## Summary
Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance.
## Vulnerability Details
**CVEID:** [_CVE-2015-1819_](<https://vulners.com/cve/CVE-2015-1819>)
**DESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base Score: 5.3
CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
**CVEID:** [_CVE-2015-5600_](<https://vulners.com/cve/CVE-2015-5600>)**
DESCRIPTION:** OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication mechanism that allows successive authentications that exceed the MaxAuthTries setting. An attacker could exploit this vulnerability using brute-force techniques to crack the victim's password.
CVSS Base Score: 4
CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104877_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104877>) for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
**CVEID:** [_CVE-2015-7183_](<https://vulners.com/cve/CVE-2015-7183>)
**DESCRIPTION:** Mozilla Firefox is vulnerable to a denial of service, caused by an integer overflow in the Netscape Portable Runtime (NSPR) in PL_ARENA_ALLOCATE. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to cause the application to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107816_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107816>) for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
**CVEID:** [_CVE-2015-7181_](<https://vulners.com/cve/CVE-2015-7181>)
**DESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-poison in the sec_asn1d_parse_leaf() function. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVSS Base Score: 8.8
CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107814_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107814>) for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
**CVEID:** [_CVE-2015-7182_](<https://vulners.com/cve/CVE-2015-7182>)
**DESCRIPTION:** Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when decoding constructed OCTET STRING. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 8.8
CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107815_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107815>) for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
## Affected Products and Versions
IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance
## Remediation/Fixes
If you are running IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance, contact [_IBM support_](<https://www-947.ibm.com/support/servicerequest/newServiceRequest.action>).
##
{"id": "AD4937D18C8A9E735B7C1F011C45A2FCB0DC33D764CF91595734E6C29B01C5E0", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-1819, CVE-2015-5600, CVE-2015-7183, CVE-2015-7181, CVE-2015-7182)", "description": "## Summary\n\nMultiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<https://vulners.com/cve/CVE-2015-1819>) \n**DESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [_CVE-2015-5600_](<https://vulners.com/cve/CVE-2015-5600>)** \nDESCRIPTION:** OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication mechanism that allows successive authentications that exceed the MaxAuthTries setting. An attacker could exploit this vulnerability using brute-force techniques to crack the victim's password. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104877_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104877>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [_CVE-2015-7183_](<https://vulners.com/cve/CVE-2015-7183>) \n**DESCRIPTION:** Mozilla Firefox is vulnerable to a denial of service, caused by an integer overflow in the Netscape Portable Runtime (NSPR) in PL_ARENA_ALLOCATE. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107816_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107816>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n**CVEID:** [_CVE-2015-7181_](<https://vulners.com/cve/CVE-2015-7181>) \n**DESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-poison in the sec_asn1d_parse_leaf() function. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107814_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107814>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n**CVEID:** [_CVE-2015-7182_](<https://vulners.com/cve/CVE-2015-7182>) \n**DESCRIPTION:** Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when decoding constructed OCTET STRING. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107815_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107815>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance\n\n## Remediation/Fixes\n\nIf you are running IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance, contact [_IBM support_](<https://www-947.ibm.com/support/servicerequest/newServiceRequest.action>).\n\n## ", "published": "2018-06-17T22:32:50", "modified": "2018-06-17T22:32:50", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 7.8, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://www.ibm.com/support/pages/node/619225", "reporter": "IBM", "references": [], "cvelist": ["CVE-2015-1819", "CVE-2015-5600", "CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "immutableFields": [], "lastseen": "2023-02-21T21:56:14", "viewCount": 33, "enchantments": {"score": {"value": 2.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2015-608", "ALAS-2015-625", "ALAS-2015-628", "ALAS2-2019-1220"]}, {"type": "apple", "idList": ["APPLE:30DAD52FE6873B43EFC82661563B56D6", "APPLE:73A5DE43E262286D306BB143FE6D4F15", "APPLE:781D931DB9B2E3B8255557FD7BF0D6F8", "APPLE:87561C7576B031D8E8098D98D5BACF41", "APPLE:HT206166", "APPLE:HT206167", "APPLE:HT206168", "APPLE:HT206169"]}, {"type": "archlinux", "idList": ["ASA-201507-17", "ASA-201511-2", "ASA-201511-3", "ASA-201511-4", "ASA-201512-6"]}, {"type": "centos", "idList": ["CESA-2015:1419", "CESA-2015:1980", "CESA-2015:1981", "CESA-2015:2088", "CESA-2015:2550", "CESA-2016:0466"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2015-1194"]}, {"type": "chrome", "idList": ["GCSA-6202249537217802204"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:28883491CAD3C04ED61F2AE814DD1633"]}, {"type": "cve", "idList": ["CVE-2015-1819", "CVE-2015-5600", "CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1500-1:E6BD7", "DEBIAN:DLA-266-1:8DFA3", "DEBIAN:DLA-266-1:D0AB4", "DEBIAN:DLA-288-1:31147", "DEBIAN:DLA-288-1:36C61", "DEBIAN:DLA-288-2:68C70", "DEBIAN:DLA-288-2:B65D2", "DEBIAN:DLA-344-1:06D89", "DEBIAN:DLA-354-1:44D8A", "DEBIAN:DLA-480-1:4EC2A", "DEBIAN:DSA-3393-1:1B40E", "DEBIAN:DSA-3406-1:46642", "DEBIAN:DSA-3410-1:624AB", "DEBIAN:DSA-3430-1:21018", "DEBIAN:DSA-3430-1:A974A", "DEBIAN:DSA-3688-1:3F736"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-1819", "DEBIANCVE:CVE-2015-5600", "DEBIANCVE:CVE-2015-7181", "DEBIANCVE:CVE-2015-7182", "DEBIANCVE:CVE-2015-7183"]}, {"type": "f5", "idList": ["F5:K17113", "F5:K31372672", "SOL17113", "SOL31372672"]}, {"type": "fedora", "idList": ["FEDORA:146EF61A1014", "FEDORA:27BE8609204C", "FEDORA:2E88760877A1", "FEDORA:454A0601DA33", "FEDORA:4959A6092042", "FEDORA:5CE3E6118DC1", "FEDORA:7B66961B84A2"]}, {"type": "freebsd", "idList": ["5B74A5BC-348F-11E5-BA05-C80AA9043978", "9C7177FF-1FE1-11E5-9A01-BCAEC565249C", "9D04936C-75F1-4A2C-9ADE-4C1708BE5DF9"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-15:16.OPENSSH"]}, {"type": "gentoo", "idList": ["GLSA-201507-08", "GLSA-201512-04", "GLSA-201512-10", "GLSA-201605-06", "GLSA-201701-37"]}, {"type": "github", "idList": ["GHSA-Q7WX-62R7-J2X7"]}, {"type": "ibm", "idList": ["0077581D1D7A23A629EFE54E1E57A0DC515E246397915856CEBC23F7659EACBB", "0840225027FABDA459826FFEB2567F962694C590B4289850C4F762651A17B943", "0DCD9ACCB7D7E63C07AF13F2863C1CF1814C736C4EC36EFBC550DE8540180B4C", "1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "272A70EAB7832A1CA1419E5AF531A4920BA199872E0D365408A139F34D31075E", "2EFA761D58F0D7141C702194752C3FC6082E24B56AF4D50FDDDCE3EADBD675E9", "3B19E0871CEE70A970574559FDC5AE00438D2E528DE6C532C9CB9113C291D887", "4EB6375AC60D18EF5D589BC88A70CB0698048440611BD71DE666FEA37A17ED94", "52BACDC88952FDDA0E2AD245BFF0C77AD954ADED8187759D72D88112EE7DF7F4", "6082EF9EEC65FC8C759FD4BD5D61B617F34A710731C703A12F4C0E537B571626", "690C2F6BB9DF8108C4313BCCC3CCCF4E022A569CF9AD4E03977A2BBC5B434347", "6AF96EB050013ED48F68D92BD7F0D2CD31479E1E62B5EF9DE3391683EC76A4BD", "7560D437DD0C0AD308430AD43B3F94576F228230126D44A08B79DFF991CA82E0", "76E57CEF5B52280F24F03546152B520C29370EE8F65604719A437DFC5B9D68FF", "89257A9062FB5478B817FD1D0B21510D31D1A39427F3EFCD4545A41253582842", "94ADF9C910A362467000D0DD8590BD5C24E2AED265E1E3B9AB7A109A4D0AF94F", "9FD738448ACD93F4450A43269B40F6F0A44AE4531A251D9858867B18DD433AE4", "BBAF4A8874B4E6550EACD53B3B3956D87F91956BE43B6AC0570EF1AE5320225C", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D4D9239D39380DAAAF0663AA50B7560152F0E3980E2EE27DD40046B16E4D33B3", "D911317A5AB78973EC0BCDD274D56A8146D89345FD34F13DAEEC08B6503FEAE0", "DA397208480BF22F3663AEF7351712B08712E0F7382D4509AEEE6D701337BB9C", "DAE66C3F24DC9C9F32A4918C846A8F515A6E526CE6B4F5F2BBF09EFE18B62398", "ECAE9C428E6921780DCBD019FD8DB249F90FAE52B7CDFC11A8FDE3AB81842108", "EDF4B5A27866764F46339E29215E0B00F97C916965ECE1597B9CD93AA0C2F432", "F5F7933E4670518D029E646B3B5F66B6C322058A1D1D30AD54B208AD8D95B0DE", "F896F68C7FFACDDB09C9DBD62E569EE7D8DBD1674F16A5042E8227ACAC04BC8A", "FC6C4426C76B592E968FD3C9EA26406E90FB3C95C30F68EC9CCD547D24485997"]}, {"type": "kaspersky", "idList": ["KLA10689", "KLA10744"]}, {"type": "mageia", "idList": ["MGASA-2015-0295", "MGASA-2015-0358", "MGASA-2015-0427"]}, {"type": "mozilla", "idList": ["MFSA2015-133"]}, {"type": "nessus", "idList": ["8981.PRM", "9018.PRM", "9151.PRM", "9309.PRM", "9327.PRM", "9331.PRM", "9336.PRM", "AL2_ALAS-2019-1220.NASL", "ALA_ALAS-2015-608.NASL", "ALA_ALAS-2015-625.NASL", "ALA_ALAS-2015-628.NASL", "APPLETV_9_2.NASL", "APPLE_IOS_93_CHECK.NBIN", "CENTOS_RHSA-2015-1419.NASL", "CENTOS_RHSA-2015-1980.NASL", "CENTOS_RHSA-2015-1981.NASL", "CENTOS_RHSA-2015-2088.NASL", "CENTOS_RHSA-2015-2550.NASL", "CENTOS_RHSA-2016-0466.NASL", "DEBIAN_DLA-266.NASL", "DEBIAN_DLA-288.NASL", "DEBIAN_DLA-344.NASL", "DEBIAN_DLA-354.NASL", "DEBIAN_DLA-480.NASL", "DEBIAN_DSA-3393.NASL", "DEBIAN_DSA-3406.NASL", "DEBIAN_DSA-3410.NASL", "DEBIAN_DSA-3430.NASL", "DEBIAN_DSA-3688.NASL", "F5_BIGIP_SOL17113.NASL", "F5_BIGIP_SOL31372672.NASL", "FEDORA_2015-037F844D3E.NASL", "FEDORA_2015-11981.NASL", "FEDORA_2015-13469.NASL", "FEDORA_2015-C24AF963A2.NASL", "FREEBSD_PKG_5B74A5BC348F11E5BA05C80AA9043978.NASL", "FREEBSD_PKG_9C7177FF1FE111E59A01BCAEC565249C.NASL", "FREEBSD_PKG_9D04936C75F14A2C9ADE4C1708BE5DF9.NASL", "GENTOO_GLSA-201507-08.NASL", "GENTOO_GLSA-201512-04.NASL", "GENTOO_GLSA-201512-10.NASL", "GENTOO_GLSA-201605-06.NASL", "GENTOO_GLSA-201701-37.NASL", "GLASSFISH_CPU_APR_2016.NASL", "IPLANET_WEB_PROXY_4_0_27.NASL", "MACOSX_10_10_5.NASL", "MACOSX_10_11_4.NASL", "MACOSX_FIREFOX_38_4_ESR.NASL", "MACOSX_FIREFOX_42.NASL", "MACOSX_SECUPD2016-002.NASL", "MACOSX_THUNDERBIRD_38_4.NASL", "MOZILLA_FIREFOX_38_4_ESR.NASL", "MOZILLA_FIREFOX_42.NASL", "MOZILLA_THUNDERBIRD_38_4.NASL", "NEWSTART_CGSL_NS-SA-2019-0146_OPENSSH-LATEST.NASL", "OPENSSH_70.NASL", "OPENSSH_MAXAUTHTRIES_BRUTEFORCE.NASL", "OPENSUSE-2015-718.NASL", "OPENSUSE-2015-877.NASL", "OPENSUSE-2015-885.NASL", "OPENSUSE-2015-959.NASL", "OPENSUSE-2016-32.NASL", "ORACLELINUX_ELSA-2015-1419.NASL", "ORACLELINUX_ELSA-2015-1980.NASL", "ORACLELINUX_ELSA-2015-1981.NASL", "ORACLELINUX_ELSA-2015-2088.NASL", "ORACLELINUX_ELSA-2015-2550.NASL", "ORACLELINUX_ELSA-2016-0466.NASL", "ORACLELINUX_ELSA-2016-3531.NASL", "ORACLEVM_OVMSA-2015-0097.NASL", "ORACLEVM_OVMSA-2015-0145.NASL", "ORACLEVM_OVMSA-2016-0038.NASL", "ORACLEVM_OVMSA-2016-0065.NASL", "ORACLEVM_OVMSA-2016-0066.NASL", "ORACLEVM_OVMSA-2016-0070.NASL", "PFSENSE_SA-15_08.NASL", "REDHAT-RHSA-2015-1419.NASL", "REDHAT-RHSA-2015-1980.NASL", "REDHAT-RHSA-2015-1981.NASL", "REDHAT-RHSA-2015-2068.NASL", "REDHAT-RHSA-2015-2088.NASL", "REDHAT-RHSA-2015-2550.NASL", "REDHAT-RHSA-2016-0466.NASL", "SLACKWARE_SSA_2015-310-02.NASL", "SL_20150722_LIBXML2_ON_SL6_X.NASL", "SL_20151104_NSS_AND_NSPR_ON_SL5_X.NASL", "SL_20151104_NSS__NSS_UTIL__AND_NSPR_ON_SL6_X.NASL", "SL_20151119_OPENSSH_ON_SL7_X.NASL", "SL_20151207_LIBXML2_ON_SL7_X.NASL", "SL_20160321_OPENSSH_ON_SL6_X.NASL", "SUN_JAVA_WEB_SERVER_7_0_23.NASL", "SUSE_SU-2015-1544-1.NASL", "SUSE_SU-2015-1547-1.NASL", "SUSE_SU-2015-1547-2.NASL", "SUSE_SU-2015-1581-1.NASL", "SUSE_SU-2015-1695-1.NASL", "SUSE_SU-2015-1840-1.NASL", "SUSE_SU-2015-1926-1.NASL", "SUSE_SU-2015-1978-1.NASL", "SUSE_SU-2015-1981-1.NASL", "SUSE_SU-2015-2081-1.NASL", "SUSE_SU-2016-0030-1.NASL", "SUSE_SU-2016-0049-1.NASL", "UBUNTU_USN-2710-1.NASL", "UBUNTU_USN-2710-2.NASL", "UBUNTU_USN-2785-1.NASL", "UBUNTU_USN-2790-1.NASL", "UBUNTU_USN-2791-1.NASL", "UBUNTU_USN-2812-1.NASL", "UBUNTU_USN-2819-1.NASL", "VIRTUALBOX_5_0_10.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310106046", "OPENVAS:1361412562310120598", "OPENVAS:1361412562310120615", "OPENVAS:1361412562310120618", "OPENVAS:1361412562310121389", "OPENVAS:1361412562310121426", "OPENVAS:1361412562310121432", "OPENVAS:1361412562310122725", "OPENVAS:1361412562310122727", "OPENVAS:1361412562310122744", "OPENVAS:1361412562310122794", "OPENVAS:1361412562310122921", "OPENVAS:1361412562310123052", "OPENVAS:1361412562310130031", "OPENVAS:1361412562310130083", "OPENVAS:1361412562310131115", "OPENVAS:1361412562310703393", "OPENVAS:1361412562310703406", "OPENVAS:1361412562310703410", "OPENVAS:1361412562310703430", "OPENVAS:1361412562310703688", "OPENVAS:1361412562310806052", "OPENVAS:1361412562310806550", "OPENVAS:1361412562310806551", "OPENVAS:1361412562310806552", "OPENVAS:1361412562310806553", "OPENVAS:1361412562310806693", "OPENVAS:1361412562310806695", "OPENVAS:1361412562310806792", "OPENVAS:1361412562310807565", "OPENVAS:1361412562310807635", "OPENVAS:1361412562310807636", "OPENVAS:1361412562310842409", "OPENVAS:1361412562310842418", "OPENVAS:1361412562310842511", "OPENVAS:1361412562310842512", "OPENVAS:1361412562310842513", "OPENVAS:1361412562310842535", "OPENVAS:1361412562310842545", "OPENVAS:1361412562310851131", "OPENVAS:1361412562310851132", "OPENVAS:1361412562310869826", "OPENVAS:1361412562310869829", "OPENVAS:1361412562310869834", "OPENVAS:1361412562310869875", "OPENVAS:1361412562310869911", "OPENVAS:1361412562310871411", "OPENVAS:1361412562310871468", "OPENVAS:1361412562310871469", "OPENVAS:1361412562310871506", "OPENVAS:1361412562310871514", "OPENVAS:1361412562310871579", "OPENVAS:1361412562310882310", "OPENVAS:1361412562310882313", "OPENVAS:1361412562310882314", "OPENVAS:1361412562310882315", "OPENVAS:1361412562310882316", "OPENVAS:1361412562310882317", "OPENVAS:1361412562310882318", "OPENVAS:1361412562310882321", "OPENVAS:1361412562310882431", "OPENVAS:1361412562310891500", "OPENVAS:703393", "OPENVAS:703406", "OPENVAS:703410", "OPENVAS:703430", "OPENVAS:703688"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2016V3", "ORACLE:CPUJAN2016", "ORACLE:CPUJUL2016", "ORACLE:CPUJUL2018", "ORACLE:CPUOCT2017"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1419", "ELSA-2015-1980", "ELSA-2015-1981", "ELSA-2015-2088", "ELSA-2015-2550", "ELSA-2016-0466", "ELSA-2016-3531"]}, {"type": "osv", "idList": ["OSV:DLA-1500-1", "OSV:DLA-1500-2", "OSV:DLA-266-1", "OSV:DLA-288-1", "OSV:DLA-288-2", "OSV:DLA-344-1", "OSV:DLA-354-1", "OSV:DLA-480-1", "OSV:DSA-3393-1", "OSV:DSA-3406-1", "OSV:DSA-3410-1", "OSV:DSA-3430-1", "OSV:DSA-3688-1", "OSV:GHSA-Q7WX-62R7-J2X7"]}, {"type": "redhat", "idList": ["RHSA-2015:1419", "RHSA-2015:1980", "RHSA-2015:1981", "RHSA-2015:2068", "RHSA-2015:2088", "RHSA-2015:2550", "RHSA-2016:0466"]}, {"type": "rubygems", "idList": ["RUBY:NOKOGIRI-2015-1819"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32378", "SECURITYVULNS:DOC:32390", "SECURITYVULNS:VULN:14614", "SECURITYVULNS:VULN:14630"]}, {"type": "slackware", "idList": ["SSA-2015-310-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:1942-1", "SUSE-SU-2015:1581-1", "SUSE-SU-2015:1926-1", "SUSE-SU-2015:1978-1", "SUSE-SU-2015:1981-1", "SUSE-SU-2015:2081-1", "SUSE-SU-2016:0786-1"]}, {"type": "symantec", "idList": ["SMNTC-1337", "SMNTC-1355"]}, {"type": "ubuntu", "idList": ["USN-2710-1", "USN-2710-2", "USN-2785-1", "USN-2790-1", "USN-2791-1", "USN-2812-1", "USN-2819-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-1819", "UB:CVE-2015-5600", "UB:CVE-2015-7181", "UB:CVE-2015-7182", "UB:CVE-2015-7183"]}]}, "affected_software": {"major_version": [{"name": "ibm service agility accelerator for cloud", "version": 2}]}, "epss": [{"cve": "CVE-2015-1819", "epss": "0.027670000", "percentile": "0.889620000", "modified": "2023-03-20"}, {"cve": "CVE-2015-5600", "epss": "0.190810000", "percentile": "0.954440000", "modified": "2023-03-20"}, {"cve": "CVE-2015-7181", "epss": "0.073260000", "percentile": "0.929950000", "modified": "2023-03-20"}, {"cve": "CVE-2015-7182", "epss": "0.012750000", "percentile": "0.835860000", "modified": "2023-03-20"}, {"cve": "CVE-2015-7183", "epss": "0.087740000", "percentile": "0.934980000", "modified": "2023-03-20"}], "vulnersScore": 2.0}, "_state": {"score": 1684017862, "dependencies": 1677016768, "affected_software_major_version": 1677394894, "epss": 1679361349}, "_internal": {"score_hash": "918ac4186dd81cce029a1f04e2880d49"}, "affectedSoftware": [{"version": "2.1", "operator": "eq", "name": "ibm service agility accelerator for cloud"}]}
{"openvas": [{"lastseen": "2019-05-29T18:36:27", "description": "Check the version of nspr", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "CentOS Update for nspr CESA-2015:1981 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882313", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882313", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nspr CESA-2015:1981 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882313\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:16:03 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nspr CESA-2015:1981 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of nspr\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed\nnspr packages to completely resolve the CVE-2015-7183 issue. This erratum\nincludes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"nspr on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1981\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-November/021469.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.8~2.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.8~2.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:00:10", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-11-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-608)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120598", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120598", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120598\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-11-08 13:11:00 +0200 (Sun, 08 Nov 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-608)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the Network Security Services (NSS). Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update nspr to update your system.\n\nRun yum update nss-util to update your system.\n\nRun yum update nss to update your system.\n\nRun yum update jss to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-608.html\");\n script_cve_id(\"CVE-2015-7183\", \"CVE-2015-7182\", \"CVE-2015-7181\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"nspr-debuginfo\", rpm:\"nspr-debuginfo~4.10.8~2.35.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.8~2.35.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.8~2.35.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.19.1~4.47.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~4.47.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~4.47.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~7.74.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.19.1~7.74.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~7.74.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~7.74.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~7.74.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~7.74.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"jss\", rpm:\"jss~4.2.6~35.17.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"jss-javadoc\", rpm:\"jss-javadoc~4.2.6~35.17.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"jss-debuginfo\", rpm:\"jss-debuginfo~4.2.6~35.17.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "RedHat Update for nss and nspr RHSA-2015:1980-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871469", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871469", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for nss and nspr RHSA-2015:1980-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871469\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:14:44 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for nss and nspr RHSA-2015:1980-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss and nspr'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss and nspr users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"nss and nspr on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1980-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-November/msg00004.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.8~2.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-debuginfo\", rpm:\"nspr-debuginfo~4.10.8~2.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.8~2.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~2.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.19.1~2.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~2.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~2.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~2.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:30", "description": "Check the version of nss", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "CentOS Update for nss CESA-2015:1981 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882315", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882315", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss CESA-2015:1981 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882315\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:16:11 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss CESA-2015:1981 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of nss\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed\nnspr packages to completely resolve the CVE-2015-7183 issue. This erratum\nincludes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"nss on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1981\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-November/021466.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~7.el7_1.2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~7.el7_1.2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~7.el7_1.2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~7.el7_1.2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~7.el7_1.2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "RedHat Update for nss, nss-util, and nspr RHSA-2015:1981-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871468", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871468", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for nss, nss-util, and nspr RHSA-2015:1981-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871468\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:14:41 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for nss, nss-util, and nspr RHSA-2015:1981-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss, nss-util, and nspr'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed\nnspr packages to completely resolve the CVE-2015-7183 issue. This erratum\nincludes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"nss, nss-util, and nspr on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1981-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-November/msg00005.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.8~2.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-debuginfo\", rpm:\"nspr-debuginfo~4.10.8~2.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.8~2.