssl1.0 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 1.0.2q-1~deb9u1. Going forward, openssl1.0 security updates for\nstretch will be based on the 1.0.2x upstream releases.\n\nWe recommend that you upgrade your openssl1.0 packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/openssl1.0\");\n script_tag(name:\"summary\", value:\"Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libcrypto1.0.2-udeb\", ver:\"1.0.2q-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0-dev\", ver:\"1.0.2q-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0.2\", ver:\"1.0.2q-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0.2-udeb\", ver:\"1.0.2q-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:04", "description": "This host is running Nessus and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-09T00:00:00", "type": "openvas", "title": "Tenable Nessus < 7.1.4 Multiple Vulnerabilities(tns-2018-17)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-5407", "CVE-2018-0737"], "modified": "2019-05-03T00:00:00", "id": "OPENVAS:1361412562310107444", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310107444", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:tenable:nessus\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.107444\");\n script_version(\"2019-05-03T08:55:39+0000\");\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0734\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 08:55:39 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-09 12:29:11 +0100 (Wed, 09 Jan 2019)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Tenable Nessus < 7.1.4 Multiple Vulnerabilities(tns-2018-17)\");\n\n script_tag(name:\"summary\", value:\"This host is running Nessus and is prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Tenable Nessus is affected by multiple vulnerabilities:\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's key handling during a TLS handshake that causes a denial of service vulnerability due to key handling during a TLS handshake. (CVE-2018-0732)\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's DSA signature algorithm that renders it vulnerable to a timing side channel attack.\nAn attacker could leverage this vulnerability to recover the private key. (CVE-2018-0734)\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's RSA Key generation algorithm that allows a cache timing side channel attack to recover the private key. (CVE-2018-0737)\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's Simultaneous Multithreading (SMT) architectures which render it vulnerable to side-channel leakage. This issue is known as 'PortSmash'. An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407)\");\n\n script_tag(name:\"impact\", value:\"An attacker could leverage this vulnerability to recover the private key and could possibly use this issue to perform a timing side-channel attack and recover private keys.\");\n\n script_tag(name:\"affected\", value:\"Nessus versions prior to version 7.1.4.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to nessus version 7.1.4 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://www.tenable.com\");\n script_xref(name:\"URL\", value:\"https://www.tenable.com/security/tns-2018-17\");\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_nessus_web_server_detect.nasl\");\n script_mandatory_keys(\"nessus/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!nesPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:nesPort, exit_no_version:TRUE)) exit(0);\n\nnesVer = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:nesVer, test_version:\"7.1.4\"))\n{\n report = report_fixed_ver(installed_version:nesVer, fixed_version:\"7.1.4\", install_path:path);\n security_message(data:report, port:nesPort);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T20:09:16", "description": "Several issues were discovered in TIFF, the Tag Image File Format\nlibrary, that allowed remote attackers to cause a denial-of-service or\nother unspecified impact via a crafted image file.\n\nCVE-2017-11613: DoS vulnerability\nA crafted input will lead to a denial of service attack. During the\nTIFFOpen process, td_imagelength is not checked. The value of\ntd_imagelength can be directly controlled by an input file. In the\nChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc\nfunction is called based on td_imagelength. If the value of\ntd_imagelength is set close to the amount of system memory, it will\nhang the system or trigger the OOM killer.\n\nCVE-2018-10963: DoS vulnerability\nThe TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF\nallows remote attackers to cause a denial of service (assertion\nfailure and application crash) via a crafted file, a different\nvulnerability than CVE-2017-13726.\n\nCVE-2018-5784: DoS vulnerability\nIn LibTIFF, there is an uncontrolled resource consumption in the\nTIFFSetDirectory function of tif_dir.c. Remote attackers could\nleverage this vulnerability to cause a denial of service via a\ncrafted tif file.\nThis occurs because the declared number of directory entries is not\nvalidated against the actual number of directory entries.\n\nCVE-2018-7456: NULL Pointer Dereference\nA NULL Pointer Dereference occurs in the function TIFFPrintDirectory\nin tif_print.c in LibTIFF when using the tiffinfo tool to print\ncrafted TIFF information, a different vulnerability than\nCVE-2017-18013. (This affects an earlier part of the\nTIFFPrintDirectory function that was not addressed by the\nCVE-2017-18013 patch.)\n\nCVE-2018-8905: Heap-based buffer overflow\nIn LibTIFF, a heap-based buffer overflow occurs in the function\nLZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as\ndemonstrated by tiff2ps.", "cvss3": {}, "published": "2018-07-10T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for tiff (DLA-1411-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10963", "CVE-2018-8905", "CVE-2018-5784", "CVE-2017-11613", "CVE-2017-18013", "CVE-2017-13726", "CVE-2018-7456"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891411", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891411", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891411\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-13726\", \"CVE-2017-18013\", \"CVE-2018-10963\", \"CVE-2018-5784\",\n \"CVE-2018-7456\", \"CVE-2018-8905\");\n script_name(\"Debian LTS: Security Advisory for tiff (DLA-1411-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-10 00:00:00 +0200 (Tue, 10 Jul 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"tiff on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n4.0.3-12.3+deb8u6.\n\nWe recommend that you upgrade your tiff packages.\");\n\n script_tag(name:\"summary\", value:\"Several issues were discovered in TIFF, the Tag Image File Format\nlibrary, that allowed remote attackers to cause a denial-of-service or\nother unspecified impact via a crafted image file.\n\nCVE-2017-11613: DoS vulnerability\nA crafted input will lead to a denial of service attack. During the\nTIFFOpen process, td_imagelength is not checked. The value of\ntd_imagelength can be directly controlled by an input file. In the\nChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc\nfunction is called based on td_imagelength. If the value of\ntd_imagelength is set close to the amount of system memory, it will\nhang the system or trigger the OOM killer.\n\nCVE-2018-10963: DoS vulnerability\nThe TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF\nallows remote attackers to cause a denial of service (assertion\nfailure and application crash) via a crafted file, a different\nvulnerability than CVE-2017-13726.\n\nCVE-2018-5784: DoS vulnerability\nIn LibTIFF, there is an uncontrolled resource consumption in the\nTIFFSetDirectory function of tif_dir.c. Remote attackers could\nleverage this vulnerability to cause a denial of service via a\ncrafted tif file.\nThis occurs because the declared number of directory entries is not\nvalidated against the actual number of directory entries.\n\nCVE-2018-7456: NULL Pointer Dereference\nA NULL Pointer Dereference occurs in the function TIFFPrintDirectory\nin tif_print.c in LibTIFF when using the tiffinfo tool to print\ncrafted TIFF information, a different vulnerability than\nCVE-2017-18013. (This affects an earlier part of the\nTIFFPrintDirectory function that was not addressed by the\nCVE-2017-18013 patch.)\n\nCVE-2018-8905: Heap-based buffer overflow\nIn LibTIFF, a heap-based buffer overflow occurs in the function\nLZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as\ndemonstrated by tiff2ps.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"4.0.3-12.3+deb8u6\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"4.0.3-12.3+deb8u6\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.3-12.3+deb8u6\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.3-12.3+deb8u6\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff5-dev\", ver:\"4.0.3-12.3+deb8u6\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiffxx5\", ver:\"4.0.3-12.3+deb8u6\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:33:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for tiff (openSUSE-SU-2018:1956-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10963", "CVE-2018-8905", "CVE-2017-11613", "CVE-2017-18013", "CVE-2018-7456"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851955", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851955", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851955\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-18013\", \"CVE-2018-10963\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:22:31 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for tiff (openSUSE-SU-2018:1956-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:1956-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-07/msg00017.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tiff'\n package(s) announced via the openSUSE-SU-2018:1956-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for tiff fixes the following security issues:\n\n These security issues were fixed:\n\n - CVE-2017-18013: Fixed a NULL pointer dereference in the\n tif_print.cTIFFPrintDirectory function that could have lead to denial of\n service (bsc#1074317).\n\n - CVE-2018-10963: Fixed an assertion failure in the\n TIFFWriteDirectorySec() function in tif_dirwrite.c, which allowed remote\n attackers to cause a denial\n of service via a crafted file (bsc#1092949).\n\n - CVE-2018-7456: Prevent a NULL Pointer dereference in the function\n TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF\n information, a different vulnerability than CVE-2017-18013 (bsc#1082825).\n\n - CVE-2017-11613: Prevent denial of service in the TIFFOpen function.\n During the TIFFOpen process, td_imagelength is not checked. The value of\n td_imagelength can be directly controlled by an input file. In the\n ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is\n called based on td_imagelength. If the value of td_imagelength is set\n close to the amount of system memory, it will hang the system or trigger\n the OOM killer (bsc#1082332).\n\n - CVE-2018-8905: Prevent heap-based buffer overflow in the function\n LZWDecodeCompat via a crafted TIFF file (bsc#1086408).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-728=1\");\n\n script_tag(name:\"affected\", value:\"tiff on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~4.0.9~lp150.4.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5\", rpm:\"libtiff5~4.0.9~lp150.4.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-debuginfo\", rpm:\"libtiff5-debuginfo~4.0.9~lp150.4.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~4.0.9~lp150.4.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff-debuginfo\", rpm:\"tiff-debuginfo~4.0.9~lp150.4.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff-debugsource\", rpm:\"tiff-debugsource~4.0.9~lp150.4.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff-devel-32bit\", rpm:\"libtiff-devel-32bit~4.0.9~lp150.4.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-32bit\", rpm:\"libtiff5-32bit~4.0.9~lp150.4.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-32bit-debuginfo\", rpm:\"libtiff5-32bit-debuginfo~4.0.9~lp150.4.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-16T00:00:00", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2018-9e0a37e7a2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10963", "CVE-2018-8905", "CVE-2018-5784", "CVE-2017-11613", "CVE-2017-18013", "CVE-2017-9935", "CVE-2018-7456"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874681", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874681", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_9e0a37e7a2_libtiff_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libtiff FEDORA-2018-9e0a37e7a2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874681\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-16 06:01:25 +0200 (Sat, 16 Jun 2018)\");\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-9935\", \"CVE-2017-18013\", \"CVE-2018-8905\",\n \"CVE-2018-10963\", \"CVE-2018-7456\", \"CVE-2018-5784\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libtiff FEDORA-2018-9e0a37e7a2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\npresent on the target host.\");\n script_tag(name:\"affected\", value:\"libtiff on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-9e0a37e7a2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DKS6P2KMGC2Q76BTVDB3ABYFNSVKP4E\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.9~10.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-14T17:02:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-01-30T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for systemd (openSUSE-SU-2019:0097-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16865", "CVE-2018-16864", "CVE-2018-16866"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852259", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852259", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852259\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-30 04:03:12 +0100 (Wed, 30 Jan 2019)\");\n script_name(\"openSUSE: Security Advisory for systemd (openSUSE-SU-2019:0097-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0097-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00040.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'systemd'\n package(s) announced via the openSUSE-SU-2019:0097-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for systemd provides the following fixes:\n\n Security issues fixed:\n\n - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through\n attacker-controlled alloca()s (bsc#1120323)\n\n - CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\n - Fixed an issue during system startup in relation to encrypted swap disks\n (bsc#1119971)\n\n Non-security issues fixed:\n\n - core: Queue loading transient units after setting their properties.\n (bsc#1115518)\n\n - logind: Stop managing VT switches if no sessions are registered on that\n VT. (bsc#1101591)\n\n - terminal-util: introduce vt_release() and vt_restore() helpers.\n\n - terminal: Unify code for resetting kbd utf8 mode a bit.\n\n - terminal Reset should honour default_utf8 kernel setting.\n\n - logind: Make session_restore_vt() static.\n\n - udev: Downgrade message when setting inotify watch up fails.\n (bsc#1005023)\n\n - log: Never log into foreign fd #2 in PID 1 or its pre-execve() children.\n (bsc#1114981)\n\n - udev: Ignore the exit code of systemd-detect-virt for memory hot-add.\n In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that\n uses systemd-detect-virt to detect non-zvm environment. The\n systemd-detect-virt returns exit failure code when it detected _none_\n state. The exit failure code causes that the hot-add memory block can\n not be set to online. (bsc#1076696)\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-97=1\");\n\n script_tag(name:\"affected\", value:\"systemd on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0\", rpm:\"libsystemd0~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-debuginfo\", rpm:\"libsystemd0-debuginfo~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-mini\", rpm:\"libsystemd0-mini~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-mini-debuginfo\", rpm:\"libsystemd0-mini-debuginfo~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini-devel\", rpm:\"libudev-mini-devel~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini1\", rpm:\"libudev-mini1~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini1-debuginfo\", rpm:\"libudev-mini1-debuginfo~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1\", rpm:\"libudev1~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-debuginfo\", rpm:\"libudev1-debuginfo~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname\", rpm:\"nss-myhostname~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-debuginfo\", rpm:\"nss-myhostname-debuginfo~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines\", rpm:\"nss-mymachines~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines-debuginfo\", rpm:\"nss-mymachines-debuginfo~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd\", rpm:\"systemd~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debuginfo\", rpm:\"systemd-debuginfo~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debugsource\", rpm:\"systemd-debugsource~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-devel\", rpm:\"systemd-devel~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-logger\", rpm:\"systemd-logger~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini\", rpm:\"systemd-mini~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-debuginfo\", rpm:\"systemd-mini-debuginfo~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-debugsource\", rpm:\"systemd-mini-debugsource~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-devel\", rpm:\"systemd-mini-devel~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-sysvinit\", rpm:\"systemd-mini-sysvinit~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-sysvinit\", rpm:\"systemd-sysvinit~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev\", rpm:\"udev~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-debuginfo\", rpm:\"udev-debuginfo~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-mini\", rpm:\"udev-mini~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-mini-debuginfo\", rpm:\"udev-mini-debuginfo~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-bash-completion\", rpm:\"systemd-bash-completion~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-bash-completion\", rpm:\"systemd-mini-bash-completion~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-32bit\", rpm:\"libsystemd0-32bit~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-debuginfo-32bit\", rpm:\"libsystemd0-debuginfo-32bit~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-32bit\", rpm:\"libudev1-32bit~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-debuginfo-32bit\", rpm:\"libudev1-debuginfo-32bit~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-32bit\", rpm:\"nss-myhostname-32bit~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-debuginfo-32bit\", rpm:\"nss-myhostname-debuginfo-32bit~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-32bit\", rpm:\"systemd-32bit~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debuginfo-32bit\", rpm:\"systemd-debuginfo-32bit~228~65.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for xen FEDORA-2019-3e89502cb1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19962", "CVE-2018-19963", "CVE-2018-19965", "CVE-2018-18883", "CVE-2018-19961", "CVE-2018-19966", "CVE-2018-19967", "CVE-2018-19964"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876137", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876137", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876137\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19965\", \"CVE-2018-19963\", \"CVE-2018-19964\", \"CVE-2018-19966\", \"CVE-2018-19967\", \"CVE-2018-18883\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:36:04 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for xen FEDORA-2019-3e89502cb1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3e89502cb1\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LN27JE7V6VL542IPGWJCUQQEF5M64PUI\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the FEDORA-2019-3e89502cb1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the XenD daemon and xm command line\ntools, needed to manage virtual machines running under the\nXen hypervisor\");\n\n script_tag(name:\"affected\", value:\"'xen' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.11.1~4.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:22", "description": "The remote host is missing an update for\n the ", "cvss3": {}, "published": "2019-01-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for systemd USN-3855-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16865", "CVE-2018-16864", "CVE-2018-16866"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843868", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843868", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3855_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for systemd USN-3855-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843868\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-12 04:00:33 +0100 (Sat, 12 Jan 2019)\");\n script_name(\"Ubuntu Update for systemd USN-3855-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(18\\.10|18\\.04 LTS|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3855-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3855-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for\n the 'systemd' package(s) announced via the USN-3855-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version\n is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that systemd-journald\nallocated variable-length buffers for certain message fields on the stack. A\nlocal attacker could potentially exploit this to cause a denial of service,\nor execute arbitrary code. (CVE-2018-16864)\n\nIt was discovered that systemd-journald allocated variable-length arrays\nof objects representing message fields on the stack. A local attacker\ncould potentially exploit this to cause a denial of service, or execute\narbitrary code. (CVE-2018-16865)\n\nAn out-of-bounds read was discovered in systemd-journald. A local\nattacker could potentially exploit this to obtain sensitive information\nand bypass ASLR protections. (CVE-2018-16866)\");\n\n script_tag(name:\"affected\", value:\"systemd on Ubuntu 18.10,\n Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"systemd\", ver:\"237-3ubuntu10.11\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"systemd\", ver:\"239-7ubuntu10.6\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"systemd\", ver:\"229-4ubuntu21.15\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-30T13:52:19", "description": "The Qualys Research Labs discovered multiple vulnerabilities in\nsystemd-journald. Two memory corruption flaws, via attacker-controlled\nallocations using the alloca function (CVE-2018-16864,\nCVE-2018-16865)\nand an out-of-bounds read flaw leading to an information leak\n(CVE-2018-16866),\ncould allow an attacker to cause a denial of service or the execution of\narbitrary code.\n\nFurther details in the Qualys Security Advisory at the linked references.", "cvss3": {}, "published": "2019-01-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4367-1 (systemd - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16865", "CVE-2018-16864", "CVE-2018-16866"], "modified": "2019-07-29T00:00:00", "id": "OPENVAS:1361412562310704367", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704367", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4367-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704367\");\n script_version(\"2019-07-29T14:16:31+0000\");\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_name(\"Debian Security Advisory DSA 4367-1 (systemd - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-29 14:16:31 +0000 (Mon, 29 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-13 00:00:00 +0100 (Sun, 13 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4367.html\");\n script_xref(name:\"URL\", value:\"https://www.qualys.com/2019/01/09/system-down/system-down.txt\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"systemd on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 232-25+deb9u7.\n\nWe recommend that you upgrade your systemd packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/systemd\");\n script_tag(name:\"summary\", value:\"The Qualys Research Labs discovered multiple vulnerabilities in\nsystemd-journald. Two memory corruption flaws, via attacker-controlled\nallocations using the alloca function (CVE-2018-16864,\nCVE-2018-16865)\nand an out-of-bounds read flaw leading to an information leak\n(CVE-2018-16866),\ncould allow an attacker to cause a denial of service or the execution of\narbitrary code.\n\nFurther details in the Qualys Security Advisory at the linked references.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-myhostname\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-mymachines\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-resolve\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-systemd\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-systemd\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-dev\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd0\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libudev-dev\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libudev1\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-container\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-coredump\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-journal-remote\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-sysv\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"udev\", ver:\"232-25+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:54:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-18T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for xen (openSUSE-SU-2019:1226-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19665", "CVE-2019-6778", "CVE-2018-19961", "CVE-2019-9824", "CVE-2018-19966", "CVE-2018-19967"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852436", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852436", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852436\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-19665\", \"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19965\",\n \"CVE-2018-19966\", \"CVE-2018-19967\", \"CVE-2019-6778\", \"CVE-2019-9824\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-18 02:01:09 +0000 (Thu, 18 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for xen (openSUSE-SU-2019:1226-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1226-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the openSUSE-SU-2019:1226-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for xen fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-19967: Fixed HLE constructs that allowed guests to lock up the\n host, resulting in a Denial of Service (DoS). (XSA-282) (bsc#1114988)\n\n - CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in slirp\n (bsc#1123157).\n\n - Fixed an issue which could allow malicious or buggy guests with passed\n through PCI devices to be able to escalate their privileges, crash the\n host, or access data belonging to other guests. Additionally memory\n leaks were also possible (bsc#1126140).\n\n - Fixed a race condition issue which could allow malicious PV guests to\n escalate their privilege to that\n of the hypervisor (bsc#1126141).\n\n - Fixed an issue which could allow a malicious unprivileged guest\n userspace process to escalate its privilege to that of other userspace\n processes in the same guest and potentially thereby to that\n of the guest operating system (bsc#1126201).\n\n - CVE-2019-9824: Fixed an information leak in SLiRP networking\n implementation which could allow a user/process to read uninitialised\n stack memory contents (bsc#1129623).\n\n - CVE-2018-19961 CVE-2018-19962: Fixed insufficient TLB flushing /\n improper large page mappings with AMD IOMMUs (XSA-275)(bsc#1115040).\n\n - CVE-2018-19965: Fixed denial of service issue from attempting to use\n INVPCID with a non-canonical addresses (XSA-279)(bsc#1115045).\n\n - CVE-2018-19966: Fixed issue introduced by XSA-240 that could have caused\n conflicts with shadow paging (XSA-280)(bsc#1115047).\n\n - Fixed an issue which could allow malicious PV guests may cause a host\n crash or gain access to data pertaining to other guests.Additionally,\n vulnerable configurations are likely to be unstable even in the absence\n of an attack (bsc#1126198).\n\n - Fixed multiple access violations introduced by XENMEM_exchange hypercall\n which could allow a single PV guest to leak arbitrary amounts of memory,\n leading to a denial of service (bsc#1126192).\n\n - Fixed an issue which could allow malicious 64bit PV guests to cause a\n host crash (bsc#1127400).\n\n - Fixed an issue which could allow malicious or buggy x86 PV guest kernels\n to mount a Denial of Service attack affecting the whole system\n (bsc#1126197).\n\n - Fixed an issue which could allow an untrusted PV domain with access to a\n physical device to DMA into its own pagetables leading to privilege\n escalation (bsc#1126195).