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~7.el7_1.2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.19.1~7.el7_1.2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~7.el7_1.2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~7.el7_1.2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~7.el7_1.2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~4.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.19.1~4.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~4.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.8~2.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-debuginfo\", rpm:\"nspr-debuginfo~4.10.8~2.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.8~2.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~5.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.19.1~5.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~5.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~5.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~5.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~2.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.19.1~2.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~2.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:28", "description": "Oracle Linux Local Security Checks ELSA-2015-1981", "cvss3": {}, "published": "2015-11-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1981", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122725", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122725", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1981.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122725\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-11-08 13:05:16 +0200 (Sun, 08 Nov 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1981\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1981 - nss, nss-util, and nspr security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1981\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1981.html\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.8~2.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.8~2.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~7.0.1.el7_1.2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~7.0.1.el7_1.2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~7.0.1.el7_1.2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~7.0.1.el7_1.2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~7.0.1.el7_1.2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~4.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~4.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.8~2.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.8~2.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~5.0.1.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~5.0.1.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~5.0.1.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~5.0.1.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~5.0.1.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~2.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~2.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:09", "description": "Check the version of nss-util", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "CentOS Update for nss-util CESA-2015:1981 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882310", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882310", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss-util CESA-2015:1981 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882310\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:15:48 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss-util CESA-2015:1981 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of nss-util\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed\nnspr packages to completely resolve the CVE-2015-7183 issue. This erratum\nincludes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"nss-util on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1981\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-November/021468.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~2.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~2.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:50", "description": "Oracle Linux Local Security Checks ELSA-2015-1980", "cvss3": {}, "published": "2015-11-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1980", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122727", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122727", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1980.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122727\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-11-08 13:05:17 +0200 (Sun, 08 Nov 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1980\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1980 - nss and nspr security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1980\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1980.html\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.8~2.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.8~2.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~2.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~2.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~2.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~2.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:23", "description": "Check the version of nss-util", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "CentOS Update for nss-util CESA-2015:1981 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882314", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882314", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss-util CESA-2015:1981 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882314\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:16:08 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss-util CESA-2015:1981 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of nss-util\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed\nnspr packages to completely resolve the CVE-2015-7183 issue. This erratum\nincludes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"nss-util on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1981\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-November/021465.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~4.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~4.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:52", "description": "Check the version of nss", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "CentOS Update for nss CESA-2015:1981 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882317", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882317", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss CESA-2015:1981 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882317\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:16:19 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss CESA-2015:1981 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of nss\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed\nnspr packages to completely resolve the CVE-2015-7183 issue. This erratum\nincludes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"nss on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1981\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-November/021470.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~5.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~5.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~5.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~5.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~5.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:05", "description": "Check the version of nss", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "CentOS Update for nss CESA-2015:1980 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882316", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882316", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss CESA-2015:1980 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882316\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:16:15 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss CESA-2015:1980 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of nss\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss and nspr users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"nss on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1980\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-November/021473.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~2.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~2.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~2.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~2.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "description": "Check the version of nspr", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "CentOS Update for nspr CESA-2015:1981 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882318", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882318", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nspr CESA-2015:1981 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882318\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:16:44 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nspr CESA-2015:1981 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of nspr\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed\nnspr packages to completely resolve the CVE-2015-7183 issue. This erratum\nincludes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"nspr on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1981\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-November/021464.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.8~2.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.8~2.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:24", "description": "Check the version of nspr", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "CentOS Update for nspr CESA-2015:1980 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882321", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882321", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nspr CESA-2015:1980 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882321\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:17:07 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nspr CESA-2015:1980 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of nspr\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss and nspr users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"nspr on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1980\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-November/021472.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.8~2.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.8~2.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "Ubuntu Update for nss USN-2791-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842513", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842513", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for nss USN-2791-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842513\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:17:42 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for nss USN-2791-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Tyson Smith and David Keeler discovered that\nNSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use\nthis issue to cause NSS to crash, resulting in a denial of service, or possibly\nexecute arbitrary code.\");\n script_tag(name:\"affected\", value:\"nss on Ubuntu 15.10,\n Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2791-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2791-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3:amd64\", ver:\"2:3.19.2.1-0ubuntu0.15.04.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3:i386\", ver:\"2:3.19.2.1-0ubuntu0.15.04.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3:amd64\", ver:\"2:3.19.2.1-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3:i386\", ver:\"2:3.19.2.1-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"3.19.2.1-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3:amd64\", ver:\"2:3.19.2.1-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3:i386\", ver:\"2:3.19.2.1-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "Ubuntu Update for nspr USN-2790-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7183"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842511", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842511", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for nspr USN-2790-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842511\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:17:23 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for nspr USN-2790-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nspr'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Ryan Sleevi discovered that NSPR incorrectly\nhandled memory allocation. A remote attacker could use this issue to cause NSPR to\ncrash, resulting in a denial of service, or possibly execute arbitrary code.\");\n script_tag(name:\"affected\", value:\"nspr on Ubuntu 15.10,\n Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2790-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2790-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnspr4:amd64\", ver:\"2:4.10.10-0ubuntu0.15.04.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4:i386\", ver:\"2:4.10.10-0ubuntu0.15.04.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnspr4:amd64\", ver:\"2:4.10.10-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4:i386\", ver:\"2:4.10.10-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnspr4\", ver:\"4.10.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnspr4:amd64\", ver:\"2:4.10.10-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4:i386\", ver:\"2:4.10.10-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:52:26", "description": "It was discovered that incorrect\nmemory allocation in the NetScape Portable Runtime library might result in\ndenial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2015-11-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3406-1 (nspr - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7183"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703406", "href": "http://plugins.openvas.org/nasl.php?oid=703406", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3406.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3406-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703406);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-7183\");\n script_name(\"Debian Security Advisory DSA 3406-1 (nspr - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-11-25 00:00:00 +0100 (Wed, 25 Nov 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3406.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"nspr on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 2:4.9.2-1+deb7u3.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2:4.10.7-1+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 2:4.10.10-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:4.10.10-1.\n\nWe recommend that you upgrade your nspr packages.\");\n script_tag(name: \"summary\", value: \"It was discovered that incorrect\nmemory allocation in the NetScape Portable Runtime library might result in\ndenial of service or the execution of arbitrary code.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libnspr4:amd64\", ver:\"2:4.9.2-1+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4:i386\", ver:\"2:4.9.2-1+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-0d:amd64\", ver:\"2:4.9.2-1+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-0d:i386\", ver:\"2:4.9.2-1+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dbg:amd64\", ver:\"2:4.9.2-1+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dbg:i386\", ver:\"2:4.9.2-1+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dev\", ver:\"2:4.9.2-1+deb7u3\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4:amd64\", ver:\"2:4.10.10-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4:i386\", ver:\"2:4.10.10-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-0d:amd64\", ver:\"2:4.10.10-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-0d:i386\", ver:\"2:4.10.10-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dbg:amd64\", ver:\"2:4.10.10-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dbg:i386\", ver:\"2:4.10.10-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dev\", ver:\"2:4.10.10-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4:amd64\", ver:\"2:4.10.7-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4:i386\", ver:\"2:4.10.7-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-0d:amd64\", ver:\"2:4.10.7-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-0d:i386\", ver:\"2:4.10.7-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dbg:amd64\", ver:\"2:4.10.7-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dbg:i386\", ver:\"2:4.10.7-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dev\", ver:\"2:4.10.7-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:00", "description": "It was discovered that incorrect\nmemory allocation in the NetScape Portable Runtime library might result in\ndenial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2015-11-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3406-1 (nspr - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7183"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703406", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703406", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3406.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3406-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703406\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2015-7183\");\n script_name(\"Debian Security Advisory DSA 3406-1 (nspr - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-25 00:00:00 +0100 (Wed, 25 Nov 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3406.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(7|9|8)\");\n script_tag(name:\"affected\", value:\"nspr on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 2:4.9.2-1+deb7u3.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2:4.10.7-1+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 2:4.10.10-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:4.10.10-1.\n\nWe recommend that you upgrade your nspr packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that incorrect\nmemory allocation in the NetScape Portable Runtime library might result in\ndenial of service or the execution of arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libnspr4:amd64\", ver:\"2:4.9.2-1+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4:i386\", ver:\"2:4.9.2-1+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-0d:amd64\", ver:\"2:4.9.2-1+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-0d:i386\", ver:\"2:4.9.2-1+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-dbg:amd64\", ver:\"2:4.9.2-1+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-dbg:i386\", ver:\"2:4.9.2-1+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-dev\", ver:\"2:4.9.2-1+deb7u3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4:amd64\", ver:\"2:4.10.10-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4:i386\", ver:\"2:4.10.10-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-0d:amd64\", ver:\"2:4.10.10-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-0d:i386\", ver:\"2:4.10.10-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-dbg:amd64\", ver:\"2:4.10.10-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-dbg:i386\", ver:\"2:4.10.10-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-dev\", ver:\"2:4.10.10-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4:amd64\", ver:\"2:4.10.7-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4:i386\", ver:\"2:4.10.7-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-0d:amd64\", ver:\"2:4.10.7-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-0d:i386\", ver:\"2:4.10.7-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-dbg:amd64\", ver:\"2:4.10.7-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-dbg:i386\", ver:\"2:4.10.7-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnspr4-dev\", ver:\"2:4.10.7-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:13", "description": "This host is installed with Oracle GlassFish\n Server is prone to denial of service vulnerability.", "cvss3": {}, "published": "2016-04-27T00:00:00", "type": "openvas", "title": "Oracle GlassFish Server Denial of Service Vulnerability April16", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7182"], "modified": "2018-10-29T00:00:00", "id": "OPENVAS:1361412562310807565", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807565", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_glassfish_server_dos_vuln_apr16.nasl 12153 2018-10-29 13:38:34Z cfischer $\n#\n# Oracle GlassFish Server Denial of Service Vulnerability April16\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:glassfish_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807565\");\n script_version(\"$Revision: 12153 $\");\n script_cve_id(\"CVE-2015-7182\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-29 14:38:34 +0100 (Mon, 29 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-04-27 10:47:16 +0530 (Wed, 27 Apr 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Oracle GlassFish Server Denial of Service Vulnerability April16\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle GlassFish\n Server is prone to denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to a heap-based buffer\n overflow error in Oracle GlassFish Server component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service (application crash) or possibly\n execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Oracle GlassFish Server version 2.1.1.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"GlassFish_detect.nasl\");\n script_mandatory_keys(\"GlassFish/installed\");\n script_require_ports(\"Services/www\", 8080, 8181, 4848);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!oraclePort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif (!oracleVer = get_app_version(cpe:CPE, port:oraclePort)){\n exit(0);\n}\n\nif (version_is_equal(version:oracleVer, test_version:\"2.1.1\")) {\n report = report_fixed_ver(installed_version:oracleVer, fixed_version:\"Apply the patch\");\n security_message(data:report, port:oraclePort);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-23T00:00:00", "type": "openvas", "title": "RedHat Update for libxml2 RHSA-2015:1419-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871411", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871411", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libxml2 RHSA-2015:1419-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871411\");\n script_version(\"$Revision: 12497 $\");\n script_cve_id(\"CVE-2015-1819\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-23 06:26:58 +0200 (Thu, 23 Jul 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for libxml2 RHSA-2015:1419-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxml2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The libxml2 library is a development toolbox providing the implementation\nof various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library parsed\ncertain XML files. An attacker could provide a specially crafted XML file\nthat, when parsed by an application using libxml2, could cause that\napplication to use an excessive amount of memory. (CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug:\n\nThis update fixes an error that occurred when running a test case for the\nserialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The desktop must be\nrestarted (log out, then log back in) for this update to take effect.\");\n script_tag(name:\"affected\", value:\"libxml2 on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1419-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-July/msg00030.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.7.6~20.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxml2-debuginfo\", rpm:\"libxml2-debuginfo~2.7.6~20.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.7.6~20.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxml2-python\", rpm:\"libxml2-python~2.7.6~20.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:38", "description": "Mageia Linux Local Security Checks mgasa-2015-0358", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0358", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310130031", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130031", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0358.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130031\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 10:41:46 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0358\");\n script_tag(name:\"insight\", value:\"Updated libxml2 packages fix security vulnerability: The xmlreader in libxml2 allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack (CVE-2015-1819). The libxml2 package has been patched to fix this issue, as well as two out-of-bounds read issues (bgo#744980, bgo#746048).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0358.html\");\n script_cve_id(\"CVE-2015-1819\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0358\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.1~11.1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:35", "description": "Gentoo Linux Local Security Checks GLSA 201507-08", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201507-08", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121389", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121389", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201507-08.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121389\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:54 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201507-08\");\n script_tag(name:\"insight\", value:\"libxml2 returns the empty string when the allocation limit is encountered while constructing the attribute value string.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201507-08\");\n script_cve_id(\"CVE-2015-1819\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201507-08\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-libs/libxml2\", unaffected: make_list(\"ge 2.9.2-r1\"), vulnerable: make_list(\"lt 2.9.2-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:37", "description": "Oracle Linux Local Security Checks ELSA-2015-1419", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1419", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123052", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123052", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1419.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123052\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:58:44 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1419\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1419 - libxml2 security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1419\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1419.html\");\n script_cve_id(\"CVE-2015-1819\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.7.6~20.0.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.7.6~20.0.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxml2-python\", rpm:\"libxml2-python~2.7.6~20.0.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxml2-static\", rpm:\"libxml2-static~2.7.6~20.0.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-31T00:00:00", "type": "openvas", "title": "Fedora Update for openssh FEDORA-2015-11981", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869826", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869826", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssh FEDORA-2015-11981\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869826\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-31 07:17:52 +0200 (Fri, 31 Jul 2015)\");\n script_cve_id(\"CVE-2015-5600\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssh FEDORA-2015-11981\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssh'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssh on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-11981\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/162955.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~6.9p1~3.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:01", "description": "Mageia Linux Local Security Checks mgasa-2015-0295", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0295", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310130083", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130083", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0295.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130083\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 10:42:30 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0295\");\n script_tag(name:\"insight\", value:\"The OpenSSH server, when keyboard-interactive challenge response authentication is enabled and PAM is being used (the default configuration in Mageia), can be tricked into allowing more password attempts than the MaxAuthTries setting would normally allow in one connection, which can aid an attacker in brute-force password guessing (CVE-2015-5600).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0295.html\");\n script_cve_id(\"CVE-2015-5600\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0295\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~6.6p1~5.3.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for openssh FEDORA-2015-13520", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869875", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869875", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssh FEDORA-2015-13520\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869875\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-20 06:40:41 +0200 (Thu, 20 Aug 2015)\");\n script_cve_id(\"CVE-2015-5600\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssh FEDORA-2015-13520\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssh'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssh on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-13520\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-August/164224.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~6.9p1~5.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-08-01T00:00:00", "type": "openvas", "title": "Fedora Update for openssh FEDORA-2015-12177", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869829", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869829", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssh FEDORA-2015-12177\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869829\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-01 06:54:27 +0200 (Sat, 01 Aug 2015)\");\n script_cve_id(\"CVE-2015-5600\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssh FEDORA-2015-12177\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssh'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssh on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-12177\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/162965.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~6.9p1~4.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:02", "description": "Junos OS is prone to a restriction bypass vulnerability in OpenSSH.", "cvss3": {}, "published": "2015-11-24T00:00:00", "type": "openvas", "title": "Junos OpenSSH Restriction Bypass Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310106046", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106046", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_junos_cve-2015-5600.nasl 12106 2018-10-26 06:33:36Z cfischer $\n#\n# Junos OpenSSH Restriction Bypass Vulnerability\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/o:juniper:junos';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106046\");\n script_version(\"$Revision: 12106 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 08:33:36 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-24 11:15:58 +0700 (Tue, 24 Nov 2015)\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2015-5600\");\n\n script_name(\"Junos OpenSSH Restriction Bypass Vulnerability\");\n\n script_category(ACT_GATHER_INFO);\n\n script_family(\"JunOS Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gb_ssh_junos_get_version.nasl\", \"gb_junos_snmp_version.nasl\");\n script_mandatory_keys(\"Junos/Version\");\n\n script_tag(name:\"summary\", value:\"Junos OS is prone to a restriction bypass vulnerability in OpenSSH.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable OS build is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A vulnerability in OpenSSH may allow a remote network based\nattacker to effectively bypass restrictions on number of authentication attempts, as defined by\nMaxAuthTries settings on Junos.\");\n\n script_tag(name:\"impact\", value:\"The vulnerability may enable brute force password attacks to gain\naccess to the device.\");\n\n script_tag(name:\"affected\", value:\"Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1\");\n\n script_tag(name:\"solution\", value:\"New builds of Junos OS software are available from Juniper. As a\nworkaround disable password based authentication completely, and implement key based authentication\nexclusively in the SSH server configuration.\");\n\n script_xref(name:\"URL\", value:\"http://kb.juniper.net/JSA10697\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\n\nif (!version = get_app_version(cpe: CPE, nofork: TRUE))\n exit(0);\n\nif (version =~ \"^12\") {\n if ((revcomp(a: version, b: \"12.1X44-D55\") < 0) &&\n (revcomp(a: version, b: \"12.1X44\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.1X46-D40\") < 0) &&\n (revcomp(a: version, b: \"12.1X46\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.1X47-D30\") < 0) &&\n (revcomp(a: version, b: \"12.1X47\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.3R11\") < 0) &&\n (revcomp(a: version, b: \"12.3\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.3X48-D20\") < 0) &&\n (revcomp(a: version, b: \"12.3X48\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nif (version =~ \"^13\") {\n if ((revcomp(a: version, b: \"13.2X51-D40\") < 0) &&\n (revcomp(a: version, b: \"13.2X51\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"13.2X52-D30\") < 0) &&\n (revcomp(a: version, b: \"13.2X52\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"13.3R8\") < 0) &&\n (revcomp(a: version, b: \"13.3\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nif (version =~ \"^14\") {\n if (revcomp(a: version, b: \"14.1R6\") < 0) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"14.2R5\") < 0) &&\n (revcomp(a: version, b: \"14.2\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nif (version =~ \"^15\") {\n if (revcomp(a: version, b: \"15.1F2-S1\") < 0) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"15.1R2\") < 0) &&\n (revcomp(a: version, b: \"15.1R\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"15.1X49-D20\") < 0) &&\n (revcomp(a: version, b: \"15.1X49\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"15.1X53-D20\") < 0) &&\n (revcomp(a: version, b: \"15.1X53\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:04", "description": "Mageia Linux Local Security Checks mgasa-2015-0427", "cvss3": {}, "published": "2015-11-08T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0427", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7198", "CVE-2015-7181", "CVE-2015-7194", "CVE-2015-7189", "CVE-2015-7182", "CVE-2015-7188", "CVE-2015-7183", "CVE-2015-7196", "CVE-2015-4513", "CVE-2015-7193", "CVE-2015-7197"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310131115", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131115", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0427.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131115\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-11-08 13:02:10 +0200 (Sun, 08 Nov 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0427\");\n script_tag(name:\"insight\", value:\"Several flaws were found in the processing of malformed web content.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0427.html\");\n script_cve_id(\"CVE-2015-4513\", \"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\", \"CVE-2015-7188\", \"CVE-2015-7189\", \"CVE-2015-7193\", \"CVE-2015-7194\", \"CVE-2015-7196\", \"CVE-2015-7197\", \"CVE-2015-7198\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0427\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.4.0~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~38.4.0~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.10~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.20.1~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"rootcerts\", rpm:\"rootcerts~20151029.00~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-12-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-2819-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7198", "CVE-2015-7200", "CVE-2015-7181", "CVE-2015-7194", "CVE-2015-7189", "CVE-2015-7182", "CVE-2015-7188", "CVE-2015-7183", "CVE-2015-7199", "CVE-2015-4513", "CVE-2015-7193", "CVE-2015-7197"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842545", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842545", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for thunderbird USN-2819-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842545\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-02 06:42:54 +0100 (Wed, 02 Dec 2015)\");\n script_cve_id(\"CVE-2015-4513\", \"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\",\n \"CVE-2015-7188\", \"CVE-2015-7189\", \"CVE-2015-7193\", \"CVE-2015-7194\",\n \"CVE-2015-7197\", \"CVE-2015-7198\", \"CVE-2015-7199\", \"CVE-2015-7200\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for thunderbird USN-2819-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Christian Holler, David Major, Jesse Ruderman,\nTyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden,\nand Gary Kwong discovered multiple memory safety issues in Thunderbird. If a user\nwere tricked in to opening a specially crafted message, an attacker could\npotentially exploit these to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user invoking\nThunderbird. (CVE-2015-4513)\n\nTyson Smith and David Keeler discovered a use-after-poison and buffer\noverflow in NSS. An attacker could potentially exploit these to cause a\ndenial of service via application crash, or execute arbitrary code with\nthe privileges of the user invoking Thunderbird. (CVE-2015-7181,\nCVE-2015-7182)\n\nRyan Sleevi discovered an integer overflow in NSPR. An attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user invoking\nThunderbird. (CVE-2015-7183)\n\nMichał Bentkowski discovered that adding white-space to hostnames that are\nIP addresses can bypass same-origin protections. If a user were tricked in\nto opening a specially crafted website in a browser-like context, an\nattacker could potentially exploit this to conduct cross-site scripting\n(XSS) attacks. (CVE-2015-7188)\n\nLooben Yang discovered a buffer overflow during script interactions with\nthe canvas element in some circumstances. If a user were tricked in to\nopening a specially crafted website in a browser-like context, an attacker\ncould potentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code with the privileges of the\nuser invoking Thunderbird. (CVE-2015-7189)\n\nShinto K Anto discovered that CORS preflight is bypassed when receiving\nnon-standard Content-Type headers in some circumstances. If a user were\ntricked in to opening a specially crafted website in a browser-like\ncontext, an attacker could potentially exploit this to bypass\nsame-origin restrictions. (CVE-2015-7193)\n\nGustavo Grieco discovered a buffer overflow in libjar in some\ncircumstances. If a user were tricked in to opening a specially crafted\nwebsite in a browser-like context, an attacker could potentially exploit\nthis to cause a denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking Thunderbird.\n(CVE-2015-7194)\n\nEhsan Akhgari discovered a mechanism for a web worker to bypass secure\nrequirements for web sockets. If a user were tricked in to opening a\nspecially crafted website in ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"thunderbird on Ubuntu 15.10,\n Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2819-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2819-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:38.4.0+build3-0ubuntu0.15.04.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:38.4.0+build3-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:38.4.0+build3-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:38.4.0+build3-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:13:18", "description": "This host is installed with Mozilla\n Firefox ESR and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-11-09T00:00:00", "type": "openvas", "title": "Mozilla Firefox ESR Multiple Vulnerabilities - Nov15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7198", "CVE-2015-7200", "CVE-2015-7181", "CVE-2015-7194", "CVE-2015-7189", "CVE-2015-7182", "CVE-2015-7188", "CVE-2015-7183", "CVE-2015-7196", "CVE-2015-7199", "CVE-2015-4513", "CVE-2015-7193", "CVE-2015-7197"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310806553", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806553", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox ESR Multiple Vulnerabilities - Nov15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox_esr\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806553\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2015-7200\", \"CVE-2015-7199\", \"CVE-2015-7198\", \"CVE-2015-7197\",\n \"CVE-2015-7196\", \"CVE-2015-7194\", \"CVE-2015-7193\", \"CVE-2015-7189\",\n \"CVE-2015-7188\", \"CVE-2015-4513\", \"CVE-2015-7183\", \"CVE-2015-7182\",\n \"CVE-2015-7181\");\n script_bugtraq_id(77415, 77416);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-11-09 16:15:18 +0530 (Mon, 09 Nov 2015)\");\n script_name(\"Mozilla Firefox ESR Multiple Vulnerabilities - Nov15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Firefox ESR and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are exists due to,\n\n - Lack of status checking in CryptoKey interface implementation.\n\n - Lack of status checking in 'AddWeightedPathSegLists' and\n 'SVGPathSegListSMILType::Interpolate' functions.\n\n - Buffer overflow in the 'rx::TextureStorage11' class in ANGLE graphics\n library.\n\n - An error in 'web worker' when creating WebSockets.\n\n - Java plugin can deallocate a JavaScript wrapper when it is still in use,\n which leads to a JavaScript garbage collection crash.\n\n - Buffer underflow in 'libjar' triggered through a maliciously crafted ZIP\n format file.\n\n - An error in implementation of CORS cross-origin request algorithm.\n\n - Buffer overflow in the 'JPEGEncoder' function during script interactions with\n a canvas element.\n\n - Trailing whitespaces are evaluated differently when parsing IP addresses\n instead of alphanumeric hostnames.\n\n - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox.\n\n - Multiple memory corruption issues in NSS and NSPR.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service or possibly execute arbitrary code,\n bypass security restrictions, to obtain sensitive information and some\n unspecified impacts.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox ESR version 38.x\n before 38.4 on Mac OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox ESR version\n 38.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2015/mfsa2015-131.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2015/mfsa2015-133.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox-ESR/MacOSX/Version\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(ffVer =~ \"^38\\.\")\n{\n if(version_is_less(version:ffVer, test_version:\"38.4\"))\n {\n report = 'Installed version: ' + ffVer + '\\n' +\n 'Fixed version: ' + \"38.4\" + '\\n';\n security_message(data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-04T17:44:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-11-07T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2015:1926-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7198", "CVE-2015-7200", "CVE-2015-7181", "CVE-2015-7194", "CVE-2015-7189", "CVE-2015-7182", "CVE-2015-7188", "CVE-2015-7183", "CVE-2015-7196", "CVE-2015-7199", "CVE-2015-4513", "CVE-2015-7193", "CVE-2015-7197"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310851131", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851131", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851131\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-11-07 05:31:46 +0100 (Sat, 07 Nov 2015)\");\n script_cve_id(\"CVE-2015-4513\", \"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\",\n \"CVE-2015-7188\", \"CVE-2015-7189\", \"CVE-2015-7193\", \"CVE-2015-7194\",\n \"CVE-2015-7196\", \"CVE-2015-7197\", \"CVE-2015-7198\", \"CVE-2015-7199\",\n \"CVE-2015-7200\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2015:1926-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaFirefox'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This Mozilla Firefox, NSS and NSPR update fixes the following security and\n non security issues.\n\n - mozilla-nspr was updated to version 4.10.10 (bsc#952810)\n\n * MFSA 2015-133/CVE-2015-7183 (bmo#1205157) NSPR memory corruption issues\n\n - mozilla-nss was updated to 3.19.2.1 (bsc#952810)\n\n * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182 (bmo#1192028, bmo#1202868)\n NSS and NSPR memory corruption issues\n\n - MozillaFirefox was updated to 38.4.0 ESR (bsc#952810)\n\n * MFSA 2015-116/CVE-2015-4513 (bmo#1107011, bmo#1191942, bmo#1193038,\n bmo#1204580, bmo#1204669, bmo#1204700, bmo#1205707, bmo#1206564,\n bmo#1208665, bmo#1209471, bmo#1213979) Miscellaneous memory safety\n hazards (rv:42.0 / rv:38.4)\n\n * MFSA 2015-122/CVE-2015-7188 (bmo#1199430) Trailing whitespace in IP\n address hostnames can bypass same-origin policy\n\n * MFSA 2015-123/CVE-2015-7189 (bmo#1205900) Buffer overflow during image\n interactions in canvas\n\n * MFSA 2015-127/CVE-2015-7193 (bmo#1210302) CORS preflight is bypassed\n when non-standard Content-Type headers are received\n\n * MFSA 2015-128/CVE-2015-7194 (bmo#1211262) Memory corruption in libjar\n through zip files\n\n * MFSA 2015-130/CVE-2015-7196 (bmo#1140616) JavaScript garbage\n collection crash with Java applet\n\n * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200 (bmo#1204061,\n bmo#1188010, bmo#1204155) Vulnerabilities found through code inspection\n\n * MFSA 2015-132/CVE-2015-7197 (bmo#1204269) Mixed content WebSocket\n policy bypass through workers\n\n * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183 (bmo#1202868,\n bmo#1192028, bmo#1205157) NSS and NSPR memory corruption issues\n\n - fix printing on landscape media (bsc#908275)\");\n\n script_tag(name:\"affected\", value:\"MozillaFirefox, on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1926-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLED12\\.0SP0|SLES12\\.0SP0)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~38.4.0esr~51.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-SLE\", rpm:\"MozillaFirefox-branding-SLE~31.0~17.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~38.4.0esr~51.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~38.4.0esr~51.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~38.4.0esr~51.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-32bit\", rpm:\"mozilla-nspr-32bit~4.10.10~9.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr\", rpm:\"mozilla-nspr~4.10.10~9.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo-32bit\", rpm:\"mozilla-nspr-debuginfo-32bit~4.10.10~9.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo\", rpm:\"mozilla-nspr-debuginfo~4.10.10~9.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debugsource\", rpm:\"mozilla-nspr-debugsource~4.10.10~9.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.19.2.1~29.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"SLES12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~38.4.0esr~51.