\n\n - Fixed an issue which could allow a malicious or buggy x86 PV guest\n kernels can mount a Denial of Service attack affecting the whole system\n (bsc#1126196).\n\n Other issues addressed:\n\n - ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'xen' package(s) on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-debugsource\", rpm:\"xen-debugsource~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo\", rpm:\"xen-libs-debuginfo~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU-debuginfo\", rpm:\"xen-tools-domU-debuginfo~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-32bit\", rpm:\"xen-libs-32bit~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo-32bit\", rpm:\"xen-libs-debuginfo-32bit~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-debuginfo\", rpm:\"xen-tools-debuginfo~4.9.4_02~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T17:38:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-13T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for xen (openSUSE-SU-2018:4111-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19962", "CVE-2018-19965", "CVE-2018-18883", "CVE-2018-19961", "CVE-2018-18849", "CVE-2018-19966"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852177", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852177", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852177\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-18849\", \"CVE-2018-18883\", \"CVE-2018-19961\",\n \"CVE-2018-19962\", \"CVE-2018-19965\", \"CVE-2018-19966\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-12-13 07:30:34 +0100 (Thu, 13 Dec 2018)\");\n script_name(\"openSUSE: Security Advisory for xen (openSUSE-SU-2018:4111-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:4111-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00028.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the openSUSE-SU-2018:4111-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for xen fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-18849: Fixed an out of bounds memory access issue was found in\n the LSI53C895A SCSI Host Bus Adapter emulation while writing a message\n in lsi_do_msgin (bsc#1114423).\n\n - CVE-2018-18883: Fixed a NULL pointer dereference that could have been\n triggered by nested VT-x that where not properly restricted\n (XSA-278)(bsc#1114405).\n\n - CVE-2018-19965: Fixed denial of service issue from attempting to use\n INVPCID with a non-canonical addresses (XSA-279)(bsc#1115045).\n\n - CVE-2018-19966: Fixed issue introduced by XSA-240 that could have caused\n conflicts with shadow paging (XSA-280)(bsc#1115047).\n\n - CVE-2018-19961 CVE-2018-19962: Fixed insufficient TLB flushing /\n improper large page mappings with AMD IOMMUs (XSA-275)(bsc#1115040).\n\n Non-security issues fixed:\n\n - Added upstream bug fixes (bsc#1027519).\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-1530=1\");\n\n script_tag(name:\"affected\", value:\"xen on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.9.3_03~34.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-debugsource\", rpm:\"xen-debugsource~4.9.3_03~34.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~4.9.3_03~34.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~4.9.3_03~34.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~4.9.3_03~34.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo\", rpm:\"xen-libs-debuginfo~4.9.3_03~34.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~4.9.3_03~34.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-debuginfo\", rpm:\"xen-tools-debuginfo~4.9.3_03~34.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~4.9.3_03~34.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU-debuginfo\", rpm:\"xen-tools-domU-debuginfo~4.9.3_03~34.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-3840-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407", "CVE-2018-0735"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843848", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843848", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3840_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for openssl USN-3840-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843848\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-5407\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-07 07:39:41 +0100 (Fri, 07 Dec 2018)\");\n script_name(\"Ubuntu Update for openssl USN-3840-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|18\\.10|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3840-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3840-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the USN-3840-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An\nattacker could possibly use this issue to perform a timing side-channel\nattack and recover private DSA keys. (CVE-2018-0734)\n\nSamuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An\nattacker could possibly use this issue to perform a timing side-channel\nattack and recover private ECDSA keys. This issue only affected Ubuntu\n18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)\n\nBilly Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri,\nand Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading\n(SMT) architectures are vulnerable to side-channel leakage. This issue is\nknown as 'PortSmash'. An attacker could possibly use this issue to perform\na timing side-channel attack and recover private keys. (CVE-2018-5407)\");\n\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 18.10,\n Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1f-1ubuntu2.27\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.2n-1ubuntu5.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.1\", ver:\"1.1.0g-2ubuntu4.3\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.2n-1ubuntu6.1\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.1\", ver:\"1.1.1-1ubuntu2.1\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.2g-1ubuntu4.14\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-07T00:00:00", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2018-44c6f91560", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10963", "CVE-2018-8905", "CVE-2018-5784", "CVE-2017-18013", "CVE-2017-9935", "CVE-2018-7456"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874656", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874656", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_44c6f91560_libtiff_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libtiff FEDORA-2018-44c6f91560\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874656\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-07 05:58:11 +0200 (Thu, 07 Jun 2018)\");\n script_cve_id(\"CVE-2017-9935\", \"CVE-2017-18013\", \"CVE-2018-8905\", \"CVE-2018-10963\",\n \"CVE-2018-7456\", \"CVE-2018-5784\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libtiff FEDORA-2018-44c6f91560\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"libtiff on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-44c6f91560\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3MTRC34TJBJGOIZGX7FW5GTMKLHNQD3V\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.9~9.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-16T00:00:00", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2018-35d435f362", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10963", "CVE-2018-8905", "CVE-2017-11613", "CVE-2017-18013", "CVE-2017-9935", "CVE-2018-7456"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874685", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874685", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_35d435f362_libtiff_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libtiff FEDORA-2018-35d435f362\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874685\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-16 06:02:02 +0200 (Sat, 16 Jun 2018)\");\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-9935\", \"CVE-2017-18013\", \"CVE-2018-8905\",\n \"CVE-2018-10963\", \"CVE-2018-7456\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libtiff FEDORA-2018-35d435f362\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"libtiff on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-35d435f362\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZBELT74XEGJ573EWJE6SWITWEQGFK4B\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.9~10.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-11T16:41:25", "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.", "cvss3": {}, "published": "2018-10-15T00:00:00", "type": "openvas", "title": "Wireshark Steam IHS Discovery/CoAP Dissector DoS Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18225", "CVE-2018-18226"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310814134", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814134", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814134\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_cve_id(\"CVE-2018-18225\", \"CVE-2018-18226\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-15 12:30:47 +0530 (Mon, 15 Oct 2018)\");\n script_name(\"Wireshark Steam IHS Discovery/CoAP Dissector DoS Vulnerabilities (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to insufficient validation\n of user-supplied input processed by Steam In-Home Streaming (IHS) Discovery\n and Constrained Application Protocol (CoAP) dissector components.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to cause a denial of service (DoS) condition on a targeted system.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.6.0 to 2.6.3 on MACOSX.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 2.6.4 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-48.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-49.html\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/security/center/viewAlert.x?alertId=59009\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/security/center/viewAlert.x?alertId=59008\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.3\"))\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:\"2.6.4\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-14T17:03:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-01-30T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for systemd (openSUSE-SU-2019:0098-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16865", "CVE-2018-16864", "CVE-2018-16866", "CVE-2018-6954"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310852260", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852260", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852260\");\n script_version(\"2020-03-13T09:37:47+0000\");\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\", \"CVE-2018-6954\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 09:37:47 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-30 04:03:21 +0100 (Wed, 30 Jan 2019)\");\n script_name(\"openSUSE: Security Advisory for systemd (openSUSE-SU-2019:0098-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0098-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00043.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'systemd'\n package(s) announced via the openSUSE-SU-2019:0098-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for systemd provides the following fixes:\n\n Security issues fixed:\n\n - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through\n attacker-controlled alloca()s (bsc#1120323)\n\n - CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\n - CVE-2018-6954: Fix mishandling of symlinks present in non-terminal path\n components (bsc#1080919)\n\n - Fixed an issue during system startup in relation to encrypted swap disks\n (bsc#1119971)\n\n Non-security issues fixed:\n\n - pam_systemd: Fix 'Cannot create session: Already running in a session'\n (bsc#1111498)\n\n - systemd-vconsole-setup: vconsole setup fails, fonts will not be copied\n to tty (bsc#1114933)\n\n - systemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple\n units (bsc#1045723)\n\n - Fixed installation issue with /etc/machine-id during update (bsc#1117063)\n\n - btrfs: qgroups are assigned to parent qgroups after reboot (bsc#1093753)\n\n - logind: Stop managing VT switches if no sessions are registered on that\n VT. (bsc#1101591)\n\n - udev: Downgrade message when setting inotify watch up fails.\n (bsc#1005023)\n\n - udev: Ignore the exit code of systemd-detect-virt for memory hot-add.\n In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that\n uses systemd-detect-virt to detect non-zvm environment. The\n systemd-detect-virt returns exit failure code when it detected _none_\n state. The exit failure code causes that the hot-add memory block can\n not be set to online. (bsc#1076696)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-98=1\");\n\n script_tag(name:\"affected\", value:\"systemd on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0\", rpm:\"libsystemd0~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-debuginfo\", rpm:\"libsystemd0-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-mini\", rpm:\"libsystemd0-mini~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-mini-debuginfo\", rpm:\"libsystemd0-mini-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini-devel\", rpm:\"libudev-mini-devel~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini1\", rpm:\"libudev-mini1~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini1-debuginfo\", rpm:\"libudev-mini1-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1\", rpm:\"libudev1~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-debuginfo\", rpm:\"libudev1-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname\", rpm:\"nss-myhostname~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-debuginfo\", rpm:\"nss-myhostname-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines\", rpm:\"nss-mymachines~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines-debuginfo\", rpm:\"nss-mymachines-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-systemd\", rpm:\"nss-systemd~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-systemd-debuginfo\", rpm:\"nss-systemd-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd\", rpm:\"systemd~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-container\", rpm:\"systemd-container~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-container-debuginfo\", rpm:\"systemd-container-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-coredump\", rpm:\"systemd-coredump~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-coredump-debuginfo\", rpm:\"systemd-coredump-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debuginfo\", rpm:\"systemd-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debugsource\", rpm:\"systemd-debugsource~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-devel\", rpm:\"systemd-devel~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-logger\", rpm:\"systemd-logger~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini\", rpm:\"systemd-mini~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-container-mini\", rpm:\"systemd-mini-container-mini~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-container-mini-debuginfo\", rpm:\"systemd-mini-container-mini-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-coredump-mini\", rpm:\"systemd-mini-coredump-mini~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-coredump-mini-debuginfo\", rpm:\"systemd-mini-coredump-mini-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-debuginfo\", rpm:\"systemd-mini-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-debugsource\", rpm:\"systemd-mini-debugsource~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-devel\", rpm:\"systemd-mini-devel~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-sysvinit\", rpm:\"systemd-mini-sysvinit~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-sysvinit\", rpm:\"systemd-sysvinit~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev\", rpm:\"udev~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-debuginfo\", rpm:\"udev-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-mini\", rpm:\"udev-mini~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-mini-debuginfo\", rpm:\"udev-mini-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-32bit\", rpm:\"libsystemd0-32bit~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-32bit-debuginfo\", rpm:\"libsystemd0-32bit-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-devel-32bit\", rpm:\"libudev-devel-32bit~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-32bit\", rpm:\"libudev1-32bit~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-32bit-debuginfo\", rpm:\"libudev1-32bit-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-32bit\", rpm:\"nss-myhostname-32bit~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-32bit-debuginfo\", rpm:\"nss-myhostname-32bit-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines-32bit\", rpm:\"nss-mymachines-32bit~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines-32bit-debuginfo\", rpm:\"nss-mymachines-32bit-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-32bit\", rpm:\"systemd-32bit~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-32bit-debuginfo\", rpm:\"systemd-32bit-debuginfo~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-bash-completion\", rpm:\"systemd-bash-completion~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-bash-completion\", rpm:\"systemd-mini-bash-completion~234~lp150.20.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-11T16:41:25", "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.", "cvss3": {}, "published": "2018-10-15T00:00:00", "type": "openvas", "title": "Wireshark Steam IHS Discovery/CoAP Dissector DoS Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18225", "CVE-2018-18226"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310814133", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814133", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814133\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_cve_id(\"CVE-2018-18225\", \"CVE-2018-18226\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-15 12:24:51 +0530 (Mon, 15 Oct 2018)\");\n script_name(\"Wireshark Steam IHS Discovery/CoAP Dissector DoS Vulnerabilities (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to insufficient validation\n of user-supplied input processed by Steam In-Home Streaming (IHS) Discovery\n and Constrained Application Protocol (CoAP) dissector components.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to cause a denial of service (DoS) condition on a targeted system.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.6.0 to 2.6.3 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 2.6.4 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-48.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-49.html\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/security/center/viewAlert.x?alertId=59009\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/security/center/viewAlert.x?alertId=59008\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.3\"))\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:\"2.6.4\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-01-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for tiff USN-3864-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2018-17101", "CVE-2018-18661", "CVE-2018-17100", "CVE-2018-7456"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843877", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843877", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3864_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for tiff USN-3864-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843877\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-10963\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-18557\",\n \"CVE-2018-18661\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-23 04:01:44 +0100 (Wed, 23 Jan 2019)\");\n script_name(\"Ubuntu Update for tiff USN-3864-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|18\\.10|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3864-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3864-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tiff'\n package(s) announced via the USN-3864-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that LibTIFF incorrectly handled\ncertain malformed images. If a user or automated system were tricked into opening a specially\ncrafted image, a remote attacker could crash the application, leading to a\ndenial of service, or possibly execute arbitrary code with user privileges.\");\n\n script_tag(name:\"affected\", value:\"tiff on Ubuntu 18.10,\n Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.3-7ubuntu0.10\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.3-7ubuntu0.10\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.9-5ubuntu0.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.9-5ubuntu0.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.9-6ubuntu0.1\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.9-6ubuntu0.1\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.6-1ubuntu0.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.6-1ubuntu0.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2018-399bce9f8f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10779", "CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2018-5784", "CVE-2017-11613", "CVE-2017-18013", "CVE-2018-17101", "CVE-2018-18661", "CVE-2017-9935", "CVE-2018-17100", "CVE-2018-7456"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875294", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875294", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_399bce9f8f_libtiff_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libtiff FEDORA-2018-399bce9f8f\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875294\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-10779\",\n \"CVE-2017-11613\", \"CVE-2017-9935\", \"CVE-2017-18013\", \"CVE-2018-8905\",\n \"CVE-2018-10963\", \"CVE-2018-7456\", \"CVE-2018-5784\", \"CVE-2018-18661\",\n \"CVE-2018-18557\");\n script_bugtraq_id(106054);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 12:40:41 +0530 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for libtiff FEDORA-2018-399bce9f8f\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n script_xref(name:\"FEDORA\", value:\"2018-399bce9f8f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4XDS4ASFUN75CXGD4A6LIXCBAL3H2HN\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the FEDORA-2018-399bce9f8f advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"libtiff on Fedora 27.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.10~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T20:08:06", "description": "Multiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service:\n\nCVE-2017-11613\n\nDdenial of service vulnerability in the TIFFOpen function. A crafted\ninput will lead to a denial of service attack and can either make the\nsystem hand or trigger the OOM killer.\n\nCVE-2018-5784\n\nThere is an uncontrolled resource consumption in TIFFSetDirectory function\nof src/libtiff/tif_dir.c, which can cause denial of service through a\ncrafted tif file.", "cvss3": {}, "published": "2018-06-04T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for tiff (DLA-1391-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5784", "CVE-2017-11613"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891391", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891391", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891391\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-11613\", \"CVE-2018-5784\");\n script_name(\"Debian LTS: Security Advisory for tiff (DLA-1391-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-06-04 00:00:00 +0200 (Mon, 04 Jun 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/05/msg00022.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"tiff on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n4.0.2-6+deb7u21.\n\nWe recommend that you upgrade your tiff packages.\");\n\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service:\n\nCVE-2017-11613\n\nDdenial of service vulnerability in the TIFFOpen function. A crafted\ninput will lead to a denial of service attack and can either make the\nsystem hand or trigger the OOM killer.\n\nCVE-2018-5784\n\nThere is an uncontrolled resource consumption in TIFFSetDirectory function\nof src/libtiff/tif_dir.c, which can cause denial of service through a\ncrafted tif file.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"4.0.2-6+deb7u21\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"4.0.2-6+deb7u21\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.2-6+deb7u21\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.2-6+deb7u21\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff5-alt-dev\", ver:\"4.0.2-6+deb7u21\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff5-dev\", ver:\"4.0.2-6+deb7u21\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiffxx5\", ver:\"4.0.2-6+deb7u21\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-04T18:56:07", "description": "Multiple vulnerabilities have been discovered in Wireshark, a network\nprotocol analyzer, which could result in denial of service or the\nexecution of arbitrary code.", "cvss3": {}, "published": "2018-12-27T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4359-1 (wireshark - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-12086", "CVE-2018-19626", "CVE-2018-18227", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-19623", "CVE-2018-19624"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704359", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704359", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4359-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704359\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\", \"CVE-2018-19622\",\n \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\",\n \"CVE-2018-19628\");\n script_name(\"Debian Security Advisory DSA 4359-1 (wireshark - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-12-27 00:00:00 +0100 (Thu, 27 Dec 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4359.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2.6.5-1~deb9u1.\n\nWe recommend that you upgrade your wireshark packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/wireshark\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been discovered in Wireshark, a network\nprotocol analyzer, which could result in denial of service or the\nexecution of arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark11\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap8\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwscodecs2\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil9\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tshark\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-gtk\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-qt\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-29T19:24:48", "description": "Multiple vulnerabilities were found in the journald component of\nsystemd which can lead to a crash or code execution.\n\nCVE-2018-16864\n\nAn allocation of memory without limits, that could result in the\nstack clashing with another memory region, was discovered in\nsystemd-journald when many entries are sent to the journal\nsocket. A local attacker, or a remote one if\nsystemd-journal-remote is used, may use this flaw to crash\nsystemd-journald or execute code with journald privileges.\n\nCVE-2018-16865\n\nAn allocation of memory without limits, that could result in the\nstack clashing with another memory region, was discovered in\nsystemd-journald when a program with long command line arguments\ncalls syslog. A local attacker may use this flaw to crash\nsystemd-journald or escalate his privileges. Versions through v240\nare vulnerable.", "cvss3": {}, "published": "2019-01-23T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for systemd (DLA-1639-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16865", "CVE-2018-16864"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891639", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891639", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891639\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\");\n script_name(\"Debian LTS: Security Advisory for systemd (DLA-1639-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-23 00:00:00 +0100 (Wed, 23 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00016.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"systemd on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n215-17+deb8u9.\n\nWe recommend that you upgrade your systemd packages.\");\n\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities were found in the journald component of\nsystemd which can lead to a crash or code execution.\n\nCVE-2018-16864\n\nAn allocation of memory without limits, that could result in the\nstack clashing with another memory region, was discovered in\nsystemd-journald when many entries are sent to the journal\nsocket. A local attacker, or a remote one if\nsystemd-journal-remote is used, may use this flaw to crash\nsystemd-journald or execute code with journald privileges.\n\nCVE-2018-16865\n\nAn allocation of memory without limits, that could result in the\nstack clashing with another memory region, was discovered in\nsystemd-journald when a program with long command line arguments\ncalls syslog. A local attacker may use this flaw to crash\nsystemd-journald or escalate his privileges. Versions through v240\nare vulnerable.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"gir1.2-gudev-1.0\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libgudev-1.0-0\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libgudev-1.0-dev\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-systemd\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-daemon-dev\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-daemon0\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-dev\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-id128-0\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-id128-dev\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-journal-dev\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-journal0\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-login-dev\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-login0\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd0\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libudev-dev\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libudev1\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3-systemd\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-dbg\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-sysv\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"udev\", ver:\"215-17+deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-07T00:00:00", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2018-d41d114d3e", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10963", "CVE-2018-8905", "CVE-2017-18013", "CVE-2017-9935", "CVE-2018-7456"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874654", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874654", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_d41d114d3e_libtiff_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libtiff FEDORA-2018-d41d114d3e\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874654\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-07 05:57:03 +0200 (Thu, 07 Jun 2018)\");\n script_cve_id(\"CVE-2017-9935\", \"CVE-2017-18013\", \"CVE-2018-8905\", \"CVE-2018-10963\",\n \"CVE-2018-7456\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libtiff FEDORA-2018-d41d114d3e\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"libtiff on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-d41d114d3e\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKX2HGAISSQTWZQMOCKXKTWFRBVDQJ5X\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.9~9.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-04-25T00:00:00", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2018-335aec0507", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5784", "CVE-2018-7456"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874385", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874385", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_335aec0507_libtiff_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libtiff FEDORA-2018-335aec0507\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874385\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-25 08:52:12 +0200 (Wed, 25 Apr 2018)\");\n script_cve_id(\"CVE-2018-7456\", \"CVE-2018-5784\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libtiff FEDORA-2018-335aec0507\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libtiff on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-335aec0507\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M6LK6EDCYCIL2IGCNYUQSBSSNT5O7VQK\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.9~8.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T20:07:13", "description": "CVE-2018-0735\nSamuel Weiser reported a timing vulnerability in the OpenSSL ECDSA\nsignature generation, which might leak information to recover the\nprivate key.\n\nCVE-2018-5407\nAlejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar\nPereida Garcia and Nicola Tuveri reported a vulnerability to a\ntiming side channel attack, which might be used to recover the\nprivate key.", "cvss3": {}, "published": "2018-11-22T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for openssl (DLA-1586-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5407", "CVE-2018-0735"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891586", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891586", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891586\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-0735\", \"CVE-2018-5407\");\n script_name(\"Debian LTS: Security Advisory for openssl (DLA-1586-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-11-22 00:00:00 +0100 (Thu, 22 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"openssl on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.0.1t-1+deb8u10.\n\nWe recommend that you upgrade your openssl packages.\");\n\n script_tag(name:\"summary\", value:\"CVE-2018-0735\nSamuel Weiser reported a timing vulnerability in the OpenSSL ECDSA\nsignature generation, which might leak information to recover the\nprivate key.\n\nCVE-2018-5407\nAlejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar\nPereida Garcia and Nicola Tuveri reported a vulnerability to a\ntiming side channel attack, which might be used to recover the\nprivate key.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1t-1+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1t-1+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1t-1+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1t-1+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1t-1+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-06-04T16:42:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-29T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for tiff (openSUSE-SU-2018:1834-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10963", "CVE-2018-8905", "CVE-2016-3632", "CVE-2017-11613", "CVE-2017-18013", "CVE-2016-8331", "CVE-2017-13726", "CVE-2018-7456"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310851801", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851801", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851801\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-06-29 05:47:21 +0200 (Fri, 29 Jun 2018)\");\n script_cve_id(\"CVE-2016-3632\", \"CVE-2016-8331\", \"CVE-2017-11613\", \"CVE-2017-13726\",\n \"CVE-2017-18013\", \"CVE-2018-10963\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for tiff (openSUSE-SU-2018:1834-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tiff'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for tiff fixes the following issues:\n\n These security issues were fixed:\n\n - CVE-2017-18013: There was a Null-Pointer Dereference in the tif_print.c\n TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.\n (bsc#1074317)\n\n - CVE-2018-10963: The TIFFWriteDirectorySec() function in tif_dirwrite.c\n allowed remote attackers to cause a denial of service (assertion failure\n and application crash) via a crafted file, a different vulnerability\n than CVE-2017-13726. (bsc#1092949)\n\n - CVE-2018-7456: Prevent a NULL Pointer dereference in the function\n TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF\n information, a different vulnerability than CVE-2017-18013 (bsc#1082825)\n\n - CVE-2017-11613: Prevent denial of service in the TIFFOpen function.\n During the TIFFOpen process, td_imagelength is not checked. The value of\n td_imagelength can be directly controlled by an input file. In the\n ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is\n called based on td_imagelength. If the value of td_imagelength is set\n close to the amount of system memory, it will hang the system or trigger\n the OOM killer (bsc#1082332)\n\n - CVE-2018-8905: Prevent heap-based buffer overflow in the function\n LZWDecodeCompat via a crafted TIFF file (bsc#1086408)\n\n - CVE-2016-8331: Prevent remote code execution because of incorrect\n handling of TIFF images. A crafted TIFF document could have lead to a\n type confusion vulnerability resulting in remote code execution. This\n vulnerability could have been be triggered via a TIFF file delivered to\n the application using LibTIFF's tag extension functionality (bsc#1007276)\n\n - CVE-2016-3632: The _TIFFVGetField function allowed remote attackers to\n cause a denial of service (out-of-bounds write) or execute arbitrary\n code via a crafted TIFF image (bsc#974621)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-677=1\");\n\n script_tag(name:\"affected\", value:\"tiff on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:1834-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-06/msg00049.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~4.0.9~31.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5\", rpm:\"libtiff5~4.0.9~31.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-debuginfo\", rpm:\"libtiff5-debuginfo~4.0.9~31.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~4.0.9~31.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff-debuginfo\", rpm:\"tiff-debuginfo~4.0.9~31.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff-debugsource\", rpm:\"tiff-debugsource~4.0.9~31.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff-devel-32bit\", rpm:\"libtiff-devel-32bit~4.0.9~31.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-32bit\", rpm:\"libtiff5-32bit~4.0.9~31.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-debuginfo-32bit\", rpm:\"libtiff5-debuginfo-32bit~4.0.9~31.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:34", "description": "This host is running OpenSSL and is prone\n to multiple vulnerabilities.", "cvss3": {}, "published": "2018-04-23T00:00:00", "type": "openvas", "title": "OpenSSL: 1.0.2 < 1.0.2p / 1.1.0 < 1.1.0i Multiple Vulnerabilities (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0737"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310813154", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813154", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_cache_timing_info_disc_vuln_lin.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL: 1.0.2 < 1.0.2p / 1.1.0 < 1.1.0i Multiple Vulnerabilities (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813154\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0737\");\n script_bugtraq_id(103766, 104442);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-23 18:50:10 +0530 (Mon, 23 Apr 2018)\");\n script_name(\"OpenSSL: 1.0.2 < 1.0.2p / 1.1.0 < 1.1.0i Multiple Vulnerabilities (Linux)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_unixoide\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20180416.txt\");\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20180612.txt\");\n script_xref(name:\"URL\", value:\"http://seclists.org/oss-sec/2018/q2/50\");\n script_xref(name:\"URL\", value:\"https://github.com/openssl/openssl/commit/ea7abeeabf92b7aca160bdd0208636d4da69f4f4\");\n script_xref(name:\"URL\", value:\"https://github.com/openssl/openssl/commit/3984ef0b72831da8b3ece4745cac4f8575b19098\");\n script_xref(name:\"URL\", value:\"https://github.com/openssl/openssl/commit/6939eab03a6e23d2bd2c3f5e34fe1d48e542e787\");\n script_xref(name:\"URL\", value:\"https://github.com/openssl/openssl/commit/349a41da1ad88ad87825414752a8ff5fdd6a6c3f\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaws exist due to:\n\n - During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send\n a very large prime value to the client (CVE-2018-0732).\n\n - The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel\n attack (CVE-2018-0737).\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote attacker:\n\n - to cause the client to spend an unreasonably long period of time generating a key for this prime resulting\n in a hang until the client has finished. This could be exploited in a Denial Of Service attack (CVE-2018-0732).\n\n - with sufficient access to mount cache timing attacks during the RSA key generation process could recover the\n private key (CVE-2018-0737).\");\n\n script_tag(name:\"affected\", value:\"OpenSSL 1.1.0-1.1.0h and 1.0.2-1.0.2o.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to OpenSSL version 1.1.0i or 1.0.2p or\n later. See the references for more details.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos['version'];\npath = infos['location'];\n\nif( version_in_range( version:vers, test_version:\"1.1.0\", test_version2:\"1.1.0h\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"1.1.0i\", install_path:path );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nif( version_in_range( version:vers, test_version:\"1.0.2\", test_version2:\"1.0.2o\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"1.0.2p\", install_path:path );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2018-67a6bf4ac1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10779", "CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2017-11613", "CVE-2017-18013", "CVE-2018-17101", "CVE-2018-18661", "CVE-2017-9935", "CVE-2018-17100", "CVE-2018-7456"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875292", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875292", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_67a6bf4ac1_libtiff_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libtiff FEDORA-2018-67a6bf4ac1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875292\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-10779\", \"CVE-2017-11613\",\n \"CVE-2017-9935\", \"CVE-2017-18013\", \"CVE-2018-8905\", \"CVE-2018-10963\",\n \"CVE-2018-7456\", \"CVE-2018-18661\", \"CVE-2018-18557\");\n script_bugtraq_id(106054);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 12:40:48 +0530 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for libtiff FEDORA-2018-67a6bf4ac1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-67a6bf4ac1\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T7WN6B6ICKF57D6HQJVWPQYDNBPP2VY6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the FEDORA-2018-67a6bf4ac1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"libtiff on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.10~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:37:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-11-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl-1_1 (openSUSE-SU-2018:3890-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852145", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852145", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852145\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-11-26 15:08:57 +0100 (Mon, 26 Nov 2018)\");\n script_name(\"openSUSE: Security Advisory for openssl-1_1 (openSUSE-SU-2018:3890-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3890-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00043.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl-1_1'\n package(s) announced via the openSUSE-SU-2018:3890-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl-1_1 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-0734: timing vulnerability in DSA signature generation\n (bsc#1113652).\n\n - CVE-2018-0735: timing vulnerability in ECDSA signature generation\n (bsc#1113651).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1465=1\");\n\n script_tag(name:\"affected\", value:\"openssl-1_1 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_1-devel\", rpm:\"libopenssl-1_1-devel~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1\", rpm:\"libopenssl1_1~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-debuginfo\", rpm:\"libopenssl1_1-debuginfo~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-hmac\", rpm:\"libopenssl1_1-hmac~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1\", rpm:\"openssl-1_1~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-debuginfo\", rpm:\"openssl-1_1-debuginfo~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-debugsource\", rpm:\"openssl-1_1-debugsource~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-doc\", rpm:\"openssl-1_1-doc~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_1-devel-32bit\", rpm:\"libopenssl-1_1-devel-32bit~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-32bit\", rpm:\"libopenssl1_1-32bit~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-32bit-debuginfo\", rpm:\"libopenssl1_1-32bit-debuginfo~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-hmac-32bit\", rpm:\"libopenssl1_1-hmac-32bit~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-06-05T01:40:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-02T00:00:00", "type": "openvas", "title": "Fedora Update for xen FEDORA-2019-1f5832fc0e", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19962", "CVE-2018-12126", "CVE-2018-19963", "CVE-2018-19965", "CVE-2018-12127", "CVE-2018-18883", "CVE-2018-19961", "CVE-2018-19966", "CVE-2018-19967", "CVE-2018-19964", "CVE-2019-11091", "CVE-2018-12130"], "modified": "2019-06-04T00:00:00", "id": "OPENVAS:1361412562310876441", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876441", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876441\");\n script_version(\"2019-06-04T07:02:10+0000\");\n script_cve_id(\"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19965\", \"CVE-2018-19963\", \"CVE-2018-19964\", \"CVE-2018-19966\", \"CVE-2018-19967\", \"CVE-2018-18883\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-06-04 07:02:10 +0000 (Tue, 04 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-06-02 02:14:45 +0000 (Sun, 02 Jun 2019)\");\n script_name(\"Fedora Update for xen FEDORA-2019-1f5832fc0e\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1f5832fc0e\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the FEDORA-2019-1f5832fc0e advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the XenD daemon and xm command line\ntools, needed to manage virtual machines running under the\nXen hypervisor\");\n\n script_tag(name:\"affected\", value:\"'xen' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.11.1~5.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2023-05-04T15:24:43", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4349-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nNovember 30, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tiff\nCVE ID : CVE-2017-11613 CVE-2017-17095 CVE-2018-5784\n CVE-2018-7456 CVE-2018-8905 CVE-2018-10963\n\t\t CVE-2018-17101 CVE-2018-18557 CVE-2018-15209\n\t\t CVE-2018-16335\n\nMultiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service or the\nexecution of arbitrary code if malformed image files are processed.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.0.8-2+deb9u4.\n\nWe recommend that you upgrade your tiff packages.\n\nFor the detailed security status of tiff please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/tiff\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-11-30T22:41:54", "type": "debian", "title": "[SECURITY] [DSA 4349-1] tiff security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11613", "CVE-2017-17095", "CVE-2018-10963", "CVE-2018-15209", "CVE-2018-16335", "CVE-2018-17101", "CVE-2018-18557", "CVE-2018-5784", "CVE-2018-7456", "CVE-2018-8905"], "modified": "2018-11-30T22:41:54", "id": "DEBIAN:DSA-4349-1:DA7EF", "href": "https://lists.debian.org/debian-security-announce/2018/msg00281.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-04T15:24:15", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4369-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 14, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : xen\nCVE ID : CVE-2018-19961 CVE-2018-19962 CVE-2018-19965\n CVE-2018-19966 CVE-2018-19967\n\nMultiple vulnerabilities have been discovered in the Xen hypervisor:\n\nCVE-2018-19961 / CVE-2018-19962\n\n Paul Durrant discovered that incorrect TLB handling could result in\n denial of service, privilege escalation or information leaks.\n\nCVE-2018-19965\n\n Matthew Daley discovered that incorrect handling of the INVPCID\n instruction could result in denial of service by PV guests.\n\nCVE-2018-19966\n\n It was discovered that a regression in the fix to address\n CVE-2017-15595 could result in denial of service, privilege\n escalation or information leaks by a PV guest.\n\nCVE-2018-19967\n\n It was discovered that an error in some Intel CPUs could result in\n denial of service by a guest instance.\n \nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.8.5+shim4.10.2+xsa282-1+deb9u11.\n\nWe recommend that you upgrade your xen packages.\n\nFor the detailed security status of xen please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/xen\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-01-14T22:09:42", "type": "debian", "title": "[SECURITY] [DSA 4369-1] xen security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15595", "CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19966", "CVE-2018-19967"], "modified": "2019-01-14T22:09:42", "id": "DEBIAN:DSA-4369-1:07573", "href": "https://lists.debian.org/debian-security-announce/2019/msg00007.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-04T15:24:48", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4348-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nNovember 30, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2018-0732 CVE-2018-0734 CVE-2018-0735 CVE-2018-0737 \n CVE-2018-5407\n\nSeveral local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.1.0j-1~deb9u1. Going forward, openssl security updates for\nstretch will be based on the 1.1.0x upstream releases.\n\nWe recommend that you upgrade your openssl packages.\n\nFor the detailed security status of openssl please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/openssl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-30T22:26:20", "type": "debian", "title": "[SECURITY] [DSA 4348-1] openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-0737", "CVE-2018-5407"], "modified": "2018-11-30T22:26:20", "id": "DEBIAN:DSA-4348-1:05673", "href": "https://lists.debian.org/debian-security-announce/2018/msg00280.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-01T15:13:24", "description": "Package : xen\nVersion : 4.4.4lts5-0+deb8u1\nCVE ID : CVE-2018-19961 CVE-2018-19962 CVE-2018-19966\nXSA ID : XSA-275 XSA-280 XSA-285 XSA-287 XSA-288\n\nMultiple vulnerabilities have been discovered in the Xen hypervisor, which\ncould result in denial of service, informations leaks or privilege\nescalation.\n \nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n4.4.4lts5-0+deb8u1.\n\nWe recommend that you upgrade your xen packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-10-08T12:40:59", "type": "debian", "title": "[SECURITY] [DLA 1949-1] xen security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19966"], "modified": "2019-10-08T12:40:59", "id": "DEBIAN:DLA-1949-1:95A46", "href": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-04T15:24:33", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4355-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nDecember 19, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl1.0\nCVE ID : CVE-2018-0732 CVE-2018-0734 CVE-2018-0737 CVE-2018-5407\n\nSeveral local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.0.2q-1~deb9u1. Going forward, openssl1.0 security updates for\nstretch will be based on the 1.0.2x upstream releases.\n\nWe recommend that you upgrade your openssl1.0 packages.\n\nFor the detailed security status of openssl1.0 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/openssl1.0\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-19T22:29:59", "type": "debian", "title": "[SECURITY] [DSA 4355-1] openssl1.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0737", "CVE-2018-5407"], "modified": "2018-12-19T22:29:59", "id": "DEBIAN:DSA-4355-1:1415E", "href": "https://lists.debian.org/debian-security-announce/2018/msg00287.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-23T20:44:12", "description": "Package : tiff\nVersion : 4.0.3-12.3+deb8u6\nCVE ID : CVE-2017-11613 CVE-2018-5784 CVE-2018-7456\n CVE-2018-8905 CVE-2018-10963\nDebian Bug : 869823 898348 890441 891288 893806\n\nSeveral issues were discovered in TIFF, the Tag Image File Format\nlibrary, that allowed remote attackers to cause a denial-of-service or\nother unspecified impact via a crafted image file.\n\nCVE-2017-11613: DoS vulnerability\n A crafted input will lead to a denial of service attack. During the\n TIFFOpen process, td_imagelength is not checked. The value of\n td_imagelength can be directly controlled by an input file. In the\n ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc\n function is called based on td_imagelength. If the value of\n td_imagelength is set close to the amount of system memory, it will\n hang the system or trigger the OOM killer.\n\nCVE-2018-10963: DoS vulnerability\n The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF\n allows remote attackers to cause a denial of service (assertion\n failure and application crash) via a crafted file, a different\n vulnerability than CVE-2017-13726.\n\nCVE-2018-5784: DoS vulnerability\n In LibTIFF, there is an uncontrolled resource consumption in the\n TIFFSetDirectory function of tif_dir.c. Remote attackers could\n leverage this vulnerability to cause a denial of service via a\n crafted tif file.\n This occurs because the declared number of directory entries is not\n validated against the actual number of directory entries.\n\nCVE-2018-7456: NULL Pointer Dereference\n A NULL Pointer Dereference occurs in the function TIFFPrintDirectory\n in tif_print.c in LibTIFF when using the tiffinfo tool to print\n crafted TIFF information, a different vulnerability than\n CVE-2017-18013. (This affects an earlier part of the\n TIFFPrintDirectory function that was not addressed by the\n CVE-2017-18013 patch.)\n\nCVE-2018-8905: Heap-based buffer overflow\n In LibTIFF, a heap-based buffer overflow occurs in the function\n LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as\n demonstrated by tiff2ps.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n4.0.3-12.3+deb8u6.\n\nWe recommend that you upgrade your tiff packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-02T14:49:43", "type": "debian", "title": "[SECURITY] [DLA 1411-1] tiff security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11613", "CVE-2017-13726", "CVE-2017-18013", "CVE-2018-10963", "CVE-2018-5784", "CVE-2018-7456", "CVE-2018-8905"], "modified": "2018-07-02T14:49:43", "id": "DEBIAN:DLA-1411-1:EBCC1", "href": "https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-14T18:43:13", "description": "Package : tiff\nVersion : 4.0.3-12.3+deb8u6\nCVE ID : CVE-2017-11613 CVE-2018-5784 CVE-2018-7456\n CVE-2018-8905 CVE-2018-10963\nDebian Bug : 869823 898348 890441 891288 893806\n\nSeveral issues were discovered in TIFF, the Tag Image File Format\nlibrary, that allowed remote attackers to cause a denial-of-service or\nother unspecified impact via a crafted image file.\n\nCVE-2017-11613: DoS vulnerability\n A crafted input will lead to a denial of service attack. During the\n TIFFOpen process, td_imagelength is not checked. The value of\n td_imagelength can be directly controlled by an input file. In the\n ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc\n function is called based on td_imagelength. If the value of\n td_imagelength is set close to the amount of system memory, it will\n hang the system or trigger the OOM killer.\n\nCVE-2018-10963: DoS vulnerability\n The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF\n allows remote attackers to cause a denial of service (assertion\n failure and application crash) via a crafted file, a different\n vulnerability than CVE-2017-13726.\n\nCVE-2018-5784: DoS vulnerability\n In LibTIFF, there is an uncontrolled resource consumption in the\n TIFFSetDirectory function of tif_dir.c. Remote attackers could\n leverage this vulnerability to cause a denial of service via a\n crafted tif file.\n This occurs because the declared number of directory entries is not\n validated against the actual number of directory entries.\n\nCVE-2018-7456: NULL Pointer Dereference\n A NULL Pointer Dereference occurs in the function TIFFPrintDirectory\n in tif_print.c in LibTIFF when using the tiffinfo tool to print\n crafted TIFF information, a different vulnerability than\n CVE-2017-18013. (This affects an earlier part of the\n TIFFPrintDirectory function that was not addressed by the\n CVE-2017-18013 patch.)\n\nCVE-2018-8905: Heap-based buffer overflow\n In LibTIFF, a heap-based buffer overflow occurs in the function\n LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as\n demonstrated by tiff2ps.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n4.0.3-12.3+deb8u6.\n\nWe recommend that you upgrade your tiff packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-02T14:49:43", "type": "debian", "title": "[SECURITY] [DLA 1411-1] tiff security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11613", "CVE-2017-13726", "CVE-2017-18013", "CVE-2018-10963", "CVE-2018-5784", "CVE-2018-7456", "CVE-2018-8905"], "modified": "2018-07-02T14:49:43", "id": "DEBIAN:DLA-1411-1:A79C4", "href": "https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-04T15:24:16", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4367-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJanuary 13, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : systemd\nCVE ID : CVE-2018-16864 CVE-2018-16865 CVE-2018-16866\nDebian Bug : 918841 918848\n\nThe Qualys Research Labs discovered multiple vulnerabilities in\nsystemd-journald. Two memory corruption flaws, via attacker-controlled\nalloca()s (CVE-2018-16864, CVE-2018-16865) and an out-of-bounds read flaw\nleading to an information leak (CVE-2018-16866), could allow an attacker to\ncause a denial of service or the execution of arbitrary code.