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-SLE\", rpm:\"MozillaFirefox-branding-SLE~31.0~17.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~38.4.0esr~51.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~38.4.0esr~51.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~38.4.0esr~51.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-hmac\", rpm:\"libfreebl3-hmac~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-hmac\", rpm:\"libsoftokn3-hmac~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr\", rpm:\"mozilla-nspr~4.10.10~9.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo\", rpm:\"mozilla-nspr-debuginfo~4.10.10~9.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debugsource\", rpm:\"mozilla-nspr-debugsource~4.10.10~9.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-hmac-32bit\", rpm:\"libfreebl3-hmac-32bit~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-hmac-32bit\", rpm:\"libsoftokn3-hmac-32bit~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-32bit\", rpm:\"mozilla-nspr-32bit~4.10.10~9.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo-32bit\", rpm:\"mozilla-nspr-debuginfo-32bit~4.10.10~9.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.19.2.1~29.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-25T14:49:40", "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-04-06T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Security Updates( mfsa_2015-116_2015-133 )-MAC OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7198", "CVE-2015-7200", "CVE-2015-4514", "CVE-2015-7181", "CVE-2015-7194", "CVE-2015-7189", "CVE-2015-7182", "CVE-2015-7188", "CVE-2015-7183", "CVE-2015-7199", "CVE-2015-4513", "CVE-2015-7193", "CVE-2015-7197"], "modified": "2019-06-25T00:00:00", "id": "OPENVAS:1361412562310807636", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807636", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Thunderbird Security Updates( mfsa_2015-116_2015-133 )-MAC OS X\n#\n# Authors:\n# kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807636\");\n script_version(\"2019-06-25T08:25:15+0000\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\", \"CVE-2015-7197\",\n\t\t\"CVE-2015-7198\", \"CVE-2015-7199\", \"CVE-2015-7200\", \"CVE-2015-7194\",\n\t \"CVE-2015-7193\", \"CVE-2015-7189\", \"CVE-2015-7188\", \"CVE-2015-4513\",\n\t\t\"CVE-2015-4514\");\n script_bugtraq_id(77416, 77415, 77411);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-06-25 08:25:15 +0000 (Tue, 25 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-04-06 16:24:49 +0530 (Wed, 06 Apr 2016)\");\n script_name(\"Mozilla Thunderbird Security Updates( mfsa_2015-116_2015-133 )-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - An improper handling of the CORS cross-origin request algorithm when\n non-standard Content-Type headers are received.\n\n - A heap Buffer Overflow in nsJPEGEncoder during image interactions in canvas.\n\n - An insufficient validation of IP address string.\n\n - Multiple unspecified vulnerabilities in the browser engine.\n\n - A buffer overflow vulnerability in the rx::TextureStorage11 class in ANGLE.\n\n - Lack of status checking in 'AddWeightedPathSegLists' and\n 'SVGPathSegListSMILType::Interpolate' functions.\n\n - Missing status check in CryptoKey interface implementation.\n\n - A memory corruption vulnerability in libjar through zip files.\n\n - Memory corruption issues in NSS and NSPR.\n\n - A heap-based buffer overflow in the ASN.1 decoder in Mozilla (NSS).\n\n - An integer overflow in the PL_ARENA_ALLOCATE implementation in Mozilla (NSS)\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to bypass security restrictions,\n to execute arbitrary code and to cause denial of service.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird version before\n 38.4 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version 38.4\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-132/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-128/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-127/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-123/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-122/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Thunderbird/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/thunderbird\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!tbVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:tbVer, test_version:\"38.4\"))\n{\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"38.4\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:57", "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-04-06T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Security Updates( mfsa_2015-116_2015-133 )-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7198", "CVE-2015-7200", "CVE-2015-4514", "CVE-2015-7181", "CVE-2015-7194", "CVE-2015-7189", "CVE-2015-7182", "CVE-2015-7188", "CVE-2015-7183", "CVE-2015-7199", "CVE-2015-4513", "CVE-2015-7193", "CVE-2015-7197"], "modified": "2018-11-13T00:00:00", "id": "OPENVAS:1361412562310807635", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807635", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_thunderbird_mfsa_2015-116_2015-133_win.nasl 12338 2018-11-13 14:51:17Z asteins $\n#\n# Mozilla Thunderbird Security Updates( mfsa_2015-116_2015-133 )-Windows\n#\n# Authors:\n# kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807635\");\n script_version(\"$Revision: 12338 $\");\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\", \"CVE-2015-7197\",\n\t\t\"CVE-2015-7198\", \"CVE-2015-7199\", \"CVE-2015-7200\", \"CVE-2015-7194\",\n\t \"CVE-2015-7193\", \"CVE-2015-7189\", \"CVE-2015-7188\", \"CVE-2015-4513\",\n\t\t\"CVE-2015-4514\");\n script_bugtraq_id(77416, 77415, 77411);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-13 15:51:17 +0100 (Tue, 13 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-04-06 16:24:54 +0530 (Wed, 06 Apr 2016)\");\n script_name(\"Mozilla Thunderbird Security Updates( mfsa_2015-116_2015-133 )-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - An improper handling of the CORS cross-origin request algorithm when\n non-standard Content-Type headers are received.\n\n - A heap Buffer Overflow in nsJPEGEncoder during image interactions in canvas.\n\n - An insufficient validation of IP address string.\n\n - Multiple unspecified vulnerabilities in the browser engine.\n\n - A buffer overflow vulnerability in the rx::TextureStorage11 class in ANGLE.\n\n - Lack of status checking in 'AddWeightedPathSegLists' and\n 'SVGPathSegListSMILType::Interpolate' functions.\n\n - Missing status check in CryptoKey interface implementation.\n\n - A memory corruption vulnerability in libjar through zip files.\n\n - Memory corruption issues in NSS and NSPR.\n\n - A heap-based buffer overflow in the ASN.1 decoder in Mozilla (NSS).\n\n - An integer overflow in the PL_ARENA_ALLOCATE implementation in Mozilla (NSS)\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to bypass security restrictions,\n to execute arbitrary code and to cause denial of service.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird version before\n 38.4 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version 38.4\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-132/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-128/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-127/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-123/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-122/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Thunderbird/Win/Ver\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/thunderbird\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!tbVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:tbVer, test_version:\"38.4\"))\n{\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"38.4\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:53:05", "description": "Multiple security issues have been\nfound in Iceweasel, Debian", "cvss3": {}, "published": "2015-11-04T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3393-1 (iceweasel - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7198", "CVE-2015-7200", "CVE-2015-7181", "CVE-2015-7194", "CVE-2015-7189", "CVE-2015-7182", "CVE-2015-7188", "CVE-2015-7183", "CVE-2015-7196", "CVE-2015-7199", "CVE-2015-4513", "CVE-2015-7193", "CVE-2015-7197"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703393", "href": "http://plugins.openvas.org/nasl.php?oid=703393", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3393.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3393-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703393);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-4513\", \"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\",\n \"CVE-2015-7188\", \"CVE-2015-7189\", \"CVE-2015-7193\", \"CVE-2015-7194\",\n \"CVE-2015-7196\", \"CVE-2015-7197\", \"CVE-2015-7198\", \"CVE-2015-7199\",\n \"CVE-2015-7200\");\n script_name(\"Debian Security Advisory DSA 3393-1 (iceweasel - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-11-04 00:00:00 +0100 (Wed, 04 Nov 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3393.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"iceweasel on Debian Linux\");\n script_tag(name: \"insight\", value: \"Iceweasel is Firefox, rebranded. It\nis a powerful, extensible web browser with support for modern web application\ntechnologies.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution\n(wheezy), these problems have been fixed in version 38.4.0esr-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 38.4.0esr-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 38.4.0esr-1.\n\nWe recommend that you upgrade your iceweasel packages.\");\n script_tag(name: \"summary\", value: \"Multiple security issues have been\nfound in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple\nmemory safety errors, integer overflows, buffer overflows and other implementation\nerrors may lead to the execution of arbitrary code, information disclosure or\ndenial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs17d\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs17d-dbg\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-17.0\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-17.0-dbg\", ver:\"38.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-csb\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ku\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zu\", ver:\"38.4.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:15", "description": "Multiple security issues have been\nfound in Iceweasel, Debian", "cvss3": {}, "published": "2015-11-04T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3393-1 (iceweasel - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7198", "CVE-2015-7200", "CVE-2015-7181", "CVE-2015-7194", "CVE-2015-7189", "CVE-2015-7182", "CVE-2015-7188", "CVE-2015-7183", "CVE-2015-7196", "CVE-2015-7199", "CVE-2015-4513", "CVE-2015-7193", "CVE-2015-7197"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703393", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703393", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3393.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3393-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703393\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2015-4513\", \"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\",\n \"CVE-2015-7188\", \"CVE-2015-7189\", \"CVE-2015-7193\", \"CVE-2015-7194\",\n \"CVE-2015-7196\", \"CVE-2015-7197\", \"CVE-2015-7198\", \"CVE-2015-7199\",\n \"CVE-2015-7200\");\n script_name(\"Debian Security Advisory DSA 3393-1 (iceweasel - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-04 00:00:00 +0100 (Wed, 04 Nov 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3393.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(7|8)\");\n script_tag(name:\"affected\", value:\"iceweasel on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution\n(wheezy), these problems have been fixed in version 38.4.0esr-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 38.4.0esr-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 38.4.0esr-1.\n\nWe recommend that you upgrade your iceweasel packages.\");\n script_tag(name:\"summary\", value:\"Multiple security issues have been\nfound in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple\nmemory safety errors, integer overflows, buffer overflows and other implementation\nerrors may lead to the execution of arbitrary code, information disclosure or\ndenial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmozjs17d\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmozjs17d-dbg\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xulrunner-17.0\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xulrunner-17.0-dbg\", ver:\"38.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-csb\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ku\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zu\", ver:\"38.4.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:13:11", "description": "This host is installed with Mozilla\n Firefox ESR and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-11-09T00:00:00", "type": "openvas", "title": "Mozilla Firefox ESR Multiple Vulnerabilities - Nov15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7198", "CVE-2015-7200", "CVE-2015-7181", "CVE-2015-7194", "CVE-2015-7189", "CVE-2015-7182", "CVE-2015-7188", "CVE-2015-7183", "CVE-2015-7196", "CVE-2015-7199", "CVE-2015-4513", "CVE-2015-7193", "CVE-2015-7197"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310806552", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806552", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox ESR Multiple Vulnerabilities - Nov15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox_esr\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806552\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2015-7200\", \"CVE-2015-7199\", \"CVE-2015-7198\", \"CVE-2015-7197\",\n \"CVE-2015-7196\", \"CVE-2015-7194\", \"CVE-2015-7193\", \"CVE-2015-7189\",\n \"CVE-2015-7188\", \"CVE-2015-4513\", \"CVE-2015-7183\", \"CVE-2015-7182\",\n \"CVE-2015-7181\");\n script_bugtraq_id(77415, 77416);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-11-09 14:40:31 +0530 (Mon, 09 Nov 2015)\");\n script_name(\"Mozilla Firefox ESR Multiple Vulnerabilities - Nov15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Firefox ESR and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are exists due to,\n\n - Lack of status checking in CryptoKey interface implementation.\n\n - Lack of status checking in 'AddWeightedPathSegLists' and\n 'SVGPathSegListSMILType::Interpolate' functions.\n\n - Buffer overflow in the 'rx::TextureStorage11' class in ANGLE graphics\n library.\n\n - An error in 'web worker' when creating WebSockets.\n\n - Java plugin can deallocate a JavaScript wrapper when it is still in use,\n which leads to a JavaScript garbage collection crash.\n\n - Buffer underflow in 'libjar' triggered through a maliciously crafted ZIP\n format file.\n\n - An error in implementation of CORS cross-origin request algorithm.\n\n - Buffer overflow in the 'JPEGEncoder' function during script interactions with\n a canvas element.\n\n - Trailing whitespaces are evaluated differently when parsing IP addresses\n instead of alphanumeric hostnames.\n\n - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox.\n\n - Multiple memory corruption issues in NSS and NSPR.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service or possibly execute arbitrary code,\n bypass security restrictions, to obtain sensitive information and some\n unspecified impacts.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox ESR version 38.x\n before 38.4 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox ESR version\n 38.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2015/mfsa2015-131.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2015/mfsa2015-133.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox-ESR/Win/Ver\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(ffVer =~ \"^38\\.\")\n{\n if(version_is_less(version:ffVer, test_version:\"38.4\"))\n {\n report = 'Installed version: ' + ffVer + '\\n' +\n 'Fixed version: ' + \"38.4\" + '\\n';\n security_message(data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-08-15T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssh USN-2710-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600", "CVE-2015-5352"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842409", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for openssh USN-2710-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842409\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-15 05:05:45 +0200 (Sat, 15 Aug 2015)\");\n script_cve_id(\"CVE-2015-5352\", \"CVE-2015-5600\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for openssh USN-2710-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssh'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Moritz Jodeit discovered that OpenSSH\nincorrectly handled usernames when using PAM authentication. If an additional\nvulnerability were discovered in the OpenSSH unprivileged child process, this\nissue could allow a remote attacker to perform user impersonation. (CVE number\npending) Moritz Jodeit discovered that OpenSSH incorrectly handled context memory\nwhen using PAM authentication. If an additional vulnerability were\ndiscovered in the OpenSSH unprivileged child process, this issue could\nallow a remote attacker to bypass authentication or possibly execute\narbitrary code. (CVE number pending)\n\nJann Horn discovered that OpenSSH incorrectly handled time windows for\nX connections. A remote attacker could use this issue to bypass certain\naccess restrictions. (CVE-2015-5352)\n\nIt was discovered that OpenSSH incorrectly handled keyboard-interactive\nauthentication. In a non-default configuration, a remote attacker could\npossibly use this issue to perform a brute-force password attack.\n(CVE-2015-5600)\");\n script_tag(name:\"affected\", value:\"openssh on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2710-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2710-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"openssh-server\", ver:\"1:6.6p1-2ubuntu2.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"openssh-server\", ver:\"1:5.9p1-5ubuntu1.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:49", "description": "Oracle Linux Local Security Checks ELSA-2016-3531", "cvss3": {}, "published": "2016-04-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2016-3531", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600", "CVE-2016-3115"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310122921", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122921", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-3531.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.fi>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://solinor.fi\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122921\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-04-06 14:33:00 +0300 (Wed, 06 Apr 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-3531\");\n script_tag(name:\"insight\", value:\"ELSA-2016-3531 - openssh security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-3531\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-3531.html\");\n script_cve_id(\"CVE-2015-5600\", \"CVE-2016-3115\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~4.3p2~82.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~4.3p2~82.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~4.3p2~82.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~4.3p2~82.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-22T00:00:00", "type": "openvas", "title": "RedHat Update for openssh RHSA-2016:0466-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600", "CVE-2016-3115"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871579", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871579", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssh RHSA-2016:0466-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871579\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-22 06:12:28 +0100 (Tue, 22 Mar 2016)\");\n script_cve_id(\"CVE-2015-5600\", \"CVE-2016-3115\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for openssh RHSA-2016:0466-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssh'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSH is OpenBSD's SSH (Secure Shell)\nprotocol implementation. These packages include the core files necessary for both\nthe OpenSSH client and server.\n\nIt was discovered that the OpenSSH server did not sanitize data received\nin requests to enable X11 forwarding. An authenticated client with\nrestricted SSH access could possibly use this flaw to bypass intended\nrestrictions. (CVE-2016-3115)\n\nIt was discovered that the OpenSSH sshd daemon did not check the list of\nkeyboard-interactive authentication methods for duplicates. A remote\nattacker could use this flaw to bypass the MaxAuthTries limit, making it\neasier to perform password guessing attacks. (CVE-2015-5600)\n\nAll openssh users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the OpenSSH server daemon (sshd) will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"openssh on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0466-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-March/msg00053.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.3p1~114.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~5.3p1~114.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~5.3p1~114.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-debuginfo\", rpm:\"openssh-debuginfo~5.3p1~114.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~5.3p1~114.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-08-20T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssh USN-2710-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600", "CVE-2015-5352"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842418", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842418", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for openssh USN-2710-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842418\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-20 06:45:59 +0200 (Thu, 20 Aug 2015)\");\n script_cve_id(\"CVE-2015-5600\", \"CVE-2015-5352\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for openssh USN-2710-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssh'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-2710-1 fixed vulnerabilities in OpenSSH.\nThe upstream fix for CVE-2015-5600 caused a regression resulting in random\nauthentication failures in non-default configurations. This update fixes the\nproblem.\n\nOriginal advisory details:\n\nMoritz Jodeit discovered that OpenSSH incorrectly handled usernames when\nusing PAM authentication. If an additional vulnerability were discovered in\nthe OpenSSH unprivileged child process, this issue could allow a remote\nattacker to perform user impersonation. (CVE number pending)\nMoritz Jodeit discovered that OpenSSH incorrectly handled context memory\nwhen using PAM authentication. If an additional vulnerability were\ndiscovered in the OpenSSH unprivileged child process, this issue could\nallow a remote attacker to bypass authentication or possibly execute\narbitrary code. (CVE number pending)\nJann Horn discovered that OpenSSH incorrectly handled time windows for\nX connections. A remote attacker could use this issue to bypass certain\naccess restrictions. (CVE-2015-5352)\nIt was discovered that OpenSSH incorrectly handled keyboard-interactive\nauthentication. In a non-default configuration, a remote attacker could\npossibly use this issue to perform a brute-force password attack.\n(CVE-2015-5600)\");\n script_tag(name:\"affected\", value:\"openssh on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2710-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2710-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"openssh-server\", ver:\"1:6.6p1-2ubuntu2.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"openssh-server\", ver:\"1:5.9p1-5ubuntu1.7\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-08-11T00:00:00", "type": "openvas", "title": "Fedora Update for openssh FEDORA-2015-12054", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600", "CVE-2014-9278"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869834", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869834", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssh FEDORA-2015-12054\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869834\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-11 11:56:26 +0530 (Tue, 11 Aug 2015)\");\n script_cve_id(\"CVE-2015-5600\", \"CVE-2014-9278\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssh FEDORA-2015-12054\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssh'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssh on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-12054\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-August/163045.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~6.6.1p1~15.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:34", "description": "Check the version of openssh", "cvss3": {}, "published": "2016-03-22T00:00:00", "type": "openvas", "title": "CentOS Update for openssh CESA-2016:0466 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600", "CVE-2016-3115"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882431", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882431", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssh CESA-2016:0466 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882431\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-22 06:12:46 +0100 (Tue, 22 Mar 2016)\");\n script_cve_id(\"CVE-2015-5600\", \"CVE-2016-3115\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssh CESA-2016:0466 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of openssh\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSH is OpenBSD's SSH (Secure Shell)\nprotocol implementation. These packages include the core files necessary for\nboth the OpenSSH client and server.\n\nIt was discovered that the OpenSSH server did not sanitize data received\nin requests to enable X11 forwarding. An authenticated client with\nrestricted SSH access could possibly use this flaw to bypass intended\nrestrictions. (CVE-2016-3115)\n\nIt was discovered that the OpenSSH sshd daemon did not check the list of\nkeyboard-interactive authentication methods for duplicates. A remote\nattacker could use this flaw to bypass the MaxAuthTries limit, making it\neasier to perform password guessing attacks. (CVE-2015-5600)\n\nAll openssh users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the OpenSSH server daemon (sshd) will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"openssh on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0466\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-March/021745.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.3p1~114.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~5.3p1~114.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~5.3p1~114.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-ldap\", rpm:\"openssh-ldap~5.3p1~114.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~5.3p1~114.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pam_ssh_agent_auth\", rpm:\"pam_ssh_agent_auth~0.9.3~114.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2021-06-04T20:20:44", "description": "nspr\n[4.10.8-2]\n- Resolves: Bug 1269360 - CVE-2015-7183\n- nspr: heap-buffer overflow in PL_ARENA_ALLOCATE can lead to crash (under ASAN), potential memory corruption\nnss\n[3.19.1-5.0.1]\n- Added nss-vendor.patch to change vendor\n[3.19.1-5]\n- Rebuild against updated NSPR\n[3.19.1-4]\n- Sync up with the rhel-6.6 branch\n- Resolves: Bug 1224450\nnss-util\n[3.19.1-2]\n- Resolves: Bug 1269355 - CVE-2015-7182 CVE-2015-7181", "cvss3": {}, "published": "2015-11-04T00:00:00", "type": "oraclelinux", "title": "nss, nss-util, and nspr security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2015-11-04T00:00:00", "id": "ELSA-2015-1981", "href": "http://linux.oracle.com/errata/ELSA-2015-1981.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-06-04T20:20:50", "description": "nspr\n[4.10.8-2]\n- Resolves: Bug 1269359 - CVE-2015-7183\n- nspr: heap-buffer overflow in PL_ARENA_ALLOCATE can lead to crash (under ASAN), potential memory corruption [rhel-5.11.z]\nnss\n[3.19.1-2]\n- Resolves: Bug 1269354 - CVE-2015-7182 CVE-2015-7181", "cvss3": {}, "published": "2015-11-04T00:00:00", "type": "oraclelinux", "title": "nss and nspr security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2015-11-04T00:00:00", "id": "ELSA-2015-1980", "href": "http://linux.oracle.com/errata/ELSA-2015-1980.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-05-13T09:23:42", "description": "[2.7.6-20.0.1.el6]\n- Update doc/redhat.gif in tarball\n- Add libxml2-oracle-enterprise.patch and update logos in tarball\n[libxml2-2.7.6-20.el6]\n- CVE-2015-1819 Enforce the reader to run in constant memory(rhbz#1214163)\n[libxml2-2.7.6-19.el6]\n- Stop parsing on entities boundaries errors\n- Fix missing entities after CVE-2014-3660 fix (rhbz#1149086)\n[libxml2-2.7.6-18.el6]\n- CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149086)\n- Fix html serialization error and htmlSetMetaEncoding (rhbz#1004513)", "cvss3": {}, "published": "2015-07-29T00:00:00", "type": "oraclelinux", "title": "libxml2 security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-3660", "CVE-2015-1819"], "modified": "2015-07-29T00:00:00", "id": "ELSA-2015-1419", "href": "http://linux.oracle.com/errata/ELSA-2015-1419.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-06-04T20:21:08", "description": "[4.3p2-82.0.2]\n- CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (John Haxby) [orabug 22985024]\n- CVE-2016-3115: missing sanitisation of input for X11 forwarding (John Haxby) [orabug 22985024]", "cvss3": {}, "published": "2016-04-03T00:00:00", "type": "oraclelinux", "title": "openssh security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-5600", "CVE-2016-3115"], "modified": "2016-04-03T00:00:00", "id": "ELSA-2016-3531", "href": "http://linux.oracle.com/errata/ELSA-2016-3531.html", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2021-06-04T20:20:57", "description": "[5.3p1-114]\n- CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (#1245969)\n[5.3p1-113]\n- CVE-2016-3115: missing sanitisation of input for X11 forwarding (#1317816)", "cvss3": {}, "published": "2016-03-21T00:00:00", "type": "oraclelinux", "title": "openssh security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-5600", "CVE-2016-3115"], "modified": "2016-03-21T00:00:00", "id": "ELSA-2016-0466", "href": "http://linux.oracle.com/errata/ELSA-2016-0466.html", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "centos": [{"lastseen": "2023-06-05T02:28:33", "description": "**CentOS Errata and Security Advisory** CESA-2015:1980\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss and nspr users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2015-November/070947.html\nhttps://lists.centos.org/pipermail/centos-announce/2015-November/070948.html\n\n**Affected packages:**\nnspr\nnspr-devel\nnss\nnss-devel\nnss-pkcs11-devel\nnss-tools\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2015:1980", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-04T11:34:51", "type": "centos", "title": "nspr, nss security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2015-11-04T11:36:19", "id": "CESA-2015:1980", "href": "https://lists.centos.org/pipermail/centos-announce/2015-November/070947.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-05T02:28:33", "description": "**CentOS Errata and Security Advisory** CESA-2015:1981\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support \ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities. \n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed\nnspr packages to completely resolve the CVE-2015-7183 issue. This erratum\nincludes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2015-November/070939.html\nhttps://lists.centos.org/pipermail/centos-announce/2015-November/070940.html\nhttps://lists.centos.org/pipermail/centos-announce/2015-November/070941.html\nhttps://lists.centos.org/pipermail/centos-announce/2015-November/070943.html\nhttps://lists.centos.org/pipermail/centos-announce/2015-November/070944.html\nhttps://lists.centos.org/pipermail/centos-announce/2015-November/070945.html\n\n**Affected packages:**\nnspr\nnspr-devel\nnss\nnss-devel\nnss-pkcs11-devel\nnss-sysinit\nnss-tools\nnss-util\nnss-util-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2015:1981", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-04T15:57:04", "type": "centos", "title": "nspr, nss security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2015-11-04T16:35:45", "id": "CESA-2015:1981", "href": "https://lists.centos.org/pipermail/centos-announce/2015-November/070939.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-02T20:51:00", "description": "**CentOS Errata and Security Advisory** CESA-2015:1419\n\n\nThe libxml2 library is a development toolbox providing the implementation\nof various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library parsed\ncertain XML files. An attacker could provide a specially crafted XML file\nthat, when parsed by an application using libxml2, could cause that\napplication to use an excessive amount of memory. (CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug:\n\nThis update fixes an error that occurred when running a test case for the\nserialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The desktop must be\nrestarted (log out, then log back in) for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-cr-announce/2015-July/021610.html\n\n**Affected packages:**\nlibxml2\nlibxml2-devel\nlibxml2-python\nlibxml2-static\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2015:1419", "cvss3": {}, "published": "2015-07-26T14:12:37", "type": "centos", "title": "libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2015-07-26T14:12:37", "id": "CESA-2015:1419", "href": "https://lists.centos.org/pipermail/centos-cr-announce/2015-July/021610.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-05T02:28:21", "description": "**CentOS Errata and Security Advisory** CESA-2016:0466\n\n\nOpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation.\nThese packages include the core files necessary for both the OpenSSH client\nand server.\n\nIt was discovered that the OpenSSH server did not sanitize data received\nin requests to enable X11 forwarding. An authenticated client with\nrestricted SSH access could possibly use this flaw to bypass intended\nrestrictions. (CVE-2016-3115)\n\nIt was discovered that the OpenSSH sshd daemon did not check the list of\nkeyboard-interactive authentication methods for duplicates. A remote\nattacker could use this flaw to bypass the MaxAuthTries limit, making it\neasier to perform password guessing attacks. (CVE-2015-5600)\n\nAll openssh users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the OpenSSH server daemon (sshd) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2016-March/071220.html\n\n**Affected packages:**\nopenssh\nopenssh-askpass\nopenssh-clients\nopenssh-ldap\nopenssh-server\npam_ssh_agent_auth\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2016:0466", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 6.4, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 2.7}, "published": "2016-03-21T22:18:29", "type": "centos", "title": "openssh, pam_ssh_agent_auth security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600", "CVE-2016-3115"], "modified": "2016-03-21T22:18:29", "id": "CESA-2016:0466", "href": "https://lists.centos.org/pipermail/centos-announce/2016-March/071220.html", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "mozilla": [{"lastseen": "2023-06-05T02:25:23", "description": "Mozilla engineers Tyson Smith and David Keeler reported a use-after-poison and buffer overflow in the ASN.1 decoder in Network Security Services (NSS). These issues were in octet string parsing and were found through fuzzing and code inspection. If these issues were triggered, they would lead to a potentially exploitable crash. These issues were fixed in NSS version 3.19.2.1 and 3.19.4, shipped in Firefox and Firefox ESR, respectively, as well as NSS 3.20.1.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-03T00:00:00", "type": "mozilla", "title": "NSS and NSPR memory corruption issues \u2014 Mozilla", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2015-11-03T00:00:00", "id": "MFSA2015-133", "href": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2023-06-05T02:31:58", "description": "**Issue Overview:**\n\nNetwork Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. \n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue. This erratum includes nss and nss-utils packages rebuilt against the fixed nspr version.\n\n \n**Affected Packages:** \n\n\nnspr, nss-util, nss, jss\n\n \n**Issue Correction:** \nRun _yum update nspr_ to update your system. \nRun _yum update nss-util_ to update your system. \nRun _yum update nss_ to update your system. \nRun _yum update jss_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 nspr-debuginfo-4.10.8-2.35.amzn1.i686 \n \u00a0\u00a0\u00a0 nspr-4.10.8-2.35.amzn1.i686 \n \u00a0\u00a0\u00a0 nspr-devel-4.10.8-2.35.amzn1.i686 \n \u00a0\u00a0\u00a0 nss-util-debuginfo-3.19.1-4.47.amzn1.i686 \n \u00a0\u00a0\u00a0 nss-util-3.19.1-4.47.amzn1.i686 \n \u00a0\u00a0\u00a0 nss-util-devel-3.19.1-4.47.amzn1.i686 \n \u00a0\u00a0\u00a0 nss-tools-3.19.1-7.74.amzn1.i686 \n \u00a0\u00a0\u00a0 nss-debuginfo-3.19.1-7.74.amzn1.i686 \n \u00a0\u00a0\u00a0 nss-sysinit-3.19.1-7.74.amzn1.i686 \n \u00a0\u00a0\u00a0 nss-3.19.1-7.74.amzn1.i686 \n \u00a0\u00a0\u00a0 nss-pkcs11-devel-3.19.1-7.74.amzn1.i686 \n \u00a0\u00a0\u00a0 nss-devel-3.19.1-7.74.amzn1.i686 \n \u00a0\u00a0\u00a0 jss-4.2.6-35.17.amzn1.i686 \n \u00a0\u00a0\u00a0 jss-javadoc-4.2.6-35.17.amzn1.i686 \n \u00a0\u00a0\u00a0 jss-debuginfo-4.2.6-35.17.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 nspr-4.10.8-2.35.amzn1.src \n \u00a0\u00a0\u00a0 nss-util-3.19.1-4.47.amzn1.src \n \u00a0\u00a0\u00a0 nss-3.19.1-7.74.amzn1.src \n \u00a0\u00a0\u00a0 jss-4.2.6-35.17.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 nspr-4.10.8-2.35.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nspr-debuginfo-4.10.8-2.35.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nspr-devel-4.10.8-2.35.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nss-util-devel-3.19.1-4.47.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nss-util-3.19.1-4.47.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nss-util-debuginfo-3.19.1-4.47.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nss-3.19.1-7.74.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nss-debuginfo-3.19.1-7.74.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nss-sysinit-3.19.1-7.74.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nss-tools-3.19.1-7.74.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nss-devel-3.19.1-7.74.amzn1.x86_64 \n \u00a0\u00a0\u00a0 nss-pkcs11-devel-3.19.1-7.74.amzn1.x86_64 \n \u00a0\u00a0\u00a0 jss-debuginfo-4.2.6-35.17.amzn1.x86_64 \n \u00a0\u00a0\u00a0 jss-4.2.6-35.17.amzn1.x86_64 \n \u00a0\u00a0\u00a0 jss-javadoc-4.2.6-35.17.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2015-7181](<https://access.redhat.com/security/cve/CVE-2015-7181>), [CVE-2015-7182](<https://access.redhat.com/security/cve/CVE-2015-7182>), [CVE-2015-7183](<https://access.redhat.com/security/cve/CVE-2015-7183>)\n\nMitre: [CVE-2015-7181](<https://vulners.com/cve/CVE-2015-7181>), [CVE-2015-7182](<https://vulners.com/cve/CVE-2015-7182>), [CVE-2015-7183](<https://vulners.com/cve/CVE-2015-7183>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-05T01:58:00", "type": "amazon", "title": "Critical: nspr, nss-util, nss, jss", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2015-11-04T22:49:00", "id": "ALAS-2015-608", "href": "https://alas.aws.amazon.com/ALAS-2015-608.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ibm": [{"lastseen": "2023-02-21T05:51:54", "description": "## Summary\n\nNetwork Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. \n \nIBM Security Access Manager for Mobile is affected by vulnerabilities in nss, nss-util and nspr packages. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-7181_](<https://vulners.com/cve/CVE-2015-7181>)** \nDESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-poison in the sec_asn1d_parse_leaf() function. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107814_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107814>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2015-7182_](<https://vulners.com/cve/CVE-2015-7182>)** \nDESCRIPTION:** Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when decoding constructed OCTET STRING. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107815_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107815>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2015-7183_](<https://vulners.com/cve/CVE-2015-7183>)** \nDESCRIPTION:** Mozilla Firefox is vulnerable to a denial of service, caused by an integer overflow in the Netscape Portable Runtime (NSPR) in PL_ARENA_ALLOCATE. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107816_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107816>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM Security Access Manager for Mobile 8.0 appliances, all firmware versions \nIBM Security Access Manager 9.0 appliances\n\n## Remediation/Fixes\n\nThe table below provides links to patches for all affected versions. Follow the installation instructions in the README file included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Mobile| 8.0 - 8.0.1.3| IV80770| 1\\. For 8.0-8.0.1.2 environments, upgrade to 8.0.1.3: \n[8.0.1-ISS-ISAM-FP0003](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0&platform=Linux&function=all>) \n2\\. Apply 8.0.1.3 Interim Fix 4: \n[8.0.1.3-ISS-ISAM-IF0004 ](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0.1.3&platform=Linux&function=all>) \nIBM Security Access Manager| 9.0| IV80752| 1\\. Upgrade to 9.0.0.1: \n[9.0.0-ISS-ISAM-FP0001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=Linux&function=all>) \n2\\. Apply 9.0.0.1 Interim Fix 1: \n[_9.0.0.1-ISS-ISAM-IF0001_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=Linux&function=all>) \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:38:59", "type": "ibm", "title": "Security Bulletin: IBM Security Access Manager for Mobile is affected by Network Security Services (NSS) vulnerabilities (CVE-2015-7181, CVE-2015-7182, CVE-2015-7183)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2018-06-16T21:38:59", "id": "6AF96EB050013ED48F68D92BD7F0D2CD31479E1E62B5EF9DE3391683EC76A4BD", "href": "https://www.ibm.com/support/pages/node/538911", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:51:54", "description": "## Summary\n\nNetwork Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. \n \nIBM Security Access Manager for Web is affected by vulnerabilities in nss, nss-util and nspr packages. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-7181_](<https://vulners.com/cve/CVE-2015-7181>)** \nDESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-poison in the sec_asn1d_parse_leaf() function. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107814_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107814>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2015-7182_](<https://vulners.com/cve/CVE-2015-7182>)** \nDESCRIPTION:** Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when decoding constructed OCTET STRING. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107815_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107815>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2015-7183_](<https://vulners.com/cve/CVE-2015-7183>)** \nDESCRIPTION:** Mozilla Firefox is vulnerable to a denial of service, caused by an integer overflow in the Netscape Portable Runtime (NSPR) in PL_ARENA_ALLOCATE. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107816_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107816>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM Security Access Manager for Web 7.0 appliances, all firmware versions \nIBM Security Access Manager for Web 8.0 appliances, all firmware versions \nIBM Security Access Manager 9.0 appliances\n\n## Remediation/Fixes\n\nThe table below provides links to patches for all affected versions. Follow the installation instructions in the README file included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Web| 7.0 - 7.0.0.20 (appliances)| IV80753| 1\\. Apply Interim Fix 21: \n[_7.0.0-ISS-WGA-IF0021_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0&platform=All&function=all>) \nIBM Security Access Manager for Web| 8.0 - 8.0.1.3| IV80752| 1\\. For 8.0-8.0.1.2 environments, upgrade to 8.0.1.3: \n[8.0.1-ISS-WGA-FP0003](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0&platform=All&function=all>)** ** \n2\\. Apply 8.0.1.3 Interim Fix 4:[_8.0.1.3-ISS-WGA-IF0004_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \nIBM Security Access Manager| 9.0| IV80752| 1\\. Upgrade to 9.0.0.1: \n[9.0.0-ISS-ISAM-FP0001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=Linux&function=all>) \n2\\. Apply 9.0.0.1 Interim Fix 1: \n[_9.0.0.1-ISS-ISAM-IF0001_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=All&function=all>) \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:38:59", "type": "ibm", "title": "Security Bulletin: IBM Security Access Manager for Web is affected by Network Security Services (NSS) vulnerabilities (CVE-2015-7181, CVE-2015-7182, CVE-2015-7183)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2018-06-16T21:38:59", "id": "3B19E0871CEE70A970574559FDC5AE00438D2E528DE6C532C9CB9113C291D887", "href": "https://www.ibm.com/support/pages/node/538909", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-05T05:40:07", "description": "## Summary\n\nThere are vulnerabilities in Network Security Services (NSS) to which the IBM\u00ae FlashSystem\u2122 840 and IBM FlashSystem 900 are susceptible. An exploit of these vulnerabilities could allow a remote attacker to execute arbitrary code on a vulnerable system, cause the application to crash, or cause a denial of service.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-7181_](<https://vulners.com/cve/CVE-2015-7181>) \n**DESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-poison in the sec_asn1d_parse_leaf() function. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107814_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107814>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2015-7182_](<https://vulners.com/cve/CVE-2015-7182>) \n**DESCRIPTION:** Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when decoding constructed OCTET STRING. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107815_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107815>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2015-7183_](<https://vulners.com/cve/CVE-2015-7183>) \n**DESCRIPTION:** Mozilla Firefox is vulnerable to a denial of service, caused by an integer overflow in the Netscape Portable Runtime (NSPR) in PL_ARENA_ALLOCATE. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107816_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107816>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nFlashSystem 840 including machine type and models (MTMs) for all available code levels. MTMs affected include 9840-AE1 and 9843-AE1. \n \nFlashSystem 900 including machine type and models (MTMs) for all available code levels. MTMs affected include 9840-AE2 and 9843-AE2.\n\n## Remediation/Fixes\n\n_MTMs_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n**FlashSystem ****840 MTM: ** \n9840-AE1 & \n9843-AE1 \n \n**FlashSystem 900 MTMs:** \n9840-AE2 & \n9843-AE2| _Code fixes are now available, the minimum VRMF containing the fix depends on the code stream: \n \n___Fixed code VRMF .