\n\nFurther details in the Qualys Security Advisory at\nhttps://www.qualys.com/2019/01/09/system-down/system-down.txt\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 232-25+deb9u7.\n\nWe recommend that you upgrade your systemd packages.\n\nFor the detailed security status of systemd please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/systemd\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-13T21:56:20", "type": "debian", "title": "[SECURITY] [DSA 4367-1] systemd security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2019-01-13T21:56:20", "id": "DEBIAN:DSA-4367-1:BF4F4", "href": "https://lists.debian.org/debian-security-announce/2019/msg00005.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T18:23:15", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4367-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJanuary 13, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : systemd\nCVE ID : CVE-2018-16864 CVE-2018-16865 CVE-2018-16866\nDebian Bug : 918841 918848\n\nThe Qualys Research Labs discovered multiple vulnerabilities in\nsystemd-journald. Two memory corruption flaws, via attacker-controlled\nalloca()s (CVE-2018-16864, CVE-2018-16865) and an out-of-bounds read flaw\nleading to an information leak (CVE-2018-16866), could allow an attacker to\ncause a denial of service or the execution of arbitrary code.\n\nFurther details in the Qualys Security Advisory at\nhttps://www.qualys.com/2019/01/09/system-down/system-down.txt\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 232-25+deb9u7.\n\nWe recommend that you upgrade your systemd packages.\n\nFor the detailed security status of systemd please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/systemd\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-01-13T21:56:20", "type": "debian", "title": "[SECURITY] [DSA 4367-1] systemd security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2019-01-13T21:56:20", "id": "DEBIAN:DSA-4367-1:3D2E5", "href": "https://lists.debian.org/debian-security-announce/2019/msg00005.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-06T16:01:46", "description": "Package : tiff\nVersion : 4.0.2-6+deb7u21\nCVE ID : CVE-2017-11613 CVE-2018-5784\nDebian Bug : #869823 #890441\n\nMultiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service:\n\nCVE-2017-11613\n\n Ddenial of service vulnerability in the TIFFOpen function. A crafted\n input will lead to a denial of service attack and can either make the\n system hand or trigger the OOM killer.\n\nCVE-2018-5784\n\n There is an uncontrolled resource consumption in TIFFSetDirectory function\n of src/libtiff/tif_dir.c, which can cause denial of service through a\n crafted tif file.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n4.0.2-6+deb7u21.\n\nWe recommend that you upgrade your tiff packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\n-- \ncheers,\n\tHolger\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-05-31T23:22:40", "type": "debian", "title": "[SECURITY] [DLA 1391-1] tiff security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11613", "CVE-2018-5784"], "modified": "2018-05-31T23:22:40", "id": "DEBIAN:DLA-1391-1:510FC", "href": "https://lists.debian.org/debian-lts-announce/2018/05/msg00022.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-01T15:41:23", "description": "Package : systemd\nVersion : 215-17+deb8u9\nCVE ID : CVE-2018-16864 CVE-2018-16865\nDebian Bug : 918841 918848\n\nMultiple vulnerabilities were found in the journald component of\nsystemd which can lead to a crash or code execution.\n\nCVE-2018-16864\n\n An allocation of memory without limits, that could result in the\n stack clashing with another memory region, was discovered in\n systemd-journald when many entries are sent to the journal\n socket. A local attacker, or a remote one if\n systemd-journal-remote is used, may use this flaw to crash\n systemd-journald or execute code with journald privileges.\n\nCVE-2018-16865\n\n An allocation of memory without limits, that could result in the\n stack clashing with another memory region, was discovered in\n systemd-journald when a program with long command line arguments\n calls syslog. A local attacker may use this flaw to crash\n systemd-journald or escalate his privileges. Versions through v240\n are vulnerable.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n215-17+deb8u9.\n\nWe recommend that you upgrade your systemd packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-01-23T04:26:20", "type": "debian", "title": "[SECURITY] [DLA 1639-1] systemd security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865"], "modified": "2019-01-23T04:26:20", "id": "DEBIAN:DLA-1639-1:E2273", "href": "https://lists.debian.org/debian-lts-announce/2019/01/msg00016.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T13:50:22", "description": "Package : tiff\nVersion : 4.0.2-6+deb7u21\nCVE ID : CVE-2017-11613 CVE-2018-5784\nDebian Bug : #869823 #890441\n\nMultiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service:\n\nCVE-2017-11613\n\n Ddenial of service vulnerability in the TIFFOpen function. A crafted\n input will lead to a denial of service attack and can either make the\n system hand or trigger the OOM killer.\n\nCVE-2018-5784\n\n There is an uncontrolled resource consumption in TIFFSetDirectory function\n of src/libtiff/tif_dir.c, which can cause denial of service through a\n crafted tif file.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n4.0.2-6+deb7u21.\n\nWe recommend that you upgrade your tiff packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\n-- \ncheers,\n\tHolger\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-05-31T23:22:40", "type": "debian", "title": "[SECURITY] [DLA 1391-1] tiff security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11613", "CVE-2018-5784"], "modified": "2018-05-31T23:22:40", "id": "DEBIAN:DLA-1391-1:9EF01", "href": "https://lists.debian.org/debian-lts-announce/2018/05/msg00022.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-04T15:24:26", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4359-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nDecember 27, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wireshark\nCVE ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226\n CVE-2018-18227 CVE-2018-19622 CVE-2018-19623\n\t\t CVE-2018-19624 CVE-2018-19625 CVE-2018-19626\n\t\t CVE-2018-19627 CVE-2018-19628\n\nMultiple vulnerabilities have been discovered in Wireshark, a network\nprotocol analyzer, which could result in denial of service or the\nexecution of arbitrary code.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.6.5-1~deb9u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nFor the detailed security status of wireshark please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/wireshark\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-27T14:56:59", "type": "debian", "title": "[SECURITY] [DSA 4359-1] wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12086", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2018-12-27T14:56:59", "id": "DEBIAN:DSA-4359-1:68CD3", "href": "https://lists.debian.org/debian-security-announce/2018/msg00292.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-31T20:07:11", "description": "Package : openssl\nVersion : 1.0.1t-1+deb8u10\nCVE ID : CVE-2018-0735 CVE-2018-5407\n\n\nCVE-2018-0735\n Samuel Weiser reported a timing vulnerability in the OpenSSL ECDSA\n signature generation, which might leak information to recover the\n private key.\n\nCVE-2018-5407\n Alejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar\n Pereida Garcia and Nicola Tuveri reported a vulnerability to a\n timing side channel attack, which might be used to recover the\n private key.\n\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n1.0.1t-1+deb8u10.\n\nWe recommend that you upgrade your openssl packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-21T21:43:46", "type": "debian", "title": "[SECURITY] [DLA 1586-1] openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0735", "CVE-2018-5407"], "modified": "2018-11-21T21:43:46", "id": "DEBIAN:DLA-1586-1:00096", "href": "https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2023-05-20T14:42:09", "description": "Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code if malformed image files are processed.", "cvss3": {}, "published": "2018-12-01T00:00:00", "type": "nessus", "title": "Debian DSA-4349-1 : tiff - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11613", "CVE-2017-17095", "CVE-2018-10963", "CVE-2018-15209", "CVE-2018-16335", "CVE-2018-17101", "CVE-2018-18557", "CVE-2018-5784", "CVE-2018-7456", "CVE-2018-8905"], "modified": "2019-04-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tiff", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4349.NASL", "href": "https://www.tenable.com/plugins/nessus/119314", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4349. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119314);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/04/05 23:25:05\");\n\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-17095\", \"CVE-2018-10963\", \"CVE-2018-15209\", \"CVE-2018-16335\", \"CVE-2018-17101\", \"CVE-2018-18557\", \"CVE-2018-5784\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n script_xref(name:\"DSA\", value:\"4349\");\n\n script_name(english:\"Debian DSA-4349-1 : tiff - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in the libtiff library\nand the included tools, which may result in denial of service or the\nexecution of arbitrary code if malformed image files are processed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/tiff\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/tiff\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4349\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tiff packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 4.0.8-2+deb9u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libtiff-doc\", reference:\"4.0.8-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libtiff-opengl\", reference:\"4.0.8-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libtiff-tools\", reference:\"4.0.8-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libtiff5\", reference:\"4.0.8-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libtiff5-dev\", reference:\"4.0.8-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libtiffxx5\", reference:\"4.0.8-2+deb9u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:30", "description": "The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by multiple vulnerabilities. All of which allow a denial-of-service attack and one allowing privilege escalation as well as information disclosure.\nPlease refer to the vendor advisory for mitigating factors.", "cvss3": {}, "published": "2018-11-26T00:00:00", "type": "nessus", "title": "Citrix XenServer Multiple Vulnerabilities (CTX239432)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19967"], "modified": "2019-11-01T00:00:00", "cpe": ["cpe:/a:citrix:xenserver"], "id": "CITRIX_XENSERVER_CTX239432.NASL", "href": "https://www.tenable.com/plugins/nessus/119148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119148);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-19961\",\n \"CVE-2018-19962\",\n \"CVE-2018-19965\",\n \"CVE-2018-19967\"\n );\n script_bugtraq_id(105985, 106182);\n script_xref(name:\"IAVA\", value:\"2018-A-0381\");\n\n script_name(english:\"Citrix XenServer Multiple Vulnerabilities (CTX239432)\");\n script_summary(english:\"Checks for patches.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A server virtualization platform installed on the remote host is\nmissing a security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Citrix XenServer running on the remote host is missing\na security hotfix. It is, therefore, affected by multiple\nvulnerabilities. All of which allow a denial-of-service attack and one\nallowing privilege escalation as well as information disclosure.\nPlease refer to the vendor advisory for mitigating factors.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.citrix.com/article/CTX239432\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate hotfix according to the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19961\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:citrix:xenserver\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"citrix_xenserver_version.nbin\");\n script_require_keys(\"Host/XenServer/version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\napp_info = vcf::xenserver::get_app_info();\n\nconstraints = [\n { \"equal\" : \"7.0\", \"patches\" : # XenServer 7.0\n [\"XS70E064\"] }, # CTX239434\n { \"equal\" : \"7.1.1\", \"patches\" : # XenServer 7.1 LTSR CU1\n [\"XS71ECU1032\"] }, # CTX239435\n { \"equal\" : \"7.5\", \"patches\" : # XenServer 7.5\n [\"XS75E007\"] }, # CTX239436\n { \"equal\" : \"7.6\", \"patches\" : # XenServer 7.6\n [\"XS76E002\"] } # CTX239437\n];\n\nvcf::xenserver::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:26:59", "description": "Multiple vulnerabilities have been discovered in the Xen hypervisor :\n\n - CVE-2018-19961 / CVE-2018-19962 Paul Durrant discovered that incorrect TLB handling could result in denial of service, privilege escalation or information leaks.\n\n - CVE-2018-19965 Matthew Daley discovered that incorrect handling of the INVPCID instruction could result in denial of service by PV guests.\n\n - CVE-2018-19966 It was discovered that a regression in the fix to address CVE-2017-15595 could result in denial of service, privilege escalation or information leaks by a PV guest.\n\n - CVE-2018-19967 It was discovered that an error in some Intel CPUs could result in denial of service by a guest instance.", "cvss3": {}, "published": "2019-01-15T00:00:00", "type": "nessus", "title": "Debian DSA-4369-1 : xen - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15595", "CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19966", "CVE-2018-19967"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:xen", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4369.NASL", "href": "https://www.tenable.com/plugins/nessus/121168", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4369. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121168);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19965\", \"CVE-2018-19966\", \"CVE-2018-19967\");\n script_xref(name:\"DSA\", value:\"4369\");\n\n script_name(english:\"Debian DSA-4369-1 : xen - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in the Xen hypervisor :\n\n - CVE-2018-19961 / CVE-2018-19962\n Paul Durrant discovered that incorrect TLB handling\n could result in denial of service, privilege escalation\n or information leaks.\n\n - CVE-2018-19965\n Matthew Daley discovered that incorrect handling of the\n INVPCID instruction could result in denial of service by\n PV guests.\n\n - CVE-2018-19966\n It was discovered that a regression in the fix to\n address CVE-2017-15595 could result in denial of\n service, privilege escalation or information leaks by a\n PV guest.\n\n - CVE-2018-19967\n It was discovered that an error in some Intel CPUs could\n result in denial of service by a guest instance.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-19961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-19962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-19965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-19966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-15595\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-19967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/xen\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/xen\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4369\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the xen packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 4.8.5+shim4.10.2+xsa282-1+deb9u11.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libxen-4.8\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libxen-dev\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libxenstore3.0\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-hypervisor-4.8-amd64\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-hypervisor-4.8-arm64\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-hypervisor-4.8-armhf\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-system-amd64\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-system-arm64\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-system-armhf\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-utils-4.8\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-utils-common\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xenstore-utils\", reference:\"4.8.5+shim4.10.2+xsa282-1+deb9u11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:44", "description": "Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.", "cvss3": {}, "published": "2018-12-01T00:00:00", "type": "nessus", "title": "Debian DSA-4348-1 : openssl - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-0737", "CVE-2018-5407"], "modified": "2020-06-18T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4348.NASL", "href": "https://www.tenable.com/plugins/nessus/119313", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4348. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119313);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/18\");\n\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_xref(name:\"DSA\", value:\"4348\");\n\n script_name(english:\"Debian DSA-4348-1 : openssl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4348\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 1.1.0j-1~deb9u1. Going forward, openssl security updates\nfor stretch will be based on the 1.1.0x upstream releases.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0737\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libcrypto1.1-udeb\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl-dev\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl-doc\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.1\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.1-udeb\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openssl\", reference:\"1.1.0j-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:09:12", "description": "xen: various flaws (#1685577) grant table transfer issues on large hosts [XSA-284] race with pass-through device hotplug [XSA-285] x86:\nsteal_page violates page_struct access discipline [XSA-287] x86:\nInconsistent PV IOMMU discipline [XSA-288] missing preemption in x86 PV page table unvalidation [XSA-290] x86/PV: page type reference counting issue with failed IOMMU update [XSA-291] x86: insufficient TLB flushing when using PCID [XSA-292] x86: PV kernel context switch corruption [XSA-293] x86 shadow: Insufficient TLB flushing when using PCID [XSA-294]\n\n----\n\nupdate to xen-4.10.3\n\n----\n\n - insufficient TLB flushing / improper large page mappings with AMD IOMMUs [XSA-275] (#1651665)\n\n - x86: DoS from attempting to use INVPCID with a non-canonical addresses [XSA-279]\n\n - Fix for XSA-240 conflicts with shadow paging [XSA-280]\n\n----\n\nguest use of HLE constructs may lock up host [XSA-282]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-03-25T00:00:00", "type": "nessus", "title": "Fedora 28 : xen (2019-bce6498890)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19963", "CVE-2018-19965", "CVE-2018-19966"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:xen", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-BCE6498890.NASL", "href": "https://www.tenable.com/plugins/nessus/123046", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-bce6498890.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123046);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19963\", \"CVE-2018-19965\", \"CVE-2018-19966\");\n script_xref(name:\"FEDORA\", value:\"2019-bce6498890\");\n\n script_name(english:\"Fedora 28 : xen (2019-bce6498890)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"xen: various flaws (#1685577) grant table transfer issues on large\nhosts [XSA-284] race with pass-through device hotplug [XSA-285] x86:\nsteal_page violates page_struct access discipline [XSA-287] x86:\nInconsistent PV IOMMU discipline [XSA-288] missing preemption in x86\nPV page table unvalidation [XSA-290] x86/PV: page type reference\ncounting issue with failed IOMMU update [XSA-291] x86: insufficient\nTLB flushing when using PCID [XSA-292] x86: PV kernel context switch\ncorruption [XSA-293] x86 shadow: Insufficient TLB flushing when using\nPCID [XSA-294]\n\n----\n\nupdate to xen-4.10.3\n\n----\n\n - insufficient TLB flushing / improper large page mappings\n with AMD IOMMUs [XSA-275] (#1651665)\n\n - x86: DoS from attempting to use INVPCID with a\n non-canonical addresses [XSA-279]\n\n - Fix for XSA-240 conflicts with shadow paging [XSA-280]\n\n----\n\nguest use of HLE constructs may lock up host [XSA-282]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-bce6498890\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"xen-4.10.3-2.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:11", "description": "Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, informations leaks or privilege escalation. For Debian 8 'Jessie', these problems have been fixed in version 4.4.4lts5-0+deb8u1.\n\nWe recommend that you upgrade your xen packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-09T00:00:00", "type": "nessus", "title": "Debian DLA-1949-1 : xen security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19966"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxen-4.4", "p-cpe:/a:debian:debian_linux:libxen-dev", "p-cpe:/a:debian:debian_linux:libxenstore3.0", "p-cpe:/a:debian:debian_linux:xen-hypervisor-4.4-amd64", "p-cpe:/a:debian:debian_linux:xen-hypervisor-4.4-arm64", "p-cpe:/a:debian:debian_linux:xen-hypervisor-4.4-armhf", "p-cpe:/a:debian:debian_linux:xen-system-amd64", "p-cpe:/a:debian:debian_linux:xen-system-arm64", "p-cpe:/a:debian:debian_linux:xen-system-armhf", "p-cpe:/a:debian:debian_linux:xen-utils-4.4", "p-cpe:/a:debian:debian_linux:xen-utils-common", "p-cpe:/a:debian:debian_linux:xenstore-utils", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1949.NASL", "href": "https://www.tenable.com/plugins/nessus/129734", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1949-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129734);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19966\");\n\n script_name(english:\"Debian DLA-1949-1 : xen security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in the Xen hypervisor,\nwhich could result in denial of service, informations leaks or\nprivilege escalation. For Debian 8 'Jessie', these problems have been\nfixed in version 4.4.4lts5-0+deb8u1.\n\nWe recommend that you upgrade your xen packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/xen\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxen-4.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxen-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxenstore3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-hypervisor-4.4-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-hypervisor-4.4-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-hypervisor-4.4-armhf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-system-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-system-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-system-armhf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-utils-4.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-utils-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xenstore-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libxen-4.4\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxen-dev\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxenstore3.0\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-hypervisor-4.4-amd64\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-hypervisor-4.4-arm64\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-hypervisor-4.4-armhf\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-system-amd64\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-system-arm64\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-system-armhf\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-utils-4.4\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-utils-common\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xenstore-utils\", reference:\"4.4.4lts5-0+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:27:41", "description": "According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 7.1.4. It is, therefore, affected by multiple vulnerabilities:\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's key handling during a TLS handshake that causes a denial of service vulnerability due to key handling during a TLS handshake. (CVE-2018-0732)\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's DSA signature algorithm that renders it vulnerable to a timing side channel attack.\n An attacker could leverage this vulnerability to recover the private key. (CVE-2018-0734)\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's RSA Key generation algorithm that allows a cache timing side channel attack to recover the private key. (CVE-2018-0737)\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's Simultaneous Multithreading (SMT) architectures which render it vulnerable to side-channel leakage. This issue is known as 'PortSmash'. An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407)", "cvss3": {}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "Tenable Nessus < 7.1.4 Multiple Vulnerabilities (TNS-2018-17)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0737", "CVE-2018-5407"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/a:tenable:nessus"], "id": "NESSUS_TNS_2018_17.NASL", "href": "https://www.tenable.com/plugins/nessus/120198", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120198);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2018-0732\",\n \"CVE-2018-0734\",\n \"CVE-2018-0737\",\n \"CVE-2018-5407\"\n );\n\n script_name(english:\"Tenable Nessus < 7.1.4 Multiple Vulnerabilities (TNS-2018-17)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Tenable Nessus running on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Tenable Nessus application\nrunning on the remote host is prior to 7.1.4. It is, therefore,\naffected by multiple vulnerabilities:\n\n - Tenable Nessus contains a flaw in the bundled third-party\n component OpenSSL library's key handling during a TLS \n handshake that causes a denial of service vulnerability \n due to key handling during a TLS handshake. \n (CVE-2018-0732)\n\n - Tenable Nessus contains a flaw in the bundled third-party\n component OpenSSL library's DSA signature algorithm that\n renders it vulnerable to a timing side channel attack.\n An attacker could leverage this vulnerability to recover\n the private key. (CVE-2018-0734)\n\n - Tenable Nessus contains a flaw in the bundled third-party\n component OpenSSL library's RSA Key generation algorithm \n that allows a cache timing side channel attack to recover \n the private key. (CVE-2018-0737)\n\n - Tenable Nessus contains a flaw in the bundled third-party\n component OpenSSL library's Simultaneous Multithreading \n (SMT) architectures which render it vulnerable to \n side-channel leakage. This issue is known as 'PortSmash'. \n An attacker could possibly use this issue to perform a \n timing side-channel attack and recover private keys. \n (CVE-2018-5407)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2018-17\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable Nessus version 7.1.4 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0737\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nessus\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nessus_detect.nasl\", \"nessus_installed_win.nbin\", \"nessus_installed_linux.nbin\", \"macos_nessus_installed.nbin\"); \t\t\t\t \n script_require_keys(\"installed_sw/Tenable Nessus\");\n\n exit(0);\n}\n\ninclude('vcf_extras.inc');\n\nvar app_info, constraints;\n\napp_info = vcf::combined_get_app_info(app:'Tenable Nessus');\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { \"max_version\" : \"7.1.3\", \"fixed_version\" : \"7.1.4\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:17:29", "description": "Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.", "cvss3": {}, "published": "2018-12-20T00:00:00", "type": "nessus", "title": "Debian DSA-4355-1 : openssl1.0 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0737", "CVE-2018-5407"], "modified": "2020-03-27T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl1.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4355.NASL", "href": "https://www.tenable.com/plugins/nessus/119792", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4355. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119792);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/27\");\n\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0734\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_xref(name:\"DSA\", value:\"4355\");\n\n script_name(english:\"Debian DSA-4355-1 : openssl1.0 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openssl1.0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openssl1.0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4355\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl1.0 packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 1.0.2q-1~deb9u1. Going forward, openssl1.0 security updates\nfor stretch will be based on the 1.0.2x upstream releases.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0737\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl1.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.0-dev\", reference:\"1.0.2q-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.0.2\", reference:\"1.0.2q-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:23", "description": "This update for tiff fixes the following security issues :\n\nThese security issues were fixed :\n\n - CVE-2017-18013: Fixed a NULL pointer dereference in the tif_print.cTIFFPrintDirectory function that could have lead to denial of service (bsc#1074317).\n\n - CVE-2018-10963: Fixed an assertion failure in the TIFFWriteDirectorySec() function in tif_dirwrite.c, which allowed remote attackers to cause a denial of service via a crafted file (bsc#1092949).\n\n - CVE-2018-7456: Prevent a NULL pointer dereference in the function TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013 (bsc#1082825).\n\n - CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the\n _TIFFCheckMalloc function is called based on td_imagelength. If the value of td_imagelength is set close to the amount of system memory, it will hang the system or trigger the OOM killer (bsc#1082332).\n\n - CVE-2018-8905: Prevent heap-based buffer overflow in the function LZWDecodeCompat via a crafted TIFF file (bsc#1086408).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2018-07-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : tiff (openSUSE-2018-728)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11613", "CVE-2017-18013", "CVE-2018-10963", "CVE-2018-7456", "CVE-2018-8905"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libtiff-devel", "p-cpe:/a:novell:opensuse:libtiff-devel-32bit", "p-cpe:/a:novell:opensuse:libtiff5", "p-cpe:/a:novell:opensuse:libtiff5-32bit", "p-cpe:/a:novell:opensuse:libtiff5-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libtiff5-debuginfo", "p-cpe:/a:novell:opensuse:tiff", "p-cpe:/a:novell:opensuse:tiff-debuginfo", "p-cpe:/a:novell:opensuse:tiff-debugsource", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-728.NASL", "href": "https://www.tenable.com/plugins/nessus/111099", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-728.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111099);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-18013\", \"CVE-2018-10963\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n\n script_name(english:\"openSUSE Security Update : tiff (openSUSE-2018-728)\");\n script_summary(english:\"Check for the openSUSE-2018-728 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tiff fixes the following security issues :\n\nThese security issues were fixed :\n\n - CVE-2017-18013: Fixed a NULL pointer dereference in the\n tif_print.cTIFFPrintDirectory function that could have\n lead to denial of service (bsc#1074317).\n\n - CVE-2018-10963: Fixed an assertion failure in the\n TIFFWriteDirectorySec() function in tif_dirwrite.c,\n which allowed remote attackers to cause a denial of\n service via a crafted file (bsc#1092949).\n\n - CVE-2018-7456: Prevent a NULL pointer dereference in the\n function TIFFPrintDirectory when using the tiffinfo tool\n to print crafted TIFF information, a different\n vulnerability than CVE-2017-18013 (bsc#1082825).\n\n - CVE-2017-11613: Prevent denial of service in the\n TIFFOpen function. During the TIFFOpen process,\n td_imagelength is not checked. The value of\n td_imagelength can be directly controlled by an input\n file. In the ChopUpSingleUncompressedStrip function, the\n _TIFFCheckMalloc function is called based on\n td_imagelength. If the value of td_imagelength is set\n close to the amount of system memory, it will hang the\n system or trigger the OOM killer (bsc#1082332).\n\n - CVE-2018-8905: Prevent heap-based buffer overflow in the\n function LZWDecodeCompat via a crafted TIFF file\n (bsc#1086408).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1092949\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff-devel-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff5-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff5-debuginfo-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-debuginfo-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-debugsource-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff-devel-32bit-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-debuginfo-4.0.9-lp150.4.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff-devel / libtiff5 / libtiff5-debuginfo / tiff / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:18:59", "description": "According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.(CVE-2018-5784)\n\n - newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.(CVE-2018-16335)\n\n - ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.(CVE-2018-15209)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-09-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : libtiff (EulerOS-SA-2020-1924)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15209", "CVE-2018-16335", "CVE-2018-5784"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "p-cpe:/a:huawei:euleros:libtiff-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1924.NASL", "href": "https://www.tenable.com/plugins/nessus/140145", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140145);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-15209\",\n \"CVE-2018-16335\",\n \"CVE-2018-5784\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : libtiff (EulerOS-SA-2020-1924)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In LibTIFF 4.0.9, there is an uncontrolled resource\n consumption in the TIFFSetDirectory function of\n tif_dir.c. Remote attackers could leverage this\n vulnerability to cause a denial of service via a\n crafted tif file. This occurs because the declared\n number of directory entries is not validated against\n the actual number of directory entries.(CVE-2018-5784)\n\n - newoffsets handling in ChopUpSingleUncompressedStrip in\n tif_dirread.c in LibTIFF 4.0.9 allows remote attackers\n to cause a denial of service (heap-based buffer\n overflow and application crash) or possibly have\n unspecified other impact via a crafted TIFF file, as\n demonstrated by tiff2pdf. This is a different\n vulnerability than CVE-2018-15209.(CVE-2018-16335)\n\n - ChopUpSingleUncompressedStrip in tif_dirread.c in\n LibTIFF 4.0.9 allows remote attackers to cause a denial\n of service (heap-based buffer overflow and application\n crash) or possibly have unspecified other impact via a\n crafted TIFF file, as demonstrated by\n tiff2pdf.(CVE-2018-15209)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1924\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?16a402da\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libtiff-4.0.3-27.h24.eulerosv2r7\",\n \"libtiff-devel-4.0.3-27.h24.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:09", "description": "This update for tiff fixes the following security issues: These security issues were fixed :\n\n - CVE-2017-18013: Fixed a NULL pointer dereference in the tif_print.cTIFFPrintDirectory function that could have lead to denial of service (bsc#1074317).\n\n - CVE-2018-10963: Fixed an assertion failure in the TIFFWriteDirectorySec() function in tif_dirwrite.c, which allowed remote attackers to cause a denial of service via a crafted file (bsc#1092949).\n\n - CVE-2018-7456: Prevent a NULL pointer dereference in the function TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013 (bsc#1082825).\n\n - CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the\n _TIFFCheckMalloc function is called based on td_imagelength. If the value of td_imagelength is set close to the amount of system memory, it will hang the system or trigger the OOM killer (bsc#1082332).\n\n - CVE-2018-8905: Prevent heap-based buffer overflow in the function LZWDecodeCompat via a crafted TIFF file (bsc#1086408).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : tiff (SUSE-SU-2018:1889-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11613", "CVE-2017-18013", "CVE-2018-10963", "CVE-2018-7456", "CVE-2018-8905"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libtiff-devel", "p-cpe:/a:novell:suse_linux:libtiff5", "p-cpe:/a:novell:suse_linux:libtiff5-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libtiff5-debuginfo", "p-cpe:/a:novell:suse_linux:tiff-debuginfo", "p-cpe:/a:novell:suse_linux:tiff-debugsource", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-1889-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120035", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1889-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120035);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-18013\", \"CVE-2018-10963\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : tiff (SUSE-SU-2018:1889-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for tiff fixes the following security issues: These\nsecurity issues were fixed :\n\n - CVE-2017-18013: Fixed a NULL pointer dereference in the\n tif_print.cTIFFPrintDirectory function that could have\n lead to denial of service (bsc#1074317).\n\n - CVE-2018-10963: Fixed an assertion failure in the\n TIFFWriteDirectorySec() function in tif_dirwrite.c,\n which allowed remote attackers to cause a denial of\n service via a crafted file (bsc#1092949).\n\n - CVE-2018-7456: Prevent a NULL pointer dereference in the\n function TIFFPrintDirectory when using the tiffinfo tool\n to print crafted TIFF information, a different\n vulnerability than CVE-2017-18013 (bsc#1082825).\n\n - CVE-2017-11613: Prevent denial of service in the\n TIFFOpen function. During the TIFFOpen process,\n td_imagelength is not checked. The value of\n td_imagelength can be directly controlled by an input\n file. In the ChopUpSingleUncompressedStrip function, the\n _TIFFCheckMalloc function is called based on\n td_imagelength. If the value of td_imagelength is set\n close to the amount of system memory, it will hang the\n system or trigger the OOM killer (bsc#1082332).\n\n - CVE-2018-8905: Prevent heap-based buffer overflow in the\n function LZWDecodeCompat via a crafted TIFF file\n (bsc#1086408).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1092949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11613/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-18013/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10963/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7456/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8905/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181889-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?08282f1f\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2018-1279=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-1279=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-debuginfo-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtiff-devel-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtiff5-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtiff5-debuginfo-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"tiff-debuginfo-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"tiff-debugsource-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-debuginfo-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtiff-devel-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtiff5-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtiff5-debuginfo-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"tiff-debuginfo-4.0.9-5.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"tiff-debugsource-4.0.9-5.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:01", "description": "According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.(CVE-2018-5784)\n\n - newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.(CVE-2018-16335)\n\n - ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.(CVE-2018-15209)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-11-06T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : libtiff (EulerOS-SA-2020-2448)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15209", "CVE-2018-16335", "CVE-2018-5784"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "p-cpe:/a:huawei:euleros:libtiff-devel", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2020-2448.NASL", "href": "https://www.tenable.com/plugins/nessus/142585", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142585);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-15209\",\n \"CVE-2018-16335\",\n \"CVE-2018-5784\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : libtiff (EulerOS-SA-2020-2448)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In LibTIFF 4.0.9, there is an uncontrolled resource\n consumption in the TIFFSetDirectory function of\n tif_dir.c. Remote attackers could leverage this\n vulnerability to cause a denial of service via a\n crafted tif file. This occurs because the declared\n number of directory entries is not validated against\n the actual number of directory entries.(CVE-2018-5784)\n\n - newoffsets handling in ChopUpSingleUncompressedStrip in\n tif_dirread.c in LibTIFF 4.0.9 allows remote attackers\n to cause a denial of service (heap-based buffer\n overflow and application crash) or possibly have\n unspecified other impact via a crafted TIFF file, as\n demonstrated by tiff2pdf. This is a different\n vulnerability than CVE-2018-15209.(CVE-2018-16335)\n\n - ChopUpSingleUncompressedStrip in tif_dirread.c in\n LibTIFF 4.0.9 allows remote attackers to cause a denial\n of service (heap-based buffer overflow and application\n crash) or possibly have unspecified other impact via a\n crafted TIFF file, as demonstrated by\n tiff2pdf.(CVE-2018-15209)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2448\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8c4a5c8f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libtiff-4.0.3-27.h24.eulerosv2r7\",\n \"libtiff-devel-4.0.3-27.h24.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:07:44", "description": "According to the versions of the libtiff package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.(CVE-2018-15209)\n\n - newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.(CVE-2018-16335)\n\n - In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.(CVE-2018-5784)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-09-08T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : libtiff (EulerOS-SA-2020-1963)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15209", "CVE-2018-16335", "CVE-2018-5784"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1963.NASL", "href": "https://www.tenable.com/plugins/nessus/140333", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140333);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-15209\",\n \"CVE-2018-16335\",\n \"CVE-2018-5784\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : libtiff (EulerOS-SA-2020-1963)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - ChopUpSingleUncompressedStrip in tif_dirread.c in\n LibTIFF 4.0.9 allows remote attackers to cause a denial\n of service (heap-based buffer overflow and application\n crash) or possibly have unspecified other impact via a\n crafted TIFF file, as demonstrated by\n tiff2pdf.(CVE-2018-15209)\n\n - newoffsets handling in ChopUpSingleUncompressedStrip in\n tif_dirread.c in LibTIFF 4.0.9 allows remote attackers\n to cause a denial of service (heap-based buffer\n overflow and application crash) or possibly have\n unspecified other impact via a crafted TIFF file, as\n demonstrated by tiff2pdf. This is a different\n vulnerability than CVE-2018-15209.(CVE-2018-16335)\n\n - In LibTIFF 4.0.9, there is an uncontrolled resource\n consumption in the TIFFSetDirectory function of\n tif_dir.c. Remote attackers could leverage this\n vulnerability to cause a denial of service via a\n crafted tif file. This occurs because the declared\n number of directory entries is not validated against\n the actual number of directory entries.(CVE-2018-5784)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1963\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1aa739db\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libtiff-4.0.3-27.h24\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:14", "description": "This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\n - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)\n\n - CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\n - Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed :\n\n - core: Queue loading transient units after setting their properties. (bsc#1115518)\n\n - logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)\n\n - terminal-util: introduce vt_release() and vt_restore() helpers.\n\n - terminal: Unify code for resetting kbd utf8 mode a bit.\n\n - terminal Reset should honour default_utf8 kernel setting.\n\n - logind: Make session_restore_vt() static.\n\n - udev: Downgrade message when settting inotify watch up fails. (bsc#1005023)\n\n - log: Never log into foreign fd #2 in PID 1 or its pre-execve() children. (bsc#1114981)\n\n - udev: Ignore the exit code of systemd-detect-virt for memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state.\n The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696)\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update project.", "cvss3": {}, "published": "2019-01-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : systemd (openSUSE-2019-97)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsystemd0", "p-cpe:/a:novell:opensuse:libsystemd0-32bit", "p-cpe:/a:novell:opensuse:libsystemd0-debuginfo", "p-cpe:/a:novell:opensuse:libsystemd0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsystemd0-mini", "p-cpe:/a:novell:opensuse:libsystemd0-mini-debuginfo", "p-cpe:/a:novell:opensuse:libudev-devel", "p-cpe:/a:novell:opensuse:libudev-mini-devel", "p-cpe:/a:novell:opensuse:libudev-mini1", "p-cpe:/a:novell:opensuse:libudev-mini1-debuginfo", "p-cpe:/a:novell:opensuse:libudev1", "p-cpe:/a:novell:opensuse:libudev1-32bit", "p-cpe:/a:novell:opensuse:libudev1-debuginfo", "p-cpe:/a:novell:opensuse:libudev1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:nss-myhostname", "p-cpe:/a:novell:opensuse:nss-myhostname-32bit", "p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo", "p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo-32bit", "p-cpe:/a:novell:opensuse:nss-mymachines", "p-cpe:/a:novell:opensuse:nss-mymachines-debuginfo", "p-cpe:/a:novell:opensuse:systemd", "p-cpe:/a:novell:opensuse:systemd-32bit", "p-cpe:/a:novell:opensuse:systemd-bash-completion", "p-cpe:/a:novell:opensuse:systemd-debuginfo", "p-cpe:/a:novell:opensuse:systemd-debuginfo-32bit", "p-cpe:/a:novell:opensuse:systemd-debugsource", "p-cpe:/a:novell:opensuse:systemd-devel", "p-cpe:/a:novell:opensuse:systemd-logger", "p-cpe:/a:novell:opensuse:systemd-mini", "p-cpe:/a:novell:opensuse:systemd-mini-bash-completion", "p-cpe:/a:novell:opensuse:systemd-mini-debuginfo", "p-cpe:/a:novell:opensuse:systemd-mini-debugsource", "p-cpe:/a:novell:opensuse:systemd-mini-devel", "p-cpe:/a:novell:opensuse:systemd-mini-sysvinit", "p-cpe:/a:novell:opensuse:systemd-sysvinit", "p-cpe:/a:novell:opensuse:udev", "p-cpe:/a:novell:opensuse:udev-debuginfo", "p-cpe:/a:novell:opensuse:udev-mini", "p-cpe:/a:novell:opensuse:udev-mini-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-97.NASL", "href": "https://www.tenable.com/plugins/nessus/121463", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-97.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121463);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n\n script_name(english:\"openSUSE Security Update : systemd (openSUSE-2019-97)\");\n script_summary(english:\"Check for the openSUSE-2019-97 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\n - CVE-2018-16864, CVE-2018-16865: Fixed two memory\n corruptions through attacker-controlled alloca()s\n (bsc#1120323)\n\n - CVE-2018-16866: Fixed an information leak in journald\n (bsc#1120323)\n\n - Fixed an issue during system startup in relation to\n encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed :\n\n - core: Queue loading transient units after setting their\n properties. (bsc#1115518)\n\n - logind: Stop managing VT switches if no sessions are\n registered on that VT. (bsc#1101591)\n\n - terminal-util: introduce vt_release() and vt_restore()\n helpers.\n\n - terminal: Unify code for resetting kbd utf8 mode a bit.\n\n - terminal Reset should honour default_utf8 kernel\n setting.\n\n - logind: Make session_restore_vt() static.\n\n - udev: Downgrade message when settting inotify watch up\n fails. (bsc#1005023)\n\n - log: Never log into foreign fd #2 in PID 1 or its\n pre-execve() children. (bsc#1114981)\n\n - udev: Ignore the exit code of systemd-detect-virt for\n memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules\n has a memory hot-add rule that uses systemd-detect-virt\n to detect non-zvm environment. The systemd-detect-virt\n returns exit failure code when it detected _none_ state.\n The exit failure code causes that the hot-add memory\n block can not be set to online. (bsc#1076696)\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1076696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120323\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected systemd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-mini-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-mini-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-devel-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-mini-devel-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-mini1-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-mini1-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev1-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev1-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-myhostname-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-myhostname-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-mymachines-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-mymachines-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-bash-completion-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-debugsource-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-devel-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-logger-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-bash-completion-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-debugsource-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-devel-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-sysvinit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-sysvinit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-mini-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-mini-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libudev1-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"nss-myhostname-debuginfo-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"systemd-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"systemd-debuginfo-32bit-228-65.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsystemd0-mini / libsystemd0-mini-debuginfo / libudev-mini-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:58", "description": "According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.(CVE-2018-16335)\n\n - ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.(CVE-2018-15209)\n\n - In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.(CVE-2018-5784)\n\n - A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.)(CVE-2018-7456)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-11-03T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : libtiff (EulerOS-SA-2020-2361)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18013", "CVE-2018-15209", "CVE-2018-16335", "CVE-2018-5784", "CVE-2018-7456"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:huawei:euleros:2.0", "p-cpe:/a:huawei:euleros:libtiff", "p-cpe:/a:huawei:euleros:libtiff-devel"], "id": "EULEROS_SA-2020-2361.NASL", "href": "https://www.tenable.com/plugins/nessus/142358", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142358);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-15209\",\n \"CVE-2018-16335\",\n \"CVE-2018-5784\",\n \"CVE-2018-7456\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : libtiff (EulerOS-SA-2020-2361)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - newoffsets handling in ChopUpSingleUncompressedStrip in\n tif_dirread.c in LibTIFF 4.0.9 allows remote attackers\n to cause a denial of service (heap-based buffer\n overflow and application crash) or possibly have\n unspecified other impact via a crafted TIFF file, as\n demonstrated by tiff2pdf. This is a different\n vulnerability than CVE-2018-15209.(CVE-2018-16335)\n\n - ChopUpSingleUncompressedStrip in tif_dirread.c in\n LibTIFF 4.0.9 allows remote attackers to cause a denial\n of service (heap-based buffer overflow and application\n crash) or possibly have unspecified other impact via a\n crafted TIFF file, as demonstrated by\n tiff2pdf.(CVE-2018-15209)\n\n - In LibTIFF 4.0.9, there is an uncontrolled resource\n consumption in the TIFFSetDirectory function of\n tif_dir.c. Remote attackers could leverage this\n vulnerability to cause a denial of service via a\n crafted tif file. This occurs because the declared\n number of directory entries is not validated against\n the actual number of directory entries.(CVE-2018-5784)\n\n - A NULL Pointer Dereference occurs in the function\n TIFFPrintDirectory in tif_print.c in LibTIFF 4.0.9 when\n using the tiffinfo tool to print crafted TIFF\n information, a different vulnerability than\n CVE-2017-18013. (This affects an earlier part of the\n TIFFPrintDirectory function that was not addressed by\n the CVE-2017-18013 patch.)(CVE-2018-7456)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2361\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0214a9fa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libtiff-4.0.3-27.h19\",\n \"libtiff-devel-4.0.3-27.h19\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T14:16:37", "description": "This update for tiff fixes the following security issues :\n\nThese security issues were fixed :\n\n - CVE-2017-18013: Fixed a NULL pointer dereference in the tif_print.cTIFFPrintDirectory function that could have lead to denial of service (bsc#1074317).\n\n - CVE-2018-10963: Fixed an assertion failure in the TIFFWriteDirectorySec() function in tif_dirwrite.c, which allowed remote attackers to cause a denial of service via a crafted file (bsc#1092949).\n\n - CVE-2018-7456: Prevent a NULL pointer dereference in the function TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013 (bsc#1082825).\n\n - CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the\n _TIFFCheckMalloc function is called based on td_imagelength. If the value of td_imagelength is set close to the amount of system memory, it will hang the system or trigger the OOM killer (bsc#1082332).\n\n - CVE-2018-8905: Prevent heap-based buffer overflow in the function LZWDecodeCompat via a crafted TIFF file (bsc#1086408).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : tiff (openSUSE-2019-508)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11613", "CVE-2017-18013", "CVE-2018-10963", "CVE-2018-7456", "CVE-2018-8905"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libtiff-devel", "p-cpe:/a:novell:opensuse:libtiff-devel-32bit", "p-cpe:/a:novell:opensuse:libtiff5", "p-cpe:/a:novell:opensuse:libtiff5-32bit", "p-cpe:/a:novell:opensuse:libtiff5-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libtiff5-debuginfo", "p-cpe:/a:novell:opensuse:tiff", "p-cpe:/a:novell:opensuse:tiff-debuginfo", "p-cpe:/a:novell:opensuse:tiff-debugsource", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-508.NASL", "href": "https://www.tenable.com/plugins/nessus/123213", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-508.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123213);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-18013\", \"CVE-2018-10963\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n\n script_name(english:\"openSUSE Security Update : tiff (openSUSE-2019-508)\");\n script_summary(english:\"Check for the openSUSE-2019-508 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tiff fixes the following security issues :\n\nThese security issues were fixed :\n\n - CVE-2017-18013: Fixed a NULL pointer dereference in the\n tif_print.cTIFFPrintDirectory function that could have\n lead to denial of service (bsc#1074317).\n\n - CVE-2018-10963: Fixed an assertion failure in the\n TIFFWriteDirectorySec() function in tif_dirwrite.c,\n which allowed remote attackers to cause a denial of\n service via a crafted file (bsc#1092949).\n\n - CVE-2018-7456: Prevent a NULL pointer dereference in the\n function TIFFPrintDirectory when using the tiffinfo tool\n to print crafted TIFF information, a different\n vulnerability than CVE-2017-18013 (bsc#1082825).