__ \n_1.4 stream: 1.4.0.10 (or later)_ \n_1.3 stream: 1.3.0.5 (or later)_ \n_1.2 stream: 1.2.1.9 (or later)_| _ __N/A_| _No workarounds or mitigations, other than applying this code fix, are known for this vulnerability_ \n \n** \n**[**_FlashSystem 840 fixes_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+840&release=All&platform=All&function=all>)** **and [**_FlashSystem 900 fixes_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+900&release=All&platform=All&function=all>)** **are available @ IBM\u2019s Fix Central \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-02-18T01:45:50", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in the Network Security Services (NSS) affect the IBM FlashSystem models 840 and 900 (CVE-2015-7181, CVE-2015-7182, CVE-2015-7183)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2023-02-18T01:45:50", "id": "690C2F6BB9DF8108C4313BCCC3CCCF4E022A569CF9AD4E03977A2BBC5B434347", "href": "https://www.ibm.com/support/pages/node/691087", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-05T05:38:32", "description": "## Summary\n\nVulnerabilities in Network Security (NSS) and Netscape Portable Runtime (NSPR) affect the IBM SAN Volume Controller and Storwize Family. Though the CVE descriptions below document the vunerbilities in the context of the Mozilla product, the IBM SAN Volume Controller and Storwize Family of products have resolved the vulnerabilities in the context in which these underlying services (NSS and NSPR) are used by these products.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-7181_](<https://vulners.com/cve/CVE-2015-7181>)** \nDESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-poison in the sec_asn1d_parse_leaf() function. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107814_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107814>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2015-7182_](<https://vulners.com/cve/CVE-2015-7182>)** \nDESCRIPTION:** Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when decoding constructed OCTET STRING. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107815_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107815>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2015-7183_](<https://vulners.com/cve/CVE-2015-7183>)** \nDESCRIPTION:** Mozilla Firefox is vulnerable to a denial of service, caused by an integer overflow in the Netscape Portable Runtime (NSPR) in PL_ARENA_ALLOCATE. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107816_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107816>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM SAN Volume Controller \nIBM Storwize V7000 \nIBM Storwize V5000 \nIBM Storwize V3700 \nIBM Storwize V3500 \n \nAll products are affected when running supported releases 1.1 to 7.6 except for versions 7.4.0.9, 7.5.0.7, 7.6.0.4, 7.6.1.1 and above.\n\n## Remediation/Fixes\n\nIBM recommends that you fix this vulnerability by upgrading affected versions of IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500 to the following code level or higher: \n \n7.4.0.9 \n7.5.0.7 \n7.6.0.4 \n7.6.1.1 \n \n[_Latest SAN Volume Controller Code_](<http://www-01.ibm.com/support/docview.wss?rs=591&uid=ssg1S1001707>) \n[_Latest Storwize V7000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003705>) \n[_Latest Storwize V5000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004336>) \n[_Latest Storwize V3700 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004172>) \n[_Latest Storwize V3500 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004171>)\n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-03-29T01:48:02", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Network Security (NSS) and Netscape Portable Runtime (NSPR) affect IBM SAN Volume Controller and Storwize Family (CVE-2015-7181 CVE-2015-7182 CVE-2015-7183)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2023-03-29T01:48:02", "id": "60F8FD3FBE1A4D4BF30F7A5A3AA7A8F96F80B2A3894045EF525F4F05711C95E0", "href": "https://www.ibm.com/support/pages/node/691099", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:41:12", "description": "## Summary\n\nIBM SmartCloud Entry is vulnerable to several libxml2 vulnerabilities. Remote attackers can exploit them to consume all available memory resources.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<https://vulners.com/cve/CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM SmartCloud Entry 2.2.0 through 2.2.0.3 Appliance fix pack 3 \nIBM SmartCloud Entry 2.3.0 through 2.3.0.3 Appliance fix pack 3 \nIBM SmartCloud Entry 2.4.0 through 2.4.0.3 Appliance fix pack 3 \nIBM SmartCloud Entry 3.1.0 through 3.1.0.4 Appliance fix pack 17 \nIBM SmartCloud Entry 3.2.0 through 3.2.0.4 Appliance fix pack 17\n\n## Remediation/Fixes\n\nProduct\n\n| VRMF| APAR| Remediation/First Fix \n---|---|---|--- \nIBM SmartCloud Entry| 2.2| None| IBM SmarctCloud Entry 2.2.0 Appliance fix pack 4: \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+Starter+Kit+for+Cloud&release=All&platform=All&function=fixId&fixids=2.2.0.4-IBM-SKC_APPL-FP004&includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+Starter+Kit+for+Cloud&release=All&platform=All&function=fixId&fixids=2.2.0.4-IBM-SKC_APPL-FP004&includeSupersedes=0>) \nIBM SmartCloud Entry| 2.3| None| IBM SmartCloud Entry 2.3.0 Appliance fix pack 4: \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=2.3.0.3&platform=All&function=fixId&fixids=2.3.0.4-IBM-SCE_APPL-FP004&includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=2.3.0.3&platform=All&function=fixId&fixids=2.3.0.4-IBM-SCE_APPL-FP004&includeSupersedes=0>) \nIBM SmartCloud Entry| 2.4| None| IBM SmartCloud Entry 2.4.0 Appliance fix pack 4:[](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=2.4.0&platform=All&function=fixId&fixids=2.4.0.3-IBM-SCE_APPL-FP003&includeSupersedes=0>) \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=2.4.0.3&platform=All&function=fixId&fixids=2.4.0.4-IBM-SCE_APPL-FP004&includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=2.4.0.3&platform=All&function=fixId&fixids=2.4.0.4-IBM-SCE_APPL-FP004&includeSupersedes=0>) \nIBM SmartCloud Entry| 3.1| None| IBM SmartCloud Entry 3.1.0 Appliance fix pack 18: \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=All&platform=All&function=fixId&fixids=3.1.0.4-IBM-SCE_APPL-FP18&includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=All&platform=All&function=fixId&fixids=3.1.0.4-IBM-SCE_APPL-FP18&includeSupersedes=0>) \nIBM SmartCloud Entry| 3.2| None| IBM SmartCloud Entry 3.2.0 Appliance fix pack 18:[](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=3.2.0.4&platform=All&function=fixId&fixids=3.2.0.4-IBM-SCE_APPL-FP15&includeSupersedes=0>) \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=All&platform=All&function=fixId&fixids=+3.2.0.4-IBM-SCE_APPL-FP18+&includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=All&platform=All&function=fixId&fixids=+3.2.0.4-IBM-SCE_APPL-FP18+&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNone known\n\n## ", "cvss3": {}, "published": "2020-07-19T00:49:12", "type": "ibm", "title": "Security Bulletin: Libxml2 vulnerabilities affect IBM SmartCloud Entry (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2020-07-19T00:49:12", "id": "2EFA761D58F0D7141C702194752C3FC6082E24B56AF4D50FDDDCE3EADBD675E9", "href": "https://www.ibm.com/support/pages/node/682123", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-21T05:51:51", "description": "## Summary\n\nIBM Security Access Manager for Web is affected by a denial of service vulnerability in libxml2. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<https://vulners.com/cve/CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM Security Access Manager for Web 7.0 appliances, all firmware versions \nIBM Security Access Manager for Web 8.0 appliances, all firmware versions \nIBM Security Access Manager 9.0 appliances, all firmware versions\n\n## Remediation/Fixes\n\nThe table below provides links to patches for all affected versions. Follow the installation instructions in the README file included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Web| 7.0 - 7.0.0.20 (appliances)| IV80986| 1\\. Apply Interim Fix 21: \n[_7.0.0-ISS-WGA-IF0021_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0&platform=All&function=all>) \nIBM Security Access Manager for Web| 8.0 - 8.0.1.3| IV80971| 1\\. For 8.0-8.0.1.2 environments, upgrade to 8.0.1.3: \n[8.0.1-ISS-WGA-FP0003](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0&platform=All&function=all>)** ** \n2\\. Apply 8.0.1.3 Interim Fix 4:[_8.0.1.3-ISS-WGA-IF0004_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \nIBM Security Access Manager| 9.0 - 9.0.0.1| IV80971| 1\\. For 9.0 environments, upgrade to 9.0.0.1: \n[9.0.0-ISS-ISAM-FP0001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=Linux&function=all>) \n2\\. Apply 9.0.0.1 Interim Fix 1: \n[_9.0.0.1-ISS-ISAM-IF0001_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=All&function=all>) \n \n## ", "cvss3": {}, "published": "2018-06-16T21:39:02", "type": "ibm", "title": "Security Bulletin: A libxml vulnerability affects IBM Security Access Manager for Web (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-16T21:39:02", "id": "89257A9062FB5478B817FD1D0B21510D31D1A39427F3EFCD4545A41253582842", "href": "https://www.ibm.com/support/pages/node/539043", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-21T05:57:05", "description": "## Summary\n\nIBM DataPower Gateways has addressed a vulnerability in parsing certain XML files that could cause a denial of service.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<https://vulners.com/cve/CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM DataPower Gateway appliances versions 7.2.0.0, 7.2.0.1 and 7.2.0.2\n\n## Remediation/Fixes\n\nFix is available in version 7.2.0.3. Refer to [APAR IT12605](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT12605>) for URLs to download the fix. \n \nYou should verify applying this fix does not cause any compatibility issues. \n\n_For DataPower customers using versions 5.x and earlier versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product. _\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {}, "published": "2018-06-15T07:04:54", "type": "ibm", "title": "Security Bulletin: A vulnerability in XML processing affects IBM DataPower Gateways (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-15T07:04:54", "id": "F5F7933E4670518D029E646B3B5F66B6C322058A1D1D30AD54B208AD8D95B0DE", "href": "https://www.ibm.com/support/pages/node/539887", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-21T01:50:50", "description": "## Summary\n\nThe Libxml library is a development toolbox providing the implementation of various XML standards. A security vulnerability has been discovered in Libxml used with IBM Security Network Protection.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<https://vulners.com/cve/CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM Security Network Protection 5.2 \nIBM Security Network Protection 5.3\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Protection | Firmware version 5.2| Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0013 from [_IBM Fix Central_](<http://www-933.ibm.com/support/fixcentral/>) and upload and install via the Fix Packs page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3| Download Firmware 5.3.1.6 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3| Install Firmware 5.3.2 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-16T21:31:49", "type": "ibm", "title": "Security Bulletin: A vulnerability in Libxml affects IBM Security Network Protection (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-16T21:31:49", "id": "ECAE9C428E6921780DCBD019FD8DB249F90FAE52B7CDFC11A8FDE3AB81842108", "href": "https://www.ibm.com/support/pages/node/270005", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-21T01:52:03", "description": "## Summary\n\nIBM InfoSphere Streams may be vulnerable to a denial of service attack due to the use of Libxml2 (CVE-2015-1819)\n\n## Vulnerability Details\n\n**CVEID:****CVEID:** [_CVE-2015-1819_](<https://vulners.com/cve/CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n * * IBM InfoSphere Streams Version 1.2.1.0\n * IBM InfoSphere Streams Version 2.0.0.4 and earlier \n * IBM InfoSphere Streams Version 3.0.0.5 and earlier \n * IBM InfoSphere Streams Version 3.1.0.7 and earlier \n * IBM InfoSphere Streams Version 3.2.1.4 and earlier\n * IBM InfoSphere Streams Version 4.0.1.1 and earlier\n * IBM Streams Version 4.1.1.0 and earlier\n\n## Remediation/Fixes\n\n \nNOTE: Fix Packs are available on IBM Fix Central. \n\n * **Version 4.1.1**:\n * Apply [4.1.1 Fix Pack 1 (4.1.1.1) or higher.](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Streams&release=4.1.1.0&platform=All&function=all>)\n * **Version 4.0.1:**\n * Apply [_4.0.1 Fix Pack 2 (4.0.1.2) or higher_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Streams&release=4.0.1.1&platform=All&function=all>).\n * **Version 3.2.1:**\n * Apply [_3.2.1 Fix Pack 5 (3.2.1.5) or higher_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Streams&release=3.2.1.4&platform=All&function=all>).\n * **Version 3.1.0:**\n * Apply [_3.1 Fix Pack 8 (3.1.0.8) or higher_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Streams&release=3.1.0.7&platform=All&function=all>).\n * **Version 3.0.0:**\n * Apply [_3.0 Fix Pack 6 (3.0.0.6) or higher_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Streams&release=3.0.0.5&platform=All&function=all>). \n * **Versions 1.2 and 2.0:** For version 1.x and 2.x IBM recommends upgrading to a fixed, supported version/release/platform of the product. Customers who cannot upgrade and need to secure their installation should open a PMR with IBM Technical Support and request assistance securing their InfoSphere Streams system against the vulnerabilities identified in this Security Bulletin. \n\n## ", "cvss3": {}, "published": "2018-06-16T13:39:56", "type": "ibm", "title": "Security Bulletin: A vulnerability in XML processing affects IBM InfoSphere Streams (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-16T13:39:56", "id": "76E57CEF5B52280F24F03546152B520C29370EE8F65604719A437DFC5B9D68FF", "href": "https://www.ibm.com/support/pages/node/275951", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-21T05:51:45", "description": "## Summary\n\nVulnerabilities in Open Source libxml2 that is used by IBM Security Identity Governance\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<https://vulners.com/cve/CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM Security Identity Governance and Intelligence 5.2\n\n## Remediation/Fixes\n\nIBM Security Identity Governance and Intelligence\n\n| 5.2| None| [5.2.0.1-ISS-SIGI-IF0002](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.0.0&platform=Linux&function=all>) \n---|---|---|--- \n \n_For _IBM Security Identity Governance 5.1.0 , IBM Security Identity Governance 5.1.1, _IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## ", "cvss3": {}, "published": "2018-06-16T21:39:51", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Open Source libxml2 affect IBM Security Identity Governance Appliance (CVE-2015-1819 )", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-16T21:39:51", "id": "272A70EAB7832A1CA1419E5AF531A4920BA199872E0D365408A139F34D31075E", "href": "https://www.ibm.com/support/pages/node/542407", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-21T05:51:46", "description": "## Summary\n\nIBM Security Access Manager for Mobile is affected by a denial of service vulnerability in libxml2. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<https://vulners.com/cve/CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM Security Access Manager for Mobile 8.0 appliances, all firmware versions \nIBM Security Access Manager 9.0 appliances, all firmware versions\n\n## Remediation/Fixes\n\nThe table below provides links to patches for all affected versions. Follow the installation instructions in the README file included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Mobile| 8.0 - 8.0.1.3| IV80972| 1\\. For 8.0-8.0.1.2 environments, upgrade to 8.0.1.3: \n[8.0.1-ISS-ISAM-FP0003](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0&platform=Linux&function=all>) \n2\\. Apply 8.0.1.3 Interim Fix 4: \n[8.0.1.3-ISS-ISAM-IF0004 ](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0.1.3&platform=Linux&function=all>) \nIBM Security Access Manager| 9.0| IV80971| 1\\. Upgrade to 9.0.0.1: \n[9.0.0-ISS-ISAM-FP0001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=Linux&function=all>) \n2\\. Apply 9.0.0.1 Interim Fix 1: \n[_9.0.0.1-ISS-ISAM-IF0001_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=Linux&function=all>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {}, "published": "2018-06-16T21:39:39", "type": "ibm", "title": "Security Bulletin: A libxml vulnerability affects IBM Security Access Manager for Mobile (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-16T21:39:39", "id": "94ADF9C910A362467000D0DD8590BD5C24E2AED265E1E3B9AB7A109A4D0AF94F", "href": "https://www.ibm.com/support/pages/node/541373", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:39:14", "description": "## Summary\n\nIBM BladeCenter Advanced Management Module (AMM) has addressed the following vulnerability in OpenSSH.\n\n## Vulnerability Details\n\n## Summary\n\nIBM BladeCenter Advanced Management Module (AMM) has addressed the following vulnerability in OpenSSH.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-5600](<https://vulners.com/cve/CVE-2015-5600>)\n\n**Description:** OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication mechanism that allows successive authentications that exceed the MaxAuthTries setting. An attacker could exploit this vulnerability using brute-force techniques to crack the victim's password.\n\nCVSS Base Score: 4 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/104877> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nProduct | Affected Version \n---|--- \nIBM BladeCenter Advanced Management Module (AMM) | bpet66n-3.66n \n \n## Remediation/Fixes:\n\nFirmware fix versions are available on Fix Central: \n<http://www.ibm.com/support/fixcentral/>\n\nProduct | Fixed Version \n---|--- \nIBM BladeCenter Advanced Management Module (AMM) \nibm_fw_amm_bpet66p-3.66p_anyos_noarch | bpet66p-3.66p \n \nYou should verify applying this fix does not cause any compatibility issues.\n\n## Workarounds and Mitigations:\n\nNone.\n\n## References:\n\n * [Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide.html>)\n * [On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n08 March 2016: Original version published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2020-11-02T20:22:51", "type": "ibm", "title": "Security Bulletin: Vulnerability in OpenSSH affects IBM BladeCenter Advanced Management Module (AMM) (CVE-2015-5600)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600"], "modified": "2020-11-02T20:22:51", "id": "52BACDC88952FDDA0E2AD245BFF0C77AD954ADED8187759D72D88112EE7DF7F4", "href": "https://www.ibm.com/support/pages/node/868466", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2023-02-21T21:53:35", "description": "## Summary\n\nA security vulnerability has been identified in openssh that is contained in the IBM Flex System Manager (FSM). This bulletin addresses the vulnerability.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-5600_](<https://vulners.com/cve/CVE-2015-5600>)** \nDESCRIPTION:** OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication mechanism that allows successive authentications that exceed the MaxAuthTries setting. An attacker could exploit this vulnerability using brute-force techniques to crack the victim's password. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104877_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104877>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nFlex System Manager 1.3.4.x \nFlex System Manager 1.3.3.x \nFlex System Manager 1.3.2.x \nFlex System Manager 1.3.1.x \nFlex System Manager 1.3.0.x \nFlex System Manager 1.2.x.x \nFlex System Manager 1.1.x.x\n\n## Remediation/Fixes\n\nIBM recommends updating the FSM using the instructions referenced in this table. \n \n**Warning**: Agents older than version 6.3.5 must be updated using the Technote listed in these Remediation plans before this FSM fix is installed or you will permanently lose contact with the endpoint with agents older than version 6.3.5 \n \n\n\nProduct| VRMF| APAR| Remediation \n---|---|---|--- \nFlex System Manager| 1.3.4.x| IT12081| Verify the required Java updates have been completed, then install [fsmfix1.3.4.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602](<http://www-933.ibm.com/support/fixcentral/systemx/selectFix?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.4.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602&function=fixId&parent=Flex%20System%20Manager%20Node>)\n\nInstructions for verifying installation of the Java updates can be found in the \"Confirm the fixes were applied properly\" section of Technote [761981453](<http://www-01.ibm.com/support/docview.wss?uid=nas777e5323a516f40f286257f03006ae4b5>). \n \nFlex System Manager| 1.3.3.x| IT12081| Verify the required Java updates have been completed, then install [fsmfix1.3.3.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602](<http://www-933.ibm.com/support/fixcentral/systemx/selectFix?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.3.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602&function=fixId&parent=Flex%20System%20Manager%20Node>)\n\nInstructions for verifying installation of the Java updates can be found in the \"Confirm the fixes were applied properly\" section of [](<http://www-01.ibm.com/support/docview.wss?uid=nas777e5323a516f40f286257f03006ae4b5>)Technote [736218441](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=nas724cb521f58c4126286257dfd005c1958>). \n \nFlex System Manager| 1.3.2.x| IT12081| Verify the required Java updates have been completed, then install [fsmfix1.3.2.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602](<http://www-933.ibm.com/support/fixcentral/systemx/selectFix?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.2.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602&function=fixId&parent=Flex%20System%20Manager%20Node>)\n\nInstructions for verifying installation of the Java updates can be found in the \"Confirm the fixes were applied properly\" section of [](<http://www-01.ibm.com/support/docview.wss?uid=nas777e5323a516f40f286257f03006ae4b5>)Technote [736218441](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=nas724cb521f58c4126286257dfd005c1958>). \n \nFlex System Manager| 1.3.1.x| IT12081| IBM recommends upgrading to a fixed, supported version/release and following the appropriate remediation for all vulnerabilities. \nFlex System Manager| 1.3.0.x| IT12081| IBM recommends upgrading to a fixed, supported version/release and following the appropriate remediation for all vulnerabilities. \nFlex System Manager| 1.2.x.x| IT12081| IBM recommends upgrading to a fixed, supported version/release and following the appropriate remediation for all vulnerabilities. \nFlex System Manager| 1.1.x.x| IT12081| IBM recommends upgrading to a fixed, supported version/release and following the appropriate remediation for all vulnerabilities. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-18T01:29:44", "type": "ibm", "title": "Security Bulletin: A security vulnerability with openssh affects IBM Flex System Manager (CVE-2015-5600)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600"], "modified": "2018-06-18T01:29:44", "id": "FC6C4426C76B592E968FD3C9EA26406E90FB3C95C30F68EC9CCD547D24485997", "href": "https://www.ibm.com/support/pages/node/681595", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2023-02-21T01:50:48", "description": "## Summary\n\nA security vulnerability has been discovered in OpenSSH used with IBM Security Network Protection.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-5600_](<https://vulners.com/cve/CVE-2015-5600>)** \nDESCRIPTION:** OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication mechanism that allows successive authentications that exceed the MaxAuthTries setting. An attacker could exploit this vulnerability using brute-force techniques to crack the victim's password. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104877_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104877>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Security Network Protection 5.2 \nIBM Security Network Protection 5.3.1 \nIBM Security Network Protection 5.3.2\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Protection | Firmware version 5.2| Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0013 from [_IBM Fix Central_](<http://www-933.ibm.com/support/fixcentral/>) and upload and install via the Fix Packs page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3.1| Download Firmware 5.3.1.6 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3.2| Install Firmware 5.3.2.1 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-16T21:31:49", "type": "ibm", "title": "Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Protection (CVE-2015-5600)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600"], "modified": "2018-06-16T21:31:49", "id": "BBAF4A8874B4E6550EACD53B3B3956D87F91956BE43B6AC0570EF1AE5320225C", "href": "https://www.ibm.com/support/pages/node/270015", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2023-06-05T05:54:58", "description": "## Summary\n\nA security vulnerability has been discovered in OpenSSH used with IBM Security Network Intrusion Prevention System.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-5600_](<https://vulners.com/cve/CVE-2015-5600>)** \nDESCRIPTION:** OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication mechanism that allows successive authentications that exceed the MaxAuthTries setting. An attacker could exploit this vulnerability using brute-force techniques to crack the victim's password. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104877_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104877>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nProducts: GX3002, GX4002, GX4004, GX4004-v2, GX5008, GX5008-v2, GX5108, GX5108-v2, GX5208, GX5208-v2, GX6116, GX7412, GX7412-10, GX7412-05, GX7800, GV200, GV1000 \n \nFirmware versions 4.6.2, 4.6.1, 4.6, 4.5, 4.4, and 4.3\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Intrusion Prevention System | Firmware version 4.6.2| [_4.6.2.0-ISS-ProvG-AllModels-System-FP0011_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.6.1| [_4.6.1.0-ISS-ProvG-AllModels-System-FP0015_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.6| [_4.6.0.0-ISS-ProvG-AllModels-System-FP0013_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.5| [_4.5.0.0-ISS-ProvG-AllModels-System-FP0015_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.4| [_4.4.0.0-ISS-ProvG-AllModels-System-FP0015_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.3| [_4.3.0.0-ISS-ProvG-AllModels-System-FP0013_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2022-02-23T19:48:26", "type": "ibm", "title": "Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Intrusion Prevention System (CVE-2015-5600)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600"], "modified": "2022-02-23T19:48:26", "id": "0840225027FABDA459826FFEB2567F962694C590B4289850C4F762651A17B943", "href": "https://www.ibm.com/support/pages/node/270021", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2023-06-05T05:37:31", "description": "## Summary\n\nIBM Flex System FC43171 8Gb SAN Switch and SAN Pass-thru, QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter have addressed the following CVE.\n\n## Vulnerability Details\n\n## Summary\n\nIBM Flex System FC43171 8Gb SAN Switch and SAN Pass-thru, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter have addressed the following CVE.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-5600](<https://vulners.com/cve/CVE-2015-5600>)\n\n**Description:** OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication mechanism that allows successive authentications that exceed the MaxAuthTries setting. An attacker could exploit this vulnerability using brute-force techniques to crack the victim's password.\n\nCVSS Base Score: 4 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/104877> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nProduct | Affected Version \n---|--- \nIBM Flex System FC43171 8Gb SAN Switch and SAN Pass-thru | 9.1 \nQLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module for BladeCenter | 7.10 \nQLogic Virtual Fabric Extension Module for IBM BladeCenter | 9.0 \n \n## Remediation/Fixes:\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\nProduct | Fixed Version \n---|--- \nIBM Flex System FC43171 8Gb SAN Switch and SAN Pass-thru \n(qlgc_fw_flex_9.1.7.01.00_anyos_noarch) | 9.1.7.01.00 \nQLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module for BladeCenter \n(qlgc_fw_bcsw_7.10.1.37.00_anyos_noarch) | 7.10.1.37.00 \nQLogic Virtual Fabric Extension Module for IBM BladeCenter \n(qlgc_fw_bcsw_9.0.3.14.00_anyos_noarch) | 9.0.3.14.0 \n \n## Workarounds and Mitigations:\n\nNone\n\n## References:\n\n * [Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide.html>)\n * [On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n25 November 2015: Original version published \n17 March 2016: Revised version published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2023-04-14T14:32:25", "type": "ibm", "title": "Security Bulletin: Vulnerability in OpenSSH affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru, QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter (CVE-2015-5600)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600"], "modified": "2023-04-14T14:32:25", "id": "EF5B2D0A9632D9FCC8D5F4EF59632AD918EDECF151F6DE1111A719008C90C99A", "href": "https://www.ibm.com/support/pages/node/868202", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2023-06-05T05:59:56", "description": "## Summary\n\nOpensh is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-5600_](<https://vulners.com/cve/CVE-2015-5600>)** \nDESCRIPTION:** OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication mechanism that allows successive authentications that exceed the MaxAuthTries setting. An attacker could exploit this vulnerability using brute-force techniques to crack the victim's password. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104877_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104877>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\n \nPower HMC V7.3.0.0 \nPower HMC V7.9.0.0 \nPower HMC V8.1.0.0 \nPower HMC V8.2.0.0 \nPower HMC V8.3.0.0 \nPower HMC V8.4.0.0 \n\n## Remediation/Fixes\n\n \n\n\nProduct\n\n| \n\nVRMF\n\n| \n\nAPAR\n\n| \n\nRemediation/Fix \n \n---|---|---|--- \n \nPower HMC\n\n| \n\nV7.7.3.0 SP1\n\n| \n\nMB03972\n\n| \n\n[Apply eFix MH01577](<http://www-933.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm/hmc/9100HMC&release=V7R7.3.0&platform=All&function=all>) \n \nPower HMC\n\n| \n\nV7.7.9.0 SP2\n\n| \n\nMB03974\n\n| \n\n[Apply eFix MH01579](<http://www-933.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm/hmc/9100HMC&release=V7R7.9.0&platform=All&function=all>) \n \nPower HMC\n\n| \n\nV8.8.1.0 SP2\n\n| \n\nMB03975\n\n| \n\n[Apply eFix MH01580](<http://www-933.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm/hmc/9100HMC&release=V8R8.1.0&platform=All&function=all>) \n \nPower HMC\n\n| \n\nV8.8.2.0 SP2\n\n| \n\nMB03976\n\n| \n\n[Apply eFix MH01581](<http://www-933.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm/hmc/9100HMC&release=V8R8.2.0&platform=All&function=all>) \n \nPower HMC\n\n| \n\nV8.8.3.0 SP1\n\n| \n\nMB03977\n\n| \n\n[Apply eFix MH01582](<http://www-933.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm/hmc/9100HMC&release=V8R8.3.0&platform=All&function=all>) \n \nPower HMC\n\n| \n\nV8.8.4.0\n\n| \n\nMH01559\n\n| \n\n[Apply eFix MH01560](<http://www-933.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm/hmc/9100HMC&release=V8R8.4.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2021-09-23T01:31:39", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in openssh affect Power Hardware Management Console (CVE-2015-5600)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600"], "modified": "2021-09-23T01:31:39", "id": "EDF4B5A27866764F46339E29215E0B00F97C916965ECE1597B9CD93AA0C2F432", "href": "https://www.ibm.com/support/pages/node/666609", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "f5": [{"lastseen": "2017-06-08T00:16:17", "description": "\nF5 Product Development has assigned ID 556383 (BIG-IP), ID 561855 (BIG-IQ), and ID 561858 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Medium| NSS libraries \nBIG-IP AAM| 12.0.0 \n11.6.0 \n11.4.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Medium| NSS libraries \nBIG-IP AFM| 12.0.0 \n11.6.0 \n11.3.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Medium| NSS libraries \nBIG-IP Analytics| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Medium| NSS libraries \nBIG-IP APM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Medium| NSS libraries \nBIG-IP ASM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Medium| NSS libraries \nBIG-IP DNS| 12.0.0| 12.1.0| Medium| NSS libraries \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| NSS libraries \nBIG-IP GTM| 11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 11.6.1 \n11.5.4| Medium| NSS libraries \nBIG-IP Link Controller| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Medium| NSS libraries \nBIG-IP PEM| 12.0.0 \n11.6.0 \n11.3.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Medium| NSS libraries \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| None| Medium| NSS libraries \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| NSS libraries \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| NSS libraries \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.0.0 - 3.1.1| None| Medium| NSS libraries \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Medium| NSS libraries \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Medium| NSS libraries \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Medium| NSS libraries \nBIG-IQ ADC| 4.5.0| None| Medium| NSS libraries \nBIG-IQ Centralized Management| 4.6.0| None| Medium| NSS libraries \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Medium| NSS libraries \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity **values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network and limit shell access to trusted users. For more information about securing access to the BIG-IP or Enterprise Manager systems, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "cvss3": {}, "published": "2015-12-09T20:46:00", "type": "f5", "title": "Mozilla NSS vulnerabilities CVE-2015-7181, CVE-2015-7182, and CVE-2015-7183", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2016-05-24T01:48:00", "id": "F5:K31372672", "href": "https://support.f5.com/csp/article/K31372672", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:49:02", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity **values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network and limit shell access to trusted users. For more information about securing access to the BIG-IP or Enterprise Manager systems, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "cvss3": {}, "published": "2015-12-09T00:00:00", "type": "f5", "title": "SOL31372672 - Mozilla NSS vulnerabilities CVE-2015-7181, CVE-2015-7182, and CVE-2015-7183", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2016-05-23T00:00:00", "id": "SOL31372672", "href": "http://support.f5.com/kb/en-us/solutions/public/k/31/sol31372672.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:45:06", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists. \n \nF5 responds to vulnerabilities in accordance with the **Severity **values published in the previous table. The **Severity **values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should permit management access to F5 products only over a secure network and limit shell access to trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x) and SOL13092: Overview of securing access to the BIG-IP system. In addition, secure the BIG-IP system from unwanted connection attempts by controlling the level of access to each self IP address defined on the system. For more information, refer to SOL13250: Overview of port lockdown behavior (10.x - 11.x).\n\nSupplemental Information\n\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL17329: BIG-IP GTM name has changed to BIG-IP DNS\n * SOL11719: Mitigating risk from SSH brute force login attacks\n", "cvss3": {}, "published": "2015-08-14T00:00:00", "type": "f5", "title": "SOL17113 - OpenSSH vulnerability CVE-2015-5600", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600"], "modified": "2016-06-09T00:00:00", "id": "SOL17113", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/100/sol17113.html", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:COMPLETE/"}}, {"lastseen": "2023-06-05T08:50:29", "description": "The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list. ([CVE-2015-5600](<https://vulners.com/cve/CVE-2015-5600>))\n\nImpact\n\nRemote attackers may be able to conduct brute-force attacks or cause a denial-of-service (DoS) by way of the ssh -oKbdInteractiveDevices option.\n", "cvss3": {}, "published": "2015-08-14T17:16:00", "type": "f5", "title": "OpenSSH vulnerability CVE-2015-5600", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600"], "modified": "2018-09-21T20:59:00", "id": "F5:K17113", "href": "https://support.f5.com/csp/article/K17113", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "veracode": [{"lastseen": "2023-04-18T13:17:38", "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182) A heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter. All nss and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.\n", "cvss3": {}, "published": "2019-05-02T05:43:35", "type": "veracode", "title": "Arbitrary Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2022-04-19T18:13:53", "id": "VERACODE:17494", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-17494/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:17:42", "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182) A heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter. All nss and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-02T05:43:34", "type": "veracode", "title": "Arbitrary Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2022-04-19T18:16:51", "id": "VERACODE:17493", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-17493/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:22:25", "description": "nss is vulnerable to denial of service (DoS) attacks. The vulnerability exists as the sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a \"use-after-poison\" issue.\n", "cvss3": {}, "published": "2019-01-15T09:08:13", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181"], "modified": "2019-05-15T06:18:15", "id": "VERACODE:11834", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-11834/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:57:57", "description": "Nokogiri versions before 1.6.6.4 contain a vulnerable version of libxml2 as a C extension. The vulnerability allows for memory consumption denial of service.\n", "cvss3": {}, "published": "2019-01-15T09:06:40", "type": "veracode", "title": "Denial Of Service (DoS) Memory Consumption", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2019-12-27T18:25:46", "id": "VERACODE:11718", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-11718/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-04-18T13:12:28", "description": "openssh uses an insecure authentication. It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to perform password guessing attacks.\n", "cvss3": {}, "published": "2019-01-15T09:10:32", "type": "veracode", "title": "Insecure Authentication", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600"], "modified": "2022-12-13T13:43:51", "id": "VERACODE:11974", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-11974/summary", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "redhat": [{"lastseen": "2023-05-26T02:21:32", "description": "Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss and nspr users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-04T00:00:00", "type": "redhat", "title": "(RHSA-2015:1980) Critical: nss and nspr security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2017-09-08T07:54:45", "id": "RHSA-2015:1980", "href": "https://access.redhat.com/errata/RHSA-2015:1980", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T02:21:32", "description": "Network Security Services (NSS) is a set of libraries designed to support \nthe cross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities. \n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuilt against the fixed\nnspr packages to completely resolve the CVE-2015-7183 issue. This erratum\nincludes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler, and Ryan Sleevi as the\noriginal reporters.\n\nAll nss, nss-util, and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-18T00:00:00", "type": "redhat", "title": "(RHSA-2015:2068) Critical: nss, nss-util, and nspr security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2016-09-03T22:18:37", "id": "RHSA-2015:2068", "href": "https://access.redhat.com/errata/RHSA-2015:2068", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T02:21:32", "description": "Network Security Services (NSS) is a set of libraries designed to support \ncross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities. \n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in\nthe way NSS parsed certain ASN.1 structures. An attacker could use these\nflaws to cause NSS to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSS library.\n(CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this\nflaw to cause NSPR to crash or execute arbitrary code with the permissions\nof the user running an application compiled against the NSPR library.\n(CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed\nnspr packages to completely resolve the CVE-2015-7183 issue. This erratum\nincludes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the\noriginal reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-04T00:00:00", "type": "redhat", "title": "(RHSA-2015:1981) Critical: nss, nss-util, and nspr security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2018-06-06T16:24:04", "id": "RHSA-2015:1981", "href": "https://access.redhat.com/errata/RHSA-2015:1981", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T02:21:32", "description": "The libxml2 library is a development toolbox providing the implementation\nof various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library parsed\ncertain XML files. An attacker could provide a specially crafted XML file\nthat, when parsed by an application using libxml2, could cause that\napplication to use an excessive amount of memory. (CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug:\n\nThis update fixes an error that occurred when running a test case for the\nserialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The desktop must be\nrestarted (log out, then log back in) for this update to take effect.\n", "cvss3": {}, "published": "2015-07-22T00:00:00", "type": "redhat", "title": "(RHSA-2015:1419) Low: libxml2 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-06T16:24:21", "id": "RHSA-2015:1419", "href": "https://access.redhat.com/errata/RHSA-2015:1419", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-26T02:21:31", "description": "OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation.\nThese packages include the core files necessary for both the OpenSSH client\nand server.\n\nIt was discovered that the OpenSSH server did not sanitize data received\nin requests to enable X11 forwarding. An authenticated client with\nrestricted SSH access could possibly use this flaw to bypass intended\nrestrictions. (CVE-2016-3115)\n\nIt was discovered that the OpenSSH sshd daemon did not check the list of\nkeyboard-interactive authentication methods for duplicates. A remote\nattacker could use this flaw to bypass the MaxAuthTries limit, making it\neasier to perform password guessing attacks. (CVE-2015-5600)\n\nAll openssh users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the OpenSSH server daemon (sshd) will be restarted automatically.\n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 6.4, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 2.7}, "published": "2016-03-21T00:00:00", "type": "redhat", "title": "(RHSA-2016:0466) Moderate: openssh security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5600", "CVE-2016-3115"], "modified": "2018-06-06T16:24:20", "id": "RHSA-2016:0466", "href": "https://access.redhat.com/errata/RHSA-2016:0466", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "nessus": [{"lastseen": "2023-05-18T14:17:32", "description": "Updated nss, nss-util, and nspr packages that fix three security issues are now available for Red Hat Enterprise Linux 6.2 and 6.4 Advanced Update Support, and Red Hat Enterprise Linux 6.5 and 6.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuilt against the fixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler, and Ryan Sleevi as the original reporters.\n\nAll nss, nss-util, and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2015-11-18T00:00:00", "type": "nessus", "title": "RHEL 6 : nss, nss-util, and nspr (RHSA-2015:2068)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nspr", "p-cpe:/a:redhat:enterprise_linux:nspr-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nspr-devel", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel", "p-cpe:/a:redhat:enterprise_linux:nss-sysinit", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "p-cpe:/a:redhat:enterprise_linux:nss-util", "p-cpe:/a:redhat:enterprise_linux:nss-util-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-util-devel", "cpe:/o:redhat:enterprise_linux:6.2", "cpe:/o:redhat:enterprise_linux:6.4", "cpe:/o:redhat:enterprise_linux:6.5", "cpe:/o:redhat:enterprise_linux:6.6"], "id": "REDHAT-RHSA-2015-2068.NASL", "href": "https://www.tenable.com/plugins/nessus/86910", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2068. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86910);\n script_version(\"2.16\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_xref(name:\"RHSA\", value:\"2015:2068\");\n\n script_name(english:\"RHEL 6 : nss, nss-util, and nspr (RHSA-2015:2068)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nss, nss-util, and nspr packages that fix three security\nissues are now available for Red Hat Enterprise Linux 6.2 and 6.4\nAdvanced Update Support, and Red Hat Enterprise Linux 6.5 and 6.6\nExtended Update Support.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were\nfound in the way NSS parsed certain ASN.1 structures. An attacker\ncould use these flaws to cause NSS to crash or execute arbitrary code\nwith the permissions of the user running an application compiled\nagainst the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use\nthis flaw to cause NSPR to crash or execute arbitrary code with the\npermissions of the user running an application compiled against the\nNSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuilt against the\nfixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the\nfixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Tyson Smith, David Keeler, and Ryan\nSleevi as the original reporters.\n\nAll nss, nss-util, and nspr users are advised to upgrade to these\nupdated packages, which contain backported patches to correct these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7181\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6\\.2|6\\.4|6\\.5|6\\.6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.2 / 6.4 / 6.5 / 6.6\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2068\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{ sp = get_kb_item(\"Host/RedHat/minor_release\");\n if (isnull(sp)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\n\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", reference:\"nspr-4.10.8-2.