\n\n - CVE-2017-11613: Prevent denial of service in the\n TIFFOpen function. During the TIFFOpen process,\n td_imagelength is not checked. The value of\n td_imagelength can be directly controlled by an input\n file. In the ChopUpSingleUncompressedStrip function, the\n _TIFFCheckMalloc function is called based on\n td_imagelength. If the value of td_imagelength is set\n close to the amount of system memory, it will hang the\n system or trigger the OOM killer (bsc#1082332).\n\n - CVE-2018-8905: Prevent heap-based buffer overflow in the\n function LZWDecodeCompat via a crafted TIFF file\n (bsc#1086408).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1092949\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff-devel-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff5-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff5-debuginfo-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-debuginfo-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-debugsource-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff-devel-32bit-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.9-lp150.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-debuginfo-4.0.9-lp150.4.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff-devel-32bit / libtiff-devel / libtiff5-32bit / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:39:24", "description": "Several issues were discovered in TIFF, the Tag Image File Format library, that allowed remote attackers to cause a denial of service or other unspecified impact via a crafted image file.\n\nCVE-2017-11613: DoS vulnerability A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the\n_TIFFCheckMalloc function is called based on td_imagelength. If the value of td_imagelength is set close to the amount of system memory, it will hang the system or trigger the OOM killer.\n\nCVE-2018-10963: DoS vulnerability The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.\n\nCVE-2018-5784: DoS vulnerability In LibTIFF, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c.\nRemote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.\n\nCVE-2018-7456: NULL pointer Dereference A NULL pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.)\n\nCVE-2018-8905: Heap-based buffer overflow In LibTIFF, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 4.0.3-12.3+deb8u6.\n\nWe recommend that you upgrade your tiff packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-07-03T00:00:00", "type": "nessus", "title": "Debian DLA-1411-1 : tiff security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11613", "CVE-2017-13726", "CVE-2017-18013", "CVE-2018-10963", "CVE-2018-5784", "CVE-2018-7456", "CVE-2018-8905"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libtiff-doc", "p-cpe:/a:debian:debian_linux:libtiff-opengl", "p-cpe:/a:debian:debian_linux:libtiff-tools", "p-cpe:/a:debian:debian_linux:libtiff5", "p-cpe:/a:debian:debian_linux:libtiff5-dev", "p-cpe:/a:debian:debian_linux:libtiffxx5", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1411.NASL", "href": "https://www.tenable.com/plugins/nessus/110840", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1411-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110840);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-11613\", \"CVE-2018-10963\", \"CVE-2018-5784\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n\n script_name(english:\"Debian DLA-1411-1 : tiff security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several issues were discovered in TIFF, the Tag Image File Format\nlibrary, that allowed remote attackers to cause a denial of service or\nother unspecified impact via a crafted image file.\n\nCVE-2017-11613: DoS vulnerability A crafted input will lead to a\ndenial of service attack. During the TIFFOpen process, td_imagelength\nis not checked. The value of td_imagelength can be directly controlled\nby an input file. In the ChopUpSingleUncompressedStrip function, the\n_TIFFCheckMalloc function is called based on td_imagelength. If the\nvalue of td_imagelength is set close to the amount of system memory,\nit will hang the system or trigger the OOM killer.\n\nCVE-2018-10963: DoS vulnerability The TIFFWriteDirectorySec() function\nin tif_dirwrite.c in LibTIFF allows remote attackers to cause a denial\nof service (assertion failure and application crash) via a crafted\nfile, a different vulnerability than CVE-2017-13726.\n\nCVE-2018-5784: DoS vulnerability In LibTIFF, there is an uncontrolled\nresource consumption in the TIFFSetDirectory function of tif_dir.c.\nRemote attackers could leverage this vulnerability to cause a denial\nof service via a crafted tif file. This occurs because the declared\nnumber of directory entries is not validated against the actual number\nof directory entries.\n\nCVE-2018-7456: NULL pointer Dereference A NULL pointer Dereference\noccurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF\nwhen using the tiffinfo tool to print crafted TIFF information, a\ndifferent vulnerability than CVE-2017-18013. (This affects an earlier\npart of the TIFFPrintDirectory function that was not addressed by the\nCVE-2017-18013 patch.)\n\nCVE-2018-8905: Heap-based buffer overflow In LibTIFF, a heap-based\nbuffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c\nvia a crafted TIFF file, as demonstrated by tiff2ps.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n4.0.3-12.3+deb8u6.\n\nWe recommend that you upgrade your tiff packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tiff\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiffxx5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libtiff-doc\", reference:\"4.0.3-12.3+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff-opengl\", reference:\"4.0.3-12.3+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff-tools\", reference:\"4.0.3-12.3+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff5\", reference:\"4.0.3-12.3+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff5-dev\", reference:\"4.0.3-12.3+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiffxx5\", reference:\"4.0.3-12.3+deb8u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:10:13", "description": "According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.(CVE-2018-5784)\n\n - newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.(CVE-2018-16335)\n\n - ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.(CVE-2018-15209)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-09-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : libtiff (EulerOS-SA-2020-2145)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15209", "CVE-2018-16335", "CVE-2018-5784"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "p-cpe:/a:huawei:euleros:libtiff-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-2145.NASL", "href": "https://www.tenable.com/plugins/nessus/140912", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140912);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-15209\",\n \"CVE-2018-16335\",\n \"CVE-2018-5784\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : libtiff (EulerOS-SA-2020-2145)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In LibTIFF 4.0.9, there is an uncontrolled resource\n consumption in the TIFFSetDirectory function of\n tif_dir.c. Remote attackers could leverage this\n vulnerability to cause a denial of service via a\n crafted tif file. This occurs because the declared\n number of directory entries is not validated against\n the actual number of directory entries.(CVE-2018-5784)\n\n - newoffsets handling in ChopUpSingleUncompressedStrip in\n tif_dirread.c in LibTIFF 4.0.9 allows remote attackers\n to cause a denial of service (heap-based buffer\n overflow and application crash) or possibly have\n unspecified other impact via a crafted TIFF file, as\n demonstrated by tiff2pdf. This is a different\n vulnerability than CVE-2018-15209.(CVE-2018-16335)\n\n - ChopUpSingleUncompressedStrip in tif_dirread.c in\n LibTIFF 4.0.9 allows remote attackers to cause a denial\n of service (heap-based buffer overflow and application\n crash) or possibly have unspecified other impact via a\n crafted TIFF file, as demonstrated by\n tiff2pdf.(CVE-2018-15209)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2145\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0d2a5903\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libtiff-4.0.3-27.h19\",\n \"libtiff-devel-4.0.3-27.h19\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:27:02", "description": "This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\nCVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)\n\nCVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\nFixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed: core: Queue loading transient units after setting their properties. (bsc#1115518)\n\nlogind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)\n\nterminal-util: introduce vt_release() and vt_restore() helpers.\n\nterminal: Unify code for resetting kbd utf8 mode a bit.\n\nterminal Reset should honour default_utf8 kernel setting.\n\nlogind: Make session_restore_vt() static.\n\nudev: Downgrade message when settting inotify watch up fails.\n(bsc#1005023)\n\nlog: Never log into foreign fd #2 in PID 1 or its pre-execve() children. (bsc#1114981)\n\nudev: Ignore the exit code of systemd-detect-virt for memory hot-add.\nIn SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state. The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-22T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2019:0135-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsystemd0", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit", "p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:libudev1", "p-cpe:/a:novell:suse_linux:libudev1-32bit", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:systemd", "p-cpe:/a:novell:suse_linux:systemd-32bit", "p-cpe:/a:novell:suse_linux:systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:systemd-debugsource", "p-cpe:/a:novell:suse_linux:systemd-sysvinit", "p-cpe:/a:novell:suse_linux:udev", "p-cpe:/a:novell:suse_linux:udev-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0135-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121303", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0135-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121303);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2019:0135-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\nCVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through\nattacker-controlled alloca()s (bsc#1120323)\n\nCVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\nFixed an issue during system startup in relation to encrypted swap\ndisks (bsc#1119971)\n\nNon-security issues fixed: core: Queue loading transient units after\nsetting their properties. (bsc#1115518)\n\nlogind: Stop managing VT switches if no sessions are registered on\nthat VT. (bsc#1101591)\n\nterminal-util: introduce vt_release() and vt_restore() helpers.\n\nterminal: Unify code for resetting kbd utf8 mode a bit.\n\nterminal Reset should honour default_utf8 kernel setting.\n\nlogind: Make session_restore_vt() static.\n\nudev: Downgrade message when settting inotify watch up fails.\n(bsc#1005023)\n\nlog: Never log into foreign fd #2 in PID 1 or its pre-execve()\nchildren. (bsc#1114981)\n\nudev: Ignore the exit code of systemd-detect-virt for memory hot-add.\nIn SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that\nuses systemd-detect-virt to detect non-zvm environment. The\nsystemd-detect-virt returns exit failure code when it detected _none_\nstate. The exit failure code causes that the hot-add memory block can\nnot be set to online. (bsc#1076696)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16864/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16865/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16866/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190135-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?26e98101\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-135=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-135=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2019-135=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-135=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-135=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-135=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-135=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-135=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-135=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2019-135=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-135=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-135=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-debugsource-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-sysvinit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"udev-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"udev-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-debugsource-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-sysvinit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"udev-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"udev-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-debugsource-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-sysvinit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"udev-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"udev-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-debugsource-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-sysvinit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"udev-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"udev-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-debugsource-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-sysvinit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"udev-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"udev-debuginfo-228-150.58.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:40", "description": "The Qualys Research Labs discovered multiple vulnerabilities in systemd-journald. Two memory corruption flaws, via attacker-controlled allocations using the alloca function (CVE-2018-16864, CVE-2018-16865 ) and an out-of-bounds read flaw leading to an information leak (CVE-2018-16866 ), could allow an attacker to cause a denial of service or the execution of arbitrary code.\n\nFurther details in the Qualys Security Advisory at https://www.qualys.com/2019/01/09/system-down/system-down.txt", "cvss3": {}, "published": "2019-01-14T00:00:00", "type": "nessus", "title": "Debian DSA-4367-1 : systemd - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2019-05-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:systemd", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4367.NASL", "href": "https://www.tenable.com/plugins/nessus/121136", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4367. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121136);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/05/17 9:44:17\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_xref(name:\"DSA\", value:\"4367\");\n\n script_name(english:\"Debian DSA-4367-1 : systemd - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Qualys Research Labs discovered multiple vulnerabilities in\nsystemd-journald. Two memory corruption flaws, via attacker-controlled\nallocations using the alloca function (CVE-2018-16864, CVE-2018-16865\n) and an out-of-bounds read flaw leading to an information leak\n(CVE-2018-16866 ), could allow an attacker to cause a denial of\nservice or the execution of arbitrary code.\n\nFurther details in the Qualys Security Advisory at\nhttps://www.qualys.com/2019/01/09/system-down/system-down.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.qualys.com/2019/01/09/system-down/system-down.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/systemd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/systemd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4367\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the systemd packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 232-25+deb9u7.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libnss-myhostname\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-mymachines\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-resolve\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-systemd\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpam-systemd\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsystemd-dev\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsystemd0\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libudev-dev\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libudev1\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libudev1-udeb\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-container\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-coredump\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-journal-remote\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-sysv\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"udev\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"udev-udeb\", reference:\"232-25+deb9u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:51", "description": "- systemd-journald and systemd-journal-remote reject entries which contain too many fields (CVE-2018-16865, #1664973) and set limits on the process' command line length (CVE-2018-16864, #1664972)\n\n - Fix out-of-bounds read when parsing a crafted syslog message in systemd-journald (CVE-2018-16866, #1664975)\n\n - A signal is again used to stop user sessions instead of dbus (#1664491)\n\nNo need to log out or reboot.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-14T00:00:00", "type": "nessus", "title": "Fedora 29 : systemd (2019-18b3a10c7f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2019-09-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:systemd", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-18B3A10C7F.NASL", "href": "https://www.tenable.com/plugins/nessus/121138", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-18b3a10c7f.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121138);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/09/23 11:21:09\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_xref(name:\"FEDORA\", value:\"2019-18b3a10c7f\");\n\n script_name(english:\"Fedora 29 : systemd (2019-18b3a10c7f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - systemd-journald and systemd-journal-remote reject\n entries which contain too many fields (CVE-2018-16865,\n #1664973) and set limits on the process' command line\n length (CVE-2018-16864, #1664972)\n\n - Fix out-of-bounds read when parsing a crafted syslog\n message in systemd-journald (CVE-2018-16866, #1664975)\n\n - A signal is again used to stop user sessions instead of\n dbus (#1664491)\n\nNo need to log out or reboot.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-18b3a10c7f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected systemd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"systemd-239-8.gite339eae.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:12", "description": "It was discovered that systemd-journald allocated variable-length buffers for certain message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2018-16864)\n\nIt was discovered that systemd-journald allocated variable-length arrays of objects representing message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2018-16865)\n\nAn out-of-bounds read was discovered in systemd-journald. A local attacker could potentially exploit this to obtain sensitive information and bypass ASLR protections. (CVE-2018-16866).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-14T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : systemd vulnerabilities (USN-3855-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:systemd", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10"], "id": "UBUNTU_USN-3855-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121161", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3855-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121161);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_xref(name:\"USN\", value:\"3855-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : systemd vulnerabilities (USN-3855-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that systemd-journald allocated variable-length\nbuffers for certain message fields on the stack. A local attacker\ncould potentially exploit this to cause a denial of service, or\nexecute arbitrary code. (CVE-2018-16864)\n\nIt was discovered that systemd-journald allocated variable-length\narrays of objects representing message fields on the stack. A local\nattacker could potentially exploit this to cause a denial of service,\nor execute arbitrary code. (CVE-2018-16865)\n\nAn out-of-bounds read was discovered in systemd-journald. A local\nattacker could potentially exploit this to obtain sensitive\ninformation and bypass ASLR protections. (CVE-2018-16866).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3855-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected systemd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"systemd\", pkgver:\"229-4ubuntu21.15\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"systemd\", pkgver:\"237-3ubuntu10.11\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"systemd\", pkgver:\"239-7ubuntu10.6\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:20", "description": "Large syslogd messages sent to journald can cause stack corruption, causing journald to crash. The version of systemd on Amazon Linux 2 is not vulnerable to privilege escalation in this case. (CVE-2018-16864)\n\nLarge native messages to journald can cause stack corruption, leading to possible local privilege escalation.(CVE-2018-16865)\n\nPlease note, if you have systemd-journald-remote configured over http, then you could be open to remote escalation on previous versions of the systemd package. The systemd-journald-remote service is not installed by default on Amazon Linux 2, and when installed and enabled, the default configuration is to use https. (CVE-2018-16865)\n\nAn out-of-bounds read in journald, triggered by a specially crafted message, can be used to leak information through the journal file (CVE-2018-16866)", "cvss3": {}, "published": "2019-01-10T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : systemd (ALAS-2019-1141)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2019-05-17T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libgudev1", "p-cpe:/a:amazon:linux:libgudev1-devel", "p-cpe:/a:amazon:linux:systemd", "p-cpe:/a:amazon:linux:systemd-debuginfo", "p-cpe:/a:amazon:linux:systemd-devel", "p-cpe:/a:amazon:linux:systemd-journal-gateway", "p-cpe:/a:amazon:linux:systemd-libs", "p-cpe:/a:amazon:linux:systemd-networkd", "p-cpe:/a:amazon:linux:systemd-python", "p-cpe:/a:amazon:linux:systemd-resolved", "p-cpe:/a:amazon:linux:systemd-sysv", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1141.NASL", "href": "https://www.tenable.com/plugins/nessus/121050", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1141.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121050);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/05/17 9:44:16\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_xref(name:\"ALAS\", value:\"2019-1141\");\n\n script_name(english:\"Amazon Linux 2 : systemd (ALAS-2019-1141)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Large syslogd messages sent to journald can cause stack corruption,\ncausing journald to crash. The version of systemd on Amazon Linux 2 is\nnot vulnerable to privilege escalation in this case. (CVE-2018-16864)\n\nLarge native messages to journald can cause stack corruption, leading\nto possible local privilege escalation.(CVE-2018-16865)\n\nPlease note, if you have systemd-journald-remote configured over http,\nthen you could be open to remote escalation on previous versions of\nthe systemd package. The systemd-journald-remote service is not\ninstalled by default on Amazon Linux 2, and when installed and\nenabled, the default configuration is to use https. (CVE-2018-16865)\n\nAn out-of-bounds read in journald, triggered by a specially crafted\nmessage, can be used to leak information through the journal file\n(CVE-2018-16866)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1141.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update systemd' then reboot your instance, to update your\nsystem.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libgudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libgudev1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-journal-gateway\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-networkd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-resolved\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"libgudev1-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libgudev1-devel-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-debuginfo-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-devel-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-journal-gateway-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-libs-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-networkd-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-python-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-resolved-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-sysv-219-57.amzn2.0.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgudev1 / libgudev1-devel / systemd / systemd-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:10:41", "description": "This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-19967: Fixed HLE constructs that allowed guests to lock up the host, resulting in a Denial of Service (DoS). (XSA-282) (bsc#1114988)\n\n - CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in slirp (bsc#1123157).\n\n - Fixed an issue which could allow malicious or buggy guests with passed through PCI devices to be able to escalate their privileges, crash the host, or access data belonging to other guests. Additionally memory leaks were also possible (bsc#1126140).\n\n - Fixed a race condition issue which could allow malicious PV guests to escalate their privilege to that of the hypervisor (bsc#1126141).\n\n - Fixed an issue which could allow a malicious unprivileged guest userspace process to escalate its privilege to that of other userspace processes in the same guest and potentially thereby to that of the guest operating system (bsc#1126201).\n\n - CVE-2019-9824: Fixed an information leak in SLiRP networking implementation which could allow a user/process to read uninitialised stack memory contents (bsc#1129623).\n\n - CVE-2018-19961 CVE-2018-19962: Fixed insufficient TLB flushing / improper large page mappings with AMD IOMMUs (XSA-275)(bsc#1115040).\n\n - CVE-2018-19965: Fixed denial of service issue from attempting to use INVPCID with a non-canonical addresses (XSA-279)(bsc#1115045).\n\n - CVE-2018-19966: Fixed issue introduced by XSA-240 that could have caused conflicts with shadow paging (XSA-280)(bsc#1115047).\n\n - Fixed an issue which could allow malicious PV guests may cause a host crash or gain access to data pertaining to other guests.Additionally, vulnerable configurations are likely to be unstable even in the absence of an attack (bsc#1126198).\n\n - Fixed multiple access violations introduced by XENMEM_exchange hypercall which could allow a single PV guest to leak arbitrary amounts of memory, leading to a denial of service (bsc#1126192).\n\n - Fixed an issue which could allow malicious 64bit PV guests to cause a host crash (bsc#1127400).\n\n - Fixed an issue which could allow malicious or buggy x86 PV guest kernels to mount a Denial of Service attack affecting the whole system (bsc#1126197).\n\n - Fixed an issue which could allow an untrusted PV domain with access to a physical device to DMA into its own pagetables leading to privilege escalation (bsc#1126195).\n\n - Fixed an issue which could allow a malicious or buggy x86 PV guest kernels can mount a Denial of Service attack affecting the whole system (bsc#1126196).\n\nOther issues addressed :\n\n - Upstream bug fixes (bsc#1027519)\n\n - Fixed an issue where live migrations were failing when spectre was enabled on xen boot cmdline (bsc#1116380).\n\n - Fixed an issue where setup of grant_tables and other variables may fail (bsc#1126325).\n\n - Fixed a building issue (bsc#1119161).\n\n - Fixed an issue where xpti=no-dom0 was not working as expected (bsc#1105528).\n\n - Packages should no longer use /var/adm/fillup-templates (bsc#1069468). \n\n - Added Xen cmdline option 'suse_vtsc_tolerance' to avoid TSC emulation for HVM domUs (bsc#1026236).\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update project.", "cvss3": {}, "published": "2019-04-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : xen (openSUSE-2019-1226)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19665", "CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19966", "CVE-2018-19967", "CVE-2019-6778", "CVE-2019-9824"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-32bit", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domu", "p-cpe:/a:novell:opensuse:xen-tools-domu-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-1226.NASL", "href": "https://www.tenable.com/plugins/nessus/124147", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1226.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124147);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-19665\", \"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19965\", \"CVE-2018-19966\", \"CVE-2018-19967\", \"CVE-2019-6778\", \"CVE-2019-9824\");\n\n script_name(english:\"openSUSE Security Update : xen (openSUSE-2019-1226)\");\n script_summary(english:\"Check for the openSUSE-2019-1226 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-19967: Fixed HLE constructs that allowed guests\n to lock up the host, resulting in a Denial of Service\n (DoS). (XSA-282) (bsc#1114988)\n\n - CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu()\n found in slirp (bsc#1123157).\n\n - Fixed an issue which could allow malicious or buggy\n guests with passed through PCI devices to be able to\n escalate their privileges, crash the host, or access\n data belonging to other guests. Additionally memory\n leaks were also possible (bsc#1126140).\n\n - Fixed a race condition issue which could allow malicious\n PV guests to escalate their privilege to that of the\n hypervisor (bsc#1126141).\n\n - Fixed an issue which could allow a malicious\n unprivileged guest userspace process to escalate its\n privilege to that of other userspace processes in the\n same guest and potentially thereby to that of the guest\n operating system (bsc#1126201).\n\n - CVE-2019-9824: Fixed an information leak in SLiRP\n networking implementation which could allow a\n user/process to read uninitialised stack memory contents\n (bsc#1129623).\n\n - CVE-2018-19961 CVE-2018-19962: Fixed insufficient TLB\n flushing / improper large page mappings with AMD IOMMUs\n (XSA-275)(bsc#1115040).\n\n - CVE-2018-19965: Fixed denial of service issue from\n attempting to use INVPCID with a non-canonical addresses\n (XSA-279)(bsc#1115045).\n\n - CVE-2018-19966: Fixed issue introduced by XSA-240 that\n could have caused conflicts with shadow paging\n (XSA-280)(bsc#1115047).\n\n - Fixed an issue which could allow malicious PV guests may\n cause a host crash or gain access to data pertaining to\n other guests.Additionally, vulnerable configurations are\n likely to be unstable even in the absence of an attack\n (bsc#1126198).\n\n - Fixed multiple access violations introduced by\n XENMEM_exchange hypercall which could allow a single PV\n guest to leak arbitrary amounts of memory, leading to a\n denial of service (bsc#1126192).\n\n - Fixed an issue which could allow malicious 64bit PV\n guests to cause a host crash (bsc#1127400).\n\n - Fixed an issue which could allow malicious or buggy x86\n PV guest kernels to mount a Denial of Service attack\n affecting the whole system (bsc#1126197).\n\n - Fixed an issue which could allow an untrusted PV domain\n with access to a physical device to DMA into its own\n pagetables leading to privilege escalation\n (bsc#1126195).\n\n - Fixed an issue which could allow a malicious or buggy\n x86 PV guest kernels can mount a Denial of Service\n attack affecting the whole system (bsc#1126196).\n\nOther issues addressed :\n\n - Upstream bug fixes (bsc#1027519)\n\n - Fixed an issue where live migrations were failing when\n spectre was enabled on xen boot cmdline (bsc#1116380).\n\n - Fixed an issue where setup of grant_tables and other\n variables may fail (bsc#1126325).\n\n - Fixed a building issue (bsc#1119161).\n\n - Fixed an issue where xpti=no-dom0 was not working as\n expected (bsc#1105528).\n\n - Packages should no longer use /var/adm/fillup-templates\n (bsc#1069468). \n\n - Added Xen cmdline option 'suse_vtsc_tolerance' to avoid\n TSC emulation for HVM domUs (bsc#1026236).\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1026236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1069468\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1116380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117756\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126140\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126196\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126201\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127400\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1129623\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-debugsource-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-devel-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-libs-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-libs-debuginfo-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-tools-domU-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-tools-domU-debuginfo-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"xen-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"xen-doc-html-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"xen-tools-4.9.4_02-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.9.4_02-37.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen-debugsource / xen-devel / xen-libs-32bit / xen-libs / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:17:15", "description": "This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-18849: Fixed an out of bounds memory access issue was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin (bsc#1114423).\n\n - CVE-2018-18883: Fixed a NULL pointer dereference that could have been triggered by nested VT-x that where not properly restricted (XSA-278)(bsc#1114405).\n\n - CVE-2018-19965: Fixed denial of service issue from attempting to use INVPCID with a non-canonical addresses (XSA-279)(bsc#1115045).\n\n - CVE-2018-19966: Fixed issue introduced by XSA-240 that could have caused conflicts with shadow paging (XSA-280)(bsc#1115047).\n\n - CVE-2018-19961 CVE-2018-19962: Fixed insufficient TLB flushing / improper large page mappings with AMD IOMMUs (XSA-275)(bsc#1115040).\n\nNon-security issues fixed :\n\n - Added upstream bug fixes (bsc#1027519).\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update project.", "cvss3": {}, "published": "2018-12-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : xen (openSUSE-2018-1530)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18849", "CVE-2018-18883", "CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19966"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domu", "p-cpe:/a:novell:opensuse:xen-tools-domu-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-1530.NASL", "href": "https://www.tenable.com/plugins/nessus/119642", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1530.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119642);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-18849\", \"CVE-2018-18883\", \"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19965\", \"CVE-2018-19966\");\n\n script_name(english:\"openSUSE Security Update : xen (openSUSE-2018-1530)\");\n script_summary(english:\"Check for the openSUSE-2018-1530 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-18849: Fixed an out of bounds memory access\n issue was found in the LSI53C895A SCSI Host Bus Adapter\n emulation while writing a message in lsi_do_msgin\n (bsc#1114423).\n\n - CVE-2018-18883: Fixed a NULL pointer dereference that\n could have been triggered by nested VT-x that where not\n properly restricted (XSA-278)(bsc#1114405).\n\n - CVE-2018-19965: Fixed denial of service issue from\n attempting to use INVPCID with a non-canonical addresses\n (XSA-279)(bsc#1115045).\n\n - CVE-2018-19966: Fixed issue introduced by XSA-240 that\n could have caused conflicts with shadow paging\n (XSA-280)(bsc#1115047).\n\n - CVE-2018-19961 CVE-2018-19962: Fixed insufficient TLB\n flushing / improper large page mappings with AMD IOMMUs\n (XSA-275)(bsc#1115040).\n\nNon-security issues fixed :\n\n - Added upstream bug fixes (bsc#1027519).\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114405\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115047\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-4.9.3_03-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-debugsource-4.9.3_03-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-devel-4.9.3_03-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-doc-html-4.9.3_03-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-libs-4.9.3_03-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-libs-debuginfo-4.9.3_03-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-tools-4.9.3_03-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-tools-debuginfo-4.9.3_03-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-tools-domU-4.9.3_03-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-tools-domU-debuginfo-4.9.3_03-34.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-debugsource / xen-devel / xen-doc-html / xen-libs / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:50", "description": "This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-18849: Fixed an out of bounds memory access issue was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin (bsc#1114423).\n\nCVE-2018-18883: Fixed a NULL pointer dereference that could have been triggered by nested VT-x that where not properly restricted (XSA-278)(bsc#1114405).\n\nCVE-2018-19965: Fixed denial of service issue from attempting to use INVPCID with a non-canonical addresses (XSA-279)(bsc#1115045).\n\nCVE-2018-19966: Fixed issue introduced by XSA-240 that could have caused conflicts with shadow paging (XSA-280)(bsc#1115047).\n\nCVE-2018-19961 CVE-2018-19962: Fixed insufficient TLB flushing / improper large page mappings with AMD IOMMUs (XSA-275)(bsc#1115040).\n\nNon-security issues fixed: Added upstream bug fixes (bsc#1027519).\n\nFixed XEN SLE12-SP1 domU hang on SLE12-SP3 HV (bsc#1108940).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-12-13T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:4070-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18849", "CVE-2018-18883", "CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19966"], "modified": "2020-04-28T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools-domu", "p-cpe:/a:novell:suse_linux:xen-tools-domu-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-4070-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119648", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:4070-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119648);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/28\");\n\n script_cve_id(\"CVE-2018-18849\", \"CVE-2018-18883\", \"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19965\", \"CVE-2018-19966\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:4070-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-18849: Fixed an out of bounds memory access issue was found\nin the LSI53C895A SCSI Host Bus Adapter emulation while writing a\nmessage in lsi_do_msgin (bsc#1114423).\n\nCVE-2018-18883: Fixed a NULL pointer dereference that could have been\ntriggered by nested VT-x that where not properly restricted\n(XSA-278)(bsc#1114405).\n\nCVE-2018-19965: Fixed denial of service issue from attempting to use\nINVPCID with a non-canonical addresses (XSA-279)(bsc#1115045).\n\nCVE-2018-19966: Fixed issue introduced by XSA-240 that could have\ncaused conflicts with shadow paging (XSA-280)(bsc#1115047).\n\nCVE-2018-19961 CVE-2018-19962: Fixed insufficient TLB flushing /\nimproper large page mappings with AMD IOMMUs (XSA-275)(bsc#1115040).\n\nNon-security issues fixed: Added upstream bug fixes (bsc#1027519).\n\nFixed XEN SLE12-SP1 domU hang on SLE12-SP3 HV (bsc#1108940).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114405\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18849/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18883/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19961/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19962/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19965/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19966/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20184070-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?14d54f65\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2896=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2896=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2896=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-debugsource-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-doc-html-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-debugsource-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.9.3_03-3.47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.9.3_03-3.47.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:25", "description": "This update for xen fixes the following issues :\n\nSecurity vulnerabilities fixed :\n\nCVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may cause a Denial of Service (DoS) affecting the entire host, or may be able to access data it is not supposed to access. (XSA-275) (bsc#1115040)\n\nCVE-2018-19965: Fixed an issue related to the INVPCID instruction in case non-canonical addresses are accessed, which may allow a guest to cause Xen to crash, resulting in a Denial of Service (DoS) affecting the entire host. (XSA-279) (bsc#1115045)\n\nCVE-2018-19966: Fixed an issue related to a previous fix for XSA-240, which conflicted with shadow paging and allowed a guest to cause Xen to crash, resulting in a Denial of Service (DoS). (XSA-280) (bsc#1115047)\n\nCVE-2018-19665: Fixed an integer overflow resulting in memory corruption in various Bluetooth functions, allowing this to crash qemu process resulting in Denial of Service (DoS). (bsc#1117756).\n\nCVE-2018-18849: Fixed an out of bounds memory access in the LSI53C895A SCSI host bus adapter emulation, which allowed a user and/or process to crash the qemu process resulting in a Denial of Service (DoS).\n(bsc#1114423)\n\nOther bugs fixed: Fixed an issue related to a domU hang on SLE12-SP3 HV (bsc#1108940)\n\nFixed an issue with xpti=no-dom0 not working as expected (bsc#1105528)\n\nFixed an issue with live migrations, which used to fail when spectre is enabled on xen boot cmdline (bsc#1116380)\n\nUpstream bug fixes (bsc#1027519)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-07T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : xen (SUSE-SU-2019:0020-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18849", "CVE-2018-19665", "CVE-2018-19961", "CVE-2018-19962", "CVE-2018-19965", "CVE-2018-19966"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools-domu", "p-cpe:/a:novell:suse_linux:xen-tools-domu-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0020-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120987", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0020-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120987);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-18849\", \"CVE-2018-19665\", \"CVE-2018-19961\", \"CVE-2018-19962\", \"CVE-2018-19965\", \"CVE-2018-19966\");\n\n script_name(english:\"SUSE SLES12 Security Update : xen (SUSE-SU-2019:0020-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for xen fixes the following issues :\n\nSecurity vulnerabilities fixed :\n\nCVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient\nTLB flushing with AMD IOMMUs, which potentially allowed a guest to\nescalate its privileges, may cause a Denial of Service (DoS) affecting\nthe entire host, or may be able to access data it is not supposed to\naccess. (XSA-275) (bsc#1115040)\n\nCVE-2018-19965: Fixed an issue related to the INVPCID instruction in\ncase non-canonical addresses are accessed, which may allow a guest to\ncause Xen to crash, resulting in a Denial of Service (DoS) affecting\nthe entire host. (XSA-279) (bsc#1115045)\n\nCVE-2018-19966: Fixed an issue related to a previous fix for XSA-240,\nwhich conflicted with shadow paging and allowed a guest to cause Xen\nto crash, resulting in a Denial of Service (DoS). (XSA-280)\n(bsc#1115047)\n\nCVE-2018-19665: Fixed an integer overflow resulting in memory\ncorruption in various Bluetooth functions, allowing this to crash qemu\nprocess resulting in Denial of Service (DoS). (bsc#1117756).\n\nCVE-2018-18849: Fixed an out of bounds memory access in the LSI53C895A\nSCSI host bus adapter emulation, which allowed a user and/or process\nto crash the qemu process resulting in a Denial of Service (DoS).\n(bsc#1114423)\n\nOther bugs fixed: Fixed an issue related to a domU hang on SLE12-SP3\nHV (bsc#1108940)\n\nFixed an issue with xpti=no-dom0 not working as expected (bsc#1105528)\n\nFixed an issue with live migrations, which used to fail when spectre\nis enabled on xen boot cmdline (bsc#1116380)\n\nUpstream bug fixes (bsc#1027519)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117756\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18849/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19665/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19961/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19962/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19965/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19966/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190020-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54faf792\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-20=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-20=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-20=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-20=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-20=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-4.7.6_05-43.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-debugsource-4.7.6_05-43.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-doc-html-4.7.6_05-43.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.7.6_05-43.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-4.7.6_05-43.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.7.6_05-43.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.7.6_05-43.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-4.7.6_05-43.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.7.6_05-43.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.7.6_05-43.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.7.6_05-43.45.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:43:06", "description": "Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing.\nAn attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. (CVE-2018-0734)\n\nSamuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)\n\nBilly Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri, and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading (SMT) architectures are vulnerable to side-channel leakage. This issue is known as 'PortSmash'. An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-12-07T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : openssl, openssl1.0 vulnerabilities (USN-3840-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-5407"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0", "p-cpe:/a:canonical:ubuntu_linux:libssl1.1", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10"], "id": "UBUNTU_USN-3840-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119497", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3840-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119497);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-5407\");\n script_xref(name:\"USN\", value:\"3840-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : openssl, openssl1.0 vulnerabilities (USN-3840-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing.\nAn attacker could possibly use this issue to perform a timing\nside-channel attack and recover private DSA keys. (CVE-2018-0734)\n\nSamuel Weiser discovered that OpenSSL incorrectly handled ECDSA\nsigning. An attacker could possibly use this issue to perform a timing\nside-channel attack and recover private ECDSA keys. This issue only\naffected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)\n\nBilly Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola\nTuveri, and Alejandro Cabrera Aldaya discovered that Simultaneous\nMultithreading (SMT) architectures are vulnerable to side-channel\nleakage. This issue is known as 'PortSmash'. An attacker could\npossibly use this issue to perform a timing side-channel attack and\nrecover private keys. (CVE-2018-5407).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3840-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libssl1.0.0 and / or libssl1.1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1f-1ubuntu2.27\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.2g-1ubuntu4.14\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.2n-1ubuntu5.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libssl1.1\", pkgver:\"1.1.0g-2ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.2n-1ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libssl1.1\", pkgver:\"1.1.1-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl1.0.0 / libssl1.1\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:47", "description": "An update of the openssl package has been released.", "cvss3": {}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Openssl PHSA-2018-1.0-0199", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-5407"], "modified": "2019-04-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:openssl", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2018-1_0-0199_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/121899", "sourceData": "#\n# (C) Tenable Network Security, Inc.`\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-1.0-0199. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121899);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/04/02 21:54:17\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-5407\");\n\n script_name(english:\"Photon OS 1.0: Openssl PHSA-2018-1.0-0199\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the openssl package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-199.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0735\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-debuginfo-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-debuginfo-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-debuginfo-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-devel-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-devel-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-devel-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-perl-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-perl-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-perl-1.0.2q-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:10:56", "description": "The version of Oracle Tuxedo installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities:\n - An information disclosure vulnerability exists in OpenSSL due to the potential for a side-channel timing attack. An unauthenticated attacker can exploit this to disclose potentially sensitive information. (CVE-2018-0734, CVE-2018-0735, CVE-2018-5407)", "cvss3": {}, "published": "2019-04-19T00:00:00", "type": "nessus", "title": "Oracle Tuxedo Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-5407"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:tuxedo"], "id": "ORACLE_TUXEDO_CPU_APR_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/124171", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124171);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-5407\");\n script_bugtraq_id(105750, 105758, 105897);\n script_xref(name:\"IAVA\", value:\"2019-A-0128\");\n\n script_name(english:\"Oracle Tuxedo Multiple Vulnerabilities (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application server installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Tuxedo installed on the remote host is missing\na security patch. It is, therefore, affected by multiple\nvulnerabilities:\n \n - An information disclosure vulnerability exists in OpenSSL \n due to the potential for a side-channel timing attack. \n An unauthenticated attacker can exploit this to disclose \n potentially sensitive information. \n (CVE-2018-0734, CVE-2018-0735, CVE-2018-5407)\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2019 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0734\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:tuxedo\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_tuxedo_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Tuxedo\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('oracle_rdbms_cpu_func.inc');\ninclude('misc_func.inc');\ninclude('install_func.inc');\n\napp_name = 'Oracle Tuxedo';\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\nrp = install['RP'];\npath = install['path'];\nrp_fix = 99;\n\nif (version !~ \"^12\\.1\\.1\\.0($|\\.|_)\") \n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version + ' RP ' + rp, path);\n\nif (rp == UNKNOWN_VER || rp < rp_fix)\n{\n items = make_array('Path', path,\n 'Version', version,\n 'RP', rp,\n 'Required RP', rp_fix\n );\n order = make_list('Path', 'Version', 'RP', 'Required RP');\n report = report_items_str(report_items:items, ordered_fields:order);\n security_report_v4(port:0, extra:report, severity:SECURITY_WARNING);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version + ' RP ' + rp, path);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-09T14:45:51", "description": "According to its banner, the version of OpenSSL running on the remote host is 1.1.0 prior to 1.1.0i. It is, therefore, affected by a denial of service vulnerability, a cache timing side channel vulnerability, and a microarchitecture timing side channel attack.", "cvss3": {}, "published": "2018-08-27T00:00:00", "type": "nessus", "title": "OpenSSL 1.1.0 < 1.1.0i Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0737", "CVE-2018-5407"], "modified": "2023-08-08T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_1_0I.NASL", "href": "https://www.tenable.com/plugins/nessus/112120", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(112120);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/08/08\");\n\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_bugtraq_id(103766, 104442);\n\n script_name(english:\"OpenSSL 1.1.0 < 1.1.0i Multiple Vulnerabilities\");\n script_summary(english:\"Performs a banner check.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A service running on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of OpenSSL running on the remote\nhost is 1.1.0 prior to 1.1.0i. It is, therefore, affected by a denial\nof service vulnerability, a cache timing side channel vulnerability,\nand a microarchitecture timing side channel attack.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20180612.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20180416.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20181112.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the vendor patch or upgrade to OpenSSL version 1.1.0i or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0737\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\", \"openssl_nix_installed.nbin\", \"openssl_win_installed.nbin\");\n script_require_keys(\"installed_sw/OpenSSL\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras_openssl.inc');\n\nvar app_info = vcf::combined_get_app_info(app:'OpenSSL');\n\nvcf::check_all_backporting(app_info:app_info);\n\nvar constraints = [{ 'min_version' : \"1.1.0\", 'fixed_version' : '1.1.0i'}];\n\nvcf::openssl::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-01T15:12:29", "description": "The version of Wireshark installed on the remote Windows host is 2.6.x prior to 2.6.4. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {}, "published": "2018-10-18T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227"], "modified": "2019-11-01T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_2_6_4.NASL", "href": "https://www.tenable.com/plugins/nessus/118207", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118207);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-12086\",\n \"CVE-2018-18225\",\n \"CVE-2018-18226\",\n \"CVE-2018-18227\"\n );\n script_bugtraq_id(105538, 105583);\n\n script_name(english:\"Wireshark 2.6.x < 2.6.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is\n2.6.x prior to 2.6.4. It is, therefore, affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.4.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-47.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-48.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-49.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-50.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-18226\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\", win_local:TRUE);\n\nconstraints = [\n { \"min_version\" : \"2.6.0\", \"fixed_version\" : \"2.6.4\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:43:10", "description": "According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a vulnerability allowing a guest system to potentially elevate privileges, access protected information, and perform a DoS against the host. Only AMD systems with IOMMU enabled are affected.