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"nspr-4.10.6-2.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"nspr-4.9.5-5.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"nspr-4.8.9-6.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nspr-4.9.5-5.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nspr-4.8.9-6.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", reference:\"nspr-debuginfo-4.10.8-2.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"nspr-debuginfo-4.10.6-2.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"nspr-debuginfo-4.9.5-5.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"nspr-debuginfo-4.8.9-6.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nspr-debuginfo-4.9.5-5.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nspr-debuginfo-4.8.9-6.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", reference:\"nspr-devel-4.10.8-2.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"nspr-devel-4.10.6-2.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"nspr-devel-4.9.5-5.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"nspr-devel-4.8.9-6.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nspr-devel-4.9.5-5.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nspr-devel-4.8.9-6.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", reference:\"nss-3.19.1-4.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"nss-3.16.1-9.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"nss-3.14.3-9.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"nss-3.13.1-12.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nss-3.14.3-9.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nss-3.13.1-12.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", reference:\"nss-debuginfo-3.19.1-4.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"nss-debuginfo-3.16.1-9.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"nss-debuginfo-3.14.3-9.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"nss-debuginfo-3.13.1-12.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nss-debuginfo-3.14.3-9.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nss-debuginfo-3.13.1-12.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", reference:\"nss-devel-3.19.1-4.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"nss-devel-3.16.1-9.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"nss-devel-3.14.3-9.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"nss-devel-3.13.1-12.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nss-devel-3.14.3-9.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nss-devel-3.13.1-12.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", reference:\"nss-pkcs11-devel-3.19.1-4.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"nss-pkcs11-devel-3.16.1-9.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"nss-pkcs11-devel-3.14.3-9.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"nss-pkcs11-devel-3.13.1-12.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nss-pkcs11-devel-3.14.3-9.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nss-pkcs11-devel-3.13.1-12.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"i686\", reference:\"nss-sysinit-3.19.1-4.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"nss-sysinit-3.16.1-9.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"s390x\", reference:\"nss-sysinit-3.19.1-4.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"nss-sysinit-3.16.1-9.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"x86_64\", reference:\"nss-sysinit-3.19.1-4.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nss-sysinit-3.14.3-9.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nss-sysinit-3.13.1-12.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"nss-sysinit-3.16.1-9.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"i686\", reference:\"nss-tools-3.19.1-4.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"nss-tools-3.16.1-9.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"s390x\", reference:\"nss-tools-3.19.1-4.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"nss-tools-3.16.1-9.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"x86_64\", reference:\"nss-tools-3.19.1-4.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nss-tools-3.14.3-9.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nss-tools-3.13.1-12.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"nss-tools-3.16.1-9.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", reference:\"nss-util-3.19.1-2.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"nss-util-3.16.1-3.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"nss-util-3.14.3-7.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"nss-util-3.13.1-9.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nss-util-3.14.3-7.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nss-util-3.13.1-9.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", reference:\"nss-util-debuginfo-3.19.1-2.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"nss-util-debuginfo-3.16.1-3.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"nss-util-debuginfo-3.14.3-7.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"nss-util-debuginfo-3.13.1-9.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nss-util-debuginfo-3.14.3-7.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nss-util-debuginfo-3.13.1-9.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", reference:\"nss-util-devel-3.19.1-2.el6_6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"nss-util-devel-3.16.1-3.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"nss-util-devel-3.14.3-7.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"nss-util-devel-3.13.1-9.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"nss-util-devel-3.14.3-7.el6_4\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"nss-util-devel-3.13.1-9.el6_2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:29", "description": "Updated nss, nss-util, and nspr packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : nss, nss-util, and nspr (RHSA-2015:1981)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nspr", "p-cpe:/a:redhat:enterprise_linux:nspr-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nspr-devel", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel", "p-cpe:/a:redhat:enterprise_linux:nss-sysinit", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "p-cpe:/a:redhat:enterprise_linux:nss-util", "p-cpe:/a:redhat:enterprise_linux:nss-util-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-util-devel", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.7", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.1", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-1981.NASL", "href": "https://www.tenable.com/plugins/nessus/86745", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1981. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86745);\n script_version(\"2.20\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_xref(name:\"RHSA\", value:\"2015:1981\");\n\n script_name(english:\"RHEL 6 / 7 : nss, nss-util, and nspr (RHSA-2015:1981)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nss, nss-util, and nspr packages that fix three security\nissues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were\nfound in the way NSS parsed certain ASN.1 structures. An attacker\ncould use these flaws to cause NSS to crash or execute arbitrary code\nwith the permissions of the user running an application compiled\nagainst the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use\nthis flaw to cause NSPR to crash or execute arbitrary code with the\npermissions of the user running an application compiled against the\nNSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the\nfixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the\nfixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Tyson Smith, David Keeler and Ryan\nSleevi as the original reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these\nupdated packages, which contain backported patches to correct these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7181\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1981\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"nspr-4.10.8-2.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nspr-debuginfo-4.10.8-2.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nspr-devel-4.10.8-2.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-3.19.1-5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-debuginfo-3.19.1-5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-devel-3.19.1-5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-pkcs11-devel-3.19.1-5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"nss-sysinit-3.19.1-5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"nss-sysinit-3.19.1-5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"nss-sysinit-3.19.1-5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"nss-tools-3.19.1-5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"nss-tools-3.19.1-5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"nss-tools-3.19.1-5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-util-3.19.1-2.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-util-debuginfo-3.19.1-2.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-util-devel-3.19.1-2.el6_7\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", reference:\"nspr-4.10.8-2.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nspr-debuginfo-4.10.8-2.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nspr-devel-4.10.8-2.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nss-3.19.1-7.el7_1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nss-debuginfo-3.19.1-7.el7_1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nss-devel-3.19.1-7.el7_1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nss-pkcs11-devel-3.19.1-7.el7_1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"nss-sysinit-3.19.1-7.el7_1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"nss-sysinit-3.19.1-7.el7_1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"nss-tools-3.19.1-7.el7_1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"nss-tools-3.19.1-7.el7_1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nss-util-3.19.1-4.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nss-util-debuginfo-3.19.1-4.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nss-util-devel-3.19.1-4.el7_1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:38", "description": "From Red Hat Security Advisory 2015:1981 :\n\nUpdated nss, nss-util, and nspr packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : nspr / nss / nss-util (ELSA-2015-1981)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:nspr", "p-cpe:/a:oracle:linux:nspr-devel", "p-cpe:/a:oracle:linux:nss", "p-cpe:/a:oracle:linux:nss-devel", "p-cpe:/a:oracle:linux:nss-pkcs11-devel", "p-cpe:/a:oracle:linux:nss-sysinit", "p-cpe:/a:oracle:linux:nss-tools", "p-cpe:/a:oracle:linux:nss-util", "p-cpe:/a:oracle:linux:nss-util-devel", "cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-1981.NASL", "href": "https://www.tenable.com/plugins/nessus/86742", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1981 and \n# Oracle Linux Security Advisory ELSA-2015-1981 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86742);\n script_version(\"2.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_xref(name:\"RHSA\", value:\"2015:1981\");\n\n script_name(english:\"Oracle Linux 6 / 7 : nspr / nss / nss-util (ELSA-2015-1981)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1981 :\n\nUpdated nss, nss-util, and nspr packages that fix three security\nissues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were\nfound in the way NSS parsed certain ASN.1 structures. An attacker\ncould use these flaws to cause NSS to crash or execute arbitrary code\nwith the permissions of the user running an application compiled\nagainst the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use\nthis flaw to cause NSPR to crash or execute arbitrary code with the\npermissions of the user running an application compiled against the\nNSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the\nfixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the\nfixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Tyson Smith, David Keeler and Ryan\nSleevi as the original reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these\nupdated packages, which contain backported patches to correct these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-November/005490.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-November/005494.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nspr, nss and / or nss-util packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"nspr-4.10.8-2.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nspr-devel-4.10.8-2.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-3.19.1-5.0.1.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-devel-3.19.1-5.0.1.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-pkcs11-devel-3.19.1-5.0.1.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-sysinit-3.19.1-5.0.1.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-tools-3.19.1-5.0.1.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-util-3.19.1-2.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-util-devel-3.19.1-2.el6_7\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nspr-4.10.8-2.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nspr-devel-4.10.8-2.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-3.19.1-7.0.1.el7_1.2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-devel-3.19.1-7.0.1.el7_1.2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-pkcs11-devel-3.19.1-7.0.1.el7_1.2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-sysinit-3.19.1-7.0.1.el7_1.2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-tools-3.19.1-7.0.1.el7_1.2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-util-3.19.1-4.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-util-devel-3.19.1-4.el7_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-pkcs11-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:50", "description": "Updated nss, nss-util, and nspr packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the fixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "CentOS 6 / 7 : nspr / nss / nss-util (CESA-2015:1981)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:nspr", "p-cpe:/a:centos:centos:nspr-devel", "p-cpe:/a:centos:centos:nss", "p-cpe:/a:centos:centos:nss-devel", "p-cpe:/a:centos:centos:nss-pkcs11-devel", "p-cpe:/a:centos:centos:nss-sysinit", "p-cpe:/a:centos:centos:nss-tools", "p-cpe:/a:centos:centos:nss-util", "p-cpe:/a:centos:centos:nss-util-devel", "cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-1981.NASL", "href": "https://www.tenable.com/plugins/nessus/86725", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1981 and \n# CentOS Errata and Security Advisory 2015:1981 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86725);\n script_version(\"2.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_xref(name:\"RHSA\", value:\"2015:1981\");\n\n script_name(english:\"CentOS 6 / 7 : nspr / nss / nss-util (CESA-2015:1981)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nss, nss-util, and nspr packages that fix three security\nissues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were\nfound in the way NSS parsed certain ASN.1 structures. An attacker\ncould use these flaws to cause NSS to crash or execute arbitrary code\nwith the permissions of the user running an application compiled\nagainst the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use\nthis flaw to cause NSPR to crash or execute arbitrary code with the\npermissions of the user running an application compiled against the\nNSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the\nfixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the\nfixed nspr version.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Tyson Smith, David Keeler and Ryan\nSleevi as the original reporter.\n\nAll nss, nss-util and nspr users are advised to upgrade to these\nupdated packages, which contain backported patches to correct these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-November/021464.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a95ae164\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-November/021465.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b8c189a3\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-November/021466.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ffcef4e8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-November/021468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?da1bd2af\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-November/021469.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12ccec10\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-November/021470.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?615a02fd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nspr, nss and / or nss-util packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7181\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"nspr-4.10.8-2.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nspr-devel-4.10.8-2.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-devel-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-pkcs11-devel-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-sysinit-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-tools-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-util-3.19.1-2.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-util-devel-3.19.1-2.el6_7\")) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nspr-4.10.8-2.el7_1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nspr-devel-4.10.8-2.el7_1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-devel-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-pkcs11-devel-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-sysinit-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-tools-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-util-3.19.1-4.el7_1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-util-devel-3.19.1-4.el7_1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-pkcs11-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:51", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\nnspr\n\n - Resolves: Bug 1269360 - (CVE-2015-7183)\n\n - nspr: heap-buffer overflow in PL_ARENA_ALLOCATE can lead to crash (under ASAN), potential memory corruption\n\nnss\n\n - Added nss-vendor.patch to change vendor\n\n - Rebuild against updated NSPR\n\n - Sync up with the rhel-6.6 branch\n\n - Resolves: Bug 1224450\n\nnss-util\n\n - Resolves: Bug 1269355 - CVE-2015-7182 (CVE-2015-7181)", "cvss3": {}, "published": "2015-11-06T00:00:00", "type": "nessus", "title": "OracleVM 3.3 : nss / nss-util,nspr (OVMSA-2015-0145)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:nspr", "p-cpe:/a:oracle:vm:nss", "p-cpe:/a:oracle:vm:nss-sysinit", "p-cpe:/a:oracle:vm:nss-tools", "p-cpe:/a:oracle:vm:nss-util", "cpe:/o:oracle:vm_server:3.3"], "id": "ORACLEVM_OVMSA-2015-0145.NASL", "href": "https://www.tenable.com/plugins/nessus/86782", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0145.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86782);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n\n script_name(english:\"OracleVM 3.3 : nss / nss-util,nspr (OVMSA-2015-0145)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\nnspr\n\n - Resolves: Bug 1269360 - (CVE-2015-7183)\n\n - nspr: heap-buffer overflow in PL_ARENA_ALLOCATE can lead\n to crash (under ASAN), potential memory corruption\n\nnss\n\n - Added nss-vendor.patch to change vendor\n\n - Rebuild against updated NSPR\n\n - Sync up with the rhel-6.6 branch\n\n - Resolves: Bug 1224450\n\nnss-util\n\n - Resolves: Bug 1269355 - CVE-2015-7182 (CVE-2015-7181)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2015-November/000376.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?999c4621\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"nspr-4.10.8-2.el6_7\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"nss-3.19.1-5.0.1.el6_7\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"nss-sysinit-3.19.1-5.0.1.el6_7\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"nss-tools-3.19.1-5.0.1.el6_7\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"nss-util-3.19.1-2.el6_7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nss / nss-sysinit / nss-tools / nss-util\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:51", "description": "From Red Hat Security Advisory 2015:1980 :\n\nUpdated nss and nspr packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter.\n\nAll nss and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : nspr / nss (ELSA-2015-1980)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:nspr", "p-cpe:/a:oracle:linux:nspr-devel", "p-cpe:/a:oracle:linux:nss", "p-cpe:/a:oracle:linux:nss-devel", "p-cpe:/a:oracle:linux:nss-pkcs11-devel", "p-cpe:/a:oracle:linux:nss-tools", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2015-1980.NASL", "href": "https://www.tenable.com/plugins/nessus/86741", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1980 and \n# Oracle Linux Security Advisory ELSA-2015-1980 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86741);\n script_version(\"2.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_xref(name:\"RHSA\", value:\"2015:1980\");\n\n script_name(english:\"Oracle Linux 5 : nspr / nss (ELSA-2015-1980)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1980 :\n\nUpdated nss and nspr packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were\nfound in the way NSS parsed certain ASN.1 structures. An attacker\ncould use these flaws to cause NSS to crash or execute arbitrary code\nwith the permissions of the user running an application compiled\nagainst the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use\nthis flaw to cause NSPR to crash or execute arbitrary code with the\npermissions of the user running an application compiled against the\nNSPR library. (CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Tyson Smith, David Keeler and Ryan\nSleevi as the original reporter.\n\nAll nss and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-November/005492.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nspr and / or nss packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"nspr-4.10.8-2.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nspr-devel-4.10.8-2.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-3.19.1-2.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-devel-3.19.1-2.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-pkcs11-devel-3.19.1-2.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-tools-3.19.1-2.el5_11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-pkcs11-devel / nss-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:38", "description": "A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the fixed nspr version.", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : nss, nss-util, and nspr on SL6.x, SL7.x i386/x86_64 (20151104)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:nspr", "p-cpe:/a:fermilab:scientific_linux:nspr-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nspr-devel", "p-cpe:/a:fermilab:scientific_linux:nss", "p-cpe:/a:fermilab:scientific_linux:nss-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nss-devel", "p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel", "p-cpe:/a:fermilab:scientific_linux:nss-sysinit", "p-cpe:/a:fermilab:scientific_linux:nss-tools", "p-cpe:/a:fermilab:scientific_linux:nss-util", "p-cpe:/a:fermilab:scientific_linux:nss-util-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nss-util-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151104_NSS__NSS_UTIL__AND_NSPR_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/86750", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86750);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n\n script_name(english:\"Scientific Linux