\n\nNote that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patches were applied manually to the source code before a recompile and reinstall.", "cvss3": {}, "published": "2018-12-13T00:00:00", "type": "nessus", "title": "Xen Project Insufficient TLB Flushing Vulnerability (XSA-275)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19961", "CVE-2018-19962"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/o:xen:xen"], "id": "XEN_SERVER_XSA-275.NASL", "href": "https://www.tenable.com/plugins/nessus/119656", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119656);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2018-19961\", \"CVE-2018-19962\");\n script_bugtraq_id(106182);\n script_xref(name:\"IAVB\", value:\"2018-B-0149-S\");\n\n script_name(english:\"Xen Project Insufficient TLB Flushing Vulnerability (XSA-275)\");\n script_summary(english:\"Checks 'xl info' output for the Xen hypervisor version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Xen hypervisor installation is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Xen hypervisor\ninstalled on the remote host is affected by a vulnerability allowing\na guest system to potentially elevate privileges, access protected\ninformation, and perform a DoS against the host. Only AMD systems with\nIOMMU enabled are affected.\n\nNote that Nessus has checked the changeset versions based on the\nxen.git change log. Nessus did not check guest hardware configurations\nor if patches were applied manually to the source code before a\nrecompile and reinstall.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://xenbits.xen.org/xsa/advisory-275.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://xenbits.xen.org/gitweb/?p=xen.git;a=summary\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19962\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/13\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:xen:xen\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"xen_server_detect.nbin\");\n script_require_keys(\"installed_sw/Xen Hypervisor\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"install_func.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"Xen Hypervisor\";\ninstall = get_single_install(app_name:app_name);\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nversion = install['version'];\ndisplay_version = install['display_version'];\npath = install['path'];\nmanaged_status = install['Managed status'];\nchangeset = install['Changeset'];\n\nif (!empty_or_null(changeset))\n display_version += \" (changeset \" + changeset + \")\";\n\n# Installations that are vendor-managed are handled by OS-specific local package checks\nif (managed_status == \"managed\")\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, display_version, path);\n\nfixes['4.7']['fixed_ver'] = '4.7.6';\nfixes['4.7']['fixed_ver_display'] = '4.7.6 (changeset 2b3463f)';\nfixes['4.7']['affected_ver_regex'] = '^4\\\\.7\\\\.';\nfixes['4.7']['affected_changesets'] = make_list(\"efe21ad\", \"9c82759\",\n \"3d3e474\", \"4e69e43\", \"3d33cc6\", \"3f7b4ec\", \"7ba1c7d\", \"87d5aa4\",\n \"9b8375a\", \"da93914\", \"0aa4696\", \"f05a33e\", \"f440b31\", \"1a90803\",\n \"0abc1ae\", \"1fdb25a\", \"c9641d4\", \"61c4360\", \"df66c1c\", \"59732fd\",\n \"3f7fd2b\", \"bcbd8b9\", \"dfee811\", \"95ff4e1\", \"ded2a37\", \"87dba80\",\n \"fe028e6\", \"a51e6a3\", \"0e66281\", \"51d9780\", \"91ca84c\", \"bce2dd6\",\n \"fa807e2\", \"97aff08\", \"e90e243\", \"c0e854b\", \"9858a1f\", \"a404136\",\n \"dc111e9\", \"0873699\", \"280a556\");\n\nfixes['4.8']['fixed_ver'] = '4.8.5';\nfixes['4.8']['fixed_ver_display'] = '4.8.5-pre (changeset 14854d0)';\nfixes['4.8']['affected_ver_regex'] = '^4\\\\.8\\\\.';\nfixes['4.8']['affected_changesets'] = make_list(\"f030ad0\", \"d6798ce\",\n \"d792e57\", \"ba4eb85\", \"88b5e36\", \"64fd42f\", \"86cba9b\", \"49f74ea\",\n \"5b6fb33\", \"8d1afd1\", \"0dbe6ac\", \"38a7dde\", \"bd89569\", \"dee5937\",\n \"5670039\", \"53dfcb0\", \"d4f07fb\", \"005df91\", \"8bfab2b\", \"dc814e1\",\n \"5e86977\", \"d1a5936\", \"c9fc6b3\", \"21ac6c8\", \"e52ec4b\", \"d95b5bb\",\n \"565de91\", \"1c6c2de\", \"1f56fba\", \"5464d5f\", \"9e7d5e2\", \"7849d13\",\n \"e819108\", \"fe78829\", \"28fc483\", \"712082d\", \"ed6fcdb\", \"0406164\",\n \"e3d0ce3\", \"c00fabc\", \"3478439\", \"b81b74a\", \"b289403\", \"47fbc6e\",\n \"ee7bcea\", \"df5bbf7\", \"d96893f\", \"15508b3\", \"790ed15\", \"d838957\",\n \"aa45015\", \"b149b06\", \"c117d09\", \"e343ee8\", \"5566272\", \"f049cd6\",\n \"6dc0bc5\", \"37a1b4a\", \"f6a31ed\", \"08eda97\", \"96bf2db\", \"23975f5\",\n \"f3b0cdb\", \"f5ef10d\", \"de172b0\", \"3686d09\", \"4aec0c7\");\n\nfixes['4.9']['fixed_ver'] = '4.9.4';\nfixes['4.9']['fixed_ver_display'] = '4.9.4-pre (changeset 15b4ee9)';\nfixes['4.9']['affected_ver_regex'] = '^4\\\\.9\\\\.';\nfixes['4.9']['affected_changesets'] = make_list(\"f97a1d1\", \"f13983d\",\n \"8d6f213\", \"c4a3f16\", \"1bd7c17\", \"1ebb803\", \"042887f\", \"e61a7cb\",\n \"f668bb4\", \"d635520\", \"b791d9b\", \"273cc99\", \"ee2e8a0\", \"f294d80\",\n \"782ca9b\", \"b7dae43\", \"62ed524\", \"75c8dbc\", \"56d90f5\", \"6000494\",\n \"870fcbf\", \"9b31834\", \"3eabb91\");\n\nfixes['4.10']['fixed_ver'] = '4.10.3';\nfixes['4.10']['fixed_ver_display'] = '4.10.3-pre (changeset d5d8074)';\nfixes['4.10']['affected_ver_regex'] = '^4\\\\.10\\\\.';\nfixes['4.10']['affected_changesets'] = make_list(\"421aada\", \"e907460\",\n \"ba6ac89\", \"4c7cd94\", \"c841c82\", \"5b15c04\", \"6e3650d\", \"4d5a0f2\",\n \"b0f1b24\", \"aa05c39\", \"c504397\", \"1639352\", \"b79ac27\", \"5822be6\",\n \"225fbd2\", \"73788eb\", \"ed024ef\", \"9f8eff3\", \"788948b\", \"61dc015\",\n \"d86c9ae\", \"4519790\", \"5483835\", \"518726d\", \"d091a49\", \"923af25\",\n \"5ba0bb0\", \"173c338\");\n\nfixes['4.11']['fixed_ver'] = '4.11.1';\nfixes['4.11']['fixed_ver_display'] = '4.11.1-pre (changeset 946f345)';\nfixes['4.11']['affected_ver_regex'] = '^4\\\\.11\\\\.';\nfixes['4.11']['affected_changesets'] = make_list(\"086a9dd\", \"dea9fc0\",\n \"ff9f873\", \"0f0ad14\", \"8ad462a\", \"d67b849\", \"8f3f58c\", \"06a50b0\",\n \"fe10c22\", \"e243639\", \"f0b4b69\", \"d34471f\", \"26feeb5\", \"221acbf\",\n \"8bed728\", \"18b5947\", \"94fba9f\", \"33664f9\", \"a2e35a7\", \"451f9c8\",\n \"d7cbb4b\", \"bb6d070\", \"b1a47ef\", \"5b1592d\", \"0719a5f\", \"03fd745\",\n \"d1caf6e\", \"a07f444\", \"74fee1b\", \"2004a91\", \"8c8b3cb\", \"5acdd26\",\n \"733450b\", \"d757c29\", \"6c7d074\", \"2a47c75\", \"007752f\", \"fb78137\",\n \"665e768\", \"f4a049e\", \"02d2c66\", \"57483c0\", \"d044f6c\", \"e6441a8\",\n \"48fb482\", \"fa79f9e\", \"1d32c21\", \"7b420e8\", \"8b35b97\", \"cfdd4e8\",\n \"218d403\", \"b52017c\", \"52b8f9a\", \"935e9c4\", \"61cc876\", \"4254e98\",\n \"6fe9726\", \"33ced72\", \"7de2155\", \"06d2a76\", \"543027c\", \"037fe82\",\n \"353edf1\", \"75313e4\", \"5908b48\", \"bd51a64\", \"0a2016c\", \"b53e0de\",\n \"a44cf0c\", \"ac35e05\", \"10c5482\", \"4bdeedb\", \"da33530\", \"e932371\", \"1fd87ba\");\n\nfix = NULL;\nforeach ver_branch (keys(fixes))\n{\n if (version =~ fixes[ver_branch]['affected_ver_regex'])\n {\n ret = ver_compare(ver:version, fix:fixes[ver_branch]['fixed_ver']);\n if (ret < 0)\n fix = fixes[ver_branch]['fixed_ver_display'];\n else if (ret == 0)\n {\n if (empty_or_null(changeset))\n fix = fixes[ver_branch]['fixed_ver_display'];\n else\n foreach affected_changeset (fixes[ver_branch]['affected_changesets'])\n if (changeset == affected_changeset)\n fix = fixes[ver_branch]['fixed_ver_display'];\n }\n }\n}\n\nif (empty_or_null(fix))\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, display_version, path);\n\nitems = make_array(\n \"Installed version\", display_version,\n \"Fixed version\", fix,\n \"Path\", path\n);\n\norder = make_list(\"Path\", \"Installed version\", \"Fixed version\");\nreport = report_items_str(report_items:items, ordered_fields:order) + '\\n';\n\nsecurity_report_v4(port:0, extra:report, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:24", "description": "This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\n - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)\n\n - CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\n - CVE-2018-6954: Fix mishandling of symlinks present in non-terminal path components (bsc#1080919)\n\n - Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed :\n\n - pam_systemd: Fix 'Cannot create session: Already running in a session' (bsc#1111498)\n\n - systemd-vconsole-setup: vconsole setup fails, fonts will not be copied to tty (bsc#1114933)\n\n - systemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple units (bsc#1045723)\n\n - Fixed installation issue with /etc/machine-id during update (bsc#1117063)\n\n - btrfs: qgroups are assigned to parent qgroups after reboot (bsc#1093753)\n\n - logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)\n\n - udev: Downgrade message when settting inotify watch up fails. (bsc#1005023)\n\n - udev: Ignore the exit code of systemd-detect-virt for memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state.\n The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696) This update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-01-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : systemd (openSUSE-2019-98)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2018-6954"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsystemd0", "p-cpe:/a:novell:opensuse:libsystemd0-32bit", "p-cpe:/a:novell:opensuse:libsystemd0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsystemd0-debuginfo", "p-cpe:/a:novell:opensuse:libsystemd0-mini", "p-cpe:/a:novell:opensuse:libsystemd0-mini-debuginfo", "p-cpe:/a:novell:opensuse:libudev-devel", "p-cpe:/a:novell:opensuse:libudev-devel-32bit", "p-cpe:/a:novell:opensuse:libudev-mini-devel", "p-cpe:/a:novell:opensuse:libudev-mini1", "p-cpe:/a:novell:opensuse:libudev-mini1-debuginfo", "p-cpe:/a:novell:opensuse:libudev1", "p-cpe:/a:novell:opensuse:libudev1-32bit", "p-cpe:/a:novell:opensuse:libudev1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libudev1-debuginfo", "p-cpe:/a:novell:opensuse:nss-myhostname", "p-cpe:/a:novell:opensuse:nss-myhostname-32bit", "p-cpe:/a:novell:opensuse:nss-myhostname-32bit-debuginfo", "p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo", "p-cpe:/a:novell:opensuse:nss-mymachines", "p-cpe:/a:novell:opensuse:nss-mymachines-32bit", "p-cpe:/a:novell:opensuse:nss-mymachines-32bit-debuginfo", "p-cpe:/a:novell:opensuse:nss-mymachines-debuginfo", "p-cpe:/a:novell:opensuse:nss-systemd", "p-cpe:/a:novell:opensuse:nss-systemd-debuginfo", "p-cpe:/a:novell:opensuse:systemd", "p-cpe:/a:novell:opensuse:systemd-32bit", "p-cpe:/a:novell:opensuse:systemd-32bit-debuginfo", "p-cpe:/a:novell:opensuse:systemd-bash-completion", "p-cpe:/a:novell:opensuse:systemd-container", "p-cpe:/a:novell:opensuse:systemd-container-debuginfo", "p-cpe:/a:novell:opensuse:systemd-coredump", "p-cpe:/a:novell:opensuse:systemd-coredump-debuginfo", "p-cpe:/a:novell:opensuse:systemd-debuginfo", "p-cpe:/a:novell:opensuse:systemd-debugsource", "p-cpe:/a:novell:opensuse:systemd-devel", "p-cpe:/a:novell:opensuse:systemd-logger", "p-cpe:/a:novell:opensuse:systemd-mini", "p-cpe:/a:novell:opensuse:systemd-mini-bash-completion", "p-cpe:/a:novell:opensuse:systemd-mini-container-mini", "p-cpe:/a:novell:opensuse:systemd-mini-container-mini-debuginfo", "p-cpe:/a:novell:opensuse:systemd-mini-coredump-mini", "p-cpe:/a:novell:opensuse:systemd-mini-coredump-mini-debuginfo", "p-cpe:/a:novell:opensuse:systemd-mini-debuginfo", "p-cpe:/a:novell:opensuse:systemd-mini-debugsource", "p-cpe:/a:novell:opensuse:systemd-mini-devel", "p-cpe:/a:novell:opensuse:systemd-mini-sysvinit", "p-cpe:/a:novell:opensuse:systemd-sysvinit", "p-cpe:/a:novell:opensuse:udev", "p-cpe:/a:novell:opensuse:udev-debuginfo", "p-cpe:/a:novell:opensuse:udev-mini", "p-cpe:/a:novell:opensuse:udev-mini-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-98.NASL", "href": "https://www.tenable.com/plugins/nessus/121464", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-98.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121464);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\", \"CVE-2018-6954\");\n\n script_name(english:\"openSUSE Security Update : systemd (openSUSE-2019-98)\");\n script_summary(english:\"Check for the openSUSE-2019-98 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\n - CVE-2018-16864, CVE-2018-16865: Fixed two memory\n corruptions through attacker-controlled alloca()s\n (bsc#1120323)\n\n - CVE-2018-16866: Fixed an information leak in journald\n (bsc#1120323)\n\n - CVE-2018-6954: Fix mishandling of symlinks present in\n non-terminal path components (bsc#1080919)\n\n - Fixed an issue during system startup in relation to\n encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed :\n\n - pam_systemd: Fix 'Cannot create session: Already running\n in a session' (bsc#1111498)\n\n - systemd-vconsole-setup: vconsole setup fails, fonts will\n not be copied to tty (bsc#1114933)\n\n - systemd-tmpfiles-setup: symlinked /tmp to /var/tmp\n breaking multiple units (bsc#1045723)\n\n - Fixed installation issue with /etc/machine-id during\n update (bsc#1117063)\n\n - btrfs: qgroups are assigned to parent qgroups after\n reboot (bsc#1093753)\n\n - logind: Stop managing VT switches if no sessions are\n registered on that VT. (bsc#1101591)\n\n - udev: Downgrade message when settting inotify watch up\n fails. (bsc#1005023)\n\n - udev: Ignore the exit code of systemd-detect-virt for\n memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules\n has a memory hot-add rule that uses systemd-detect-virt\n to detect non-zvm environment. The systemd-detect-virt\n returns exit failure code when it detected _none_ state.\n The exit failure code causes that the hot-add memory\n block can not be set to online. (bsc#1076696) This\n update was imported from the SUSE:SLE-15:Update update\n project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1045723\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1076696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1080919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1093753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120323\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected systemd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-container-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-coredump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-coredump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-container-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-container-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-coredump-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-coredump-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsystemd0-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsystemd0-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsystemd0-mini-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsystemd0-mini-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev-devel-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev-mini-devel-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev-mini1-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev-mini1-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev1-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev1-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-myhostname-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-myhostname-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-mymachines-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-mymachines-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-systemd-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-systemd-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-bash-completion-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-container-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-container-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-coredump-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-coredump-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-debugsource-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-devel-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-logger-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-bash-completion-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-container-mini-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-container-mini-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-coredump-mini-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-coredump-mini-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-debugsource-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-devel-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-sysvinit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-sysvinit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"udev-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"udev-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"udev-mini-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"udev-mini-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libudev-devel-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libudev1-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libudev1-32bit-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"nss-mymachines-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"nss-mymachines-32bit-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"systemd-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"systemd-32bit-debuginfo-234-lp150.20.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsystemd0-mini / libsystemd0-mini-debuginfo / libudev-mini-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:21:17", "description": "The remote host is affected by the vulnerability described in GLSA-201903-07 (systemd: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details.\n Impact :\n\n An attacker could cause a Denial of Service condition or possibly execute arbitrary code.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2019-03-11T00:00:00", "type": "nessus", "title": "GLSA-201903-07 : systemd: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2019-6454"], "modified": "2020-02-05T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:systemd", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201903-07.NASL", "href": "https://www.tenable.com/plugins/nessus/122735", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-07.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122735);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/05\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\", \"CVE-2019-6454\");\n script_xref(name:\"GLSA\", value:\"201903-07\");\n\n script_name(english:\"GLSA-201903-07 : systemd: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-07\n(systemd: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in systemd. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n An attacker could cause a Denial of Service condition or possibly\n execute arbitrary code.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All systemd users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/systemd-239-r4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16865\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"sys-apps/systemd\", unaffected:make_list(\"ge 239-r4\"), vulnerable:make_list(\"lt 239-r4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:53", "description": "This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\nCVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)\n\nCVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\nCVE-2018-6954: Fix mishandling of symlinks present in non-terminal path components (bsc#1080919)\n\nFixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed: pam_systemd: Fix 'Cannot create session:\nAlready running in a session' (bsc#1111498)\n\nsystemd-vconsole-setup: vconsole setup fails, fonts will not be copied to tty (bsc#1114933)\n\nsystemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple units (bsc#1045723)\n\nFixed installation issue with /etc/machine-id during update (bsc#1117063)\n\nbtrfs: qgroups are assigned to parent qgroups after reboot (bsc#1093753)\n\nlogind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)\n\nudev: Downgrade message when settting inotify watch up fails.\n(bsc#1005023)\n\nudev: Ignore the exit code of systemd-detect-virt for memory hot-add.\nIn SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state. The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-22T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:0137-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2018-6954"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsystemd0", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-mini", "p-cpe:/a:novell:suse_linux:libsystemd0-mini-debuginfo", "p-cpe:/a:novell:suse_linux:libudev-devel", "p-cpe:/a:novell:suse_linux:libudev-mini-devel", "p-cpe:/a:novell:suse_linux:libudev-mini1", "p-cpe:/a:novell:suse_linux:libudev-mini1-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1", "p-cpe:/a:novell:suse_linux:libudev1-32bit", "p-cpe:/a:novell:suse_linux:libudev1-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo", "p-cpe:/a:novell:suse_linux:nss-myhostname", "p-cpe:/a:novell:suse_linux:nss-myhostname-debuginfo", "p-cpe:/a:novell:suse_linux:nss-mymachines", "p-cpe:/a:novell:suse_linux:nss-mymachines-debuginfo", "p-cpe:/a:novell:suse_linux:nss-systemd", "p-cpe:/a:novell:suse_linux:nss-systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd", "p-cpe:/a:novell:suse_linux:systemd-32bit", "p-cpe:/a:novell:suse_linux:systemd-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-container", "p-cpe:/a:novell:suse_linux:systemd-container-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-coredump", "p-cpe:/a:novell:suse_linux:systemd-coredump-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debugsource", "p-cpe:/a:novell:suse_linux:systemd-devel", "p-cpe:/a:novell:suse_linux:systemd-logger", "p-cpe:/a:novell:suse_linux:systemd-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-container-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-container-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-debugsource", "p-cpe:/a:novell:suse_linux:systemd-mini-devel", "p-cpe:/a:novell:suse_linux:systemd-mini-sysvinit", "p-cpe:/a:novell:suse_linux:systemd-sysvinit", "p-cpe:/a:novell:suse_linux:udev", "p-cpe:/a:novell:suse_linux:udev-debuginfo", "p-cpe:/a:novell:suse_linux:udev-mini", "p-cpe:/a:novell:suse_linux:udev-mini-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-0137-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121304", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0137-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121304);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\", \"CVE-2018-6954\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:0137-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\nCVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through\nattacker-controlled alloca()s (bsc#1120323)\n\nCVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\nCVE-2018-6954: Fix mishandling of symlinks present in non-terminal\npath components (bsc#1080919)\n\nFixed an issue during system startup in relation to encrypted swap\ndisks (bsc#1119971)\n\nNon-security issues fixed: pam_systemd: Fix 'Cannot create session:\nAlready running in a session' (bsc#1111498)\n\nsystemd-vconsole-setup: vconsole setup fails, fonts will not be copied\nto tty (bsc#1114933)\n\nsystemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple\nunits (bsc#1045723)\n\nFixed installation issue with /etc/machine-id during update\n(bsc#1117063)\n\nbtrfs: qgroups are assigned to parent qgroups after reboot\n(bsc#1093753)\n\nlogind: Stop managing VT switches if no sessions are registered on\nthat VT. (bsc#1101591)\n\nudev: Downgrade message when settting inotify watch up fails.\n(bsc#1005023)\n\nudev: Ignore the exit code of systemd-detect-virt for memory hot-add.\nIn SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that\nuses systemd-detect-virt to detect non-zvm environment. The\nsystemd-detect-virt returns exit failure code when it detected _none_\nstate. The exit failure code causes that the hot-add memory block can\nnot be set to online. (bsc#1076696)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045723\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1080919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16864/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16865/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16866/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-6954/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190137-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f97bddbc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-137=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-137=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-myhostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-myhostname-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-mymachines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-mymachines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-container-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-coredump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-coredump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-container-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-container-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-mini-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-mini1-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-mini1-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev1-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev1-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-myhostname-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-myhostname-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-mymachines-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-mymachines-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-systemd-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-systemd-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-container-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-container-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-coredump-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-coredump-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-debugsource-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-logger-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-container-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-container-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-debugsource-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-sysvinit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-sysvinit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-mini-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-mini1-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-mini1-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev1-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev1-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-myhostname-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-myhostname-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-mymachines-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-mymachines-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-systemd-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-systemd-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-container-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-container-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-coredump-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-coredump-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-debugsource-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-logger-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-container-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-container-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-debugsource-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-sysvinit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-sysvinit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-mini-debuginfo-234-24.20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:03", "description": "This update for openssl fixes the following issues :\n\nCVE-2018-0732: Reject excessively large primes in DH key generation (bsc#1097158)\n\nCVE-2018-0734: Timing vulnerability in DSA signature generation (bsc#1113652)\n\nCVE-2018-0737: Cache timing vulnerability in RSA Key Generation (bsc#1089039)\n\nCVE-2018-5407: Elliptic curve scalar multiplication timing attack defenses (fixes 'PortSmash') (bsc#1113534)\n\nCVE-2019-1559: Fix 0-byte record padding oracle via SSL_shutdown (bsc#1127080)\n\nFix One&Done side-channel attack on RSA (bsc#1104789)\n\nReject invalid EC point coordinates (bsc#1131291)\n\nThe 9 Lives of Bleichenbacher's CAT: Cache ATtacks on TLS Implementations (bsc#1117951)\n\nAdd missing error string to CVE-2016-8610 fix (bsc#1110018#c9)\n\nblinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)\n\nNon security fixes: correct the error detection in the fips patch (bsc#1106197)\n\nAdd openssl(cli) Provide so the packages that require the openssl binary can require this instead of the new openssl meta package (bsc#1101470)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-06-19T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : openssl (SUSE-SU-2019:1553-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8610", "CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0737", "CVE-2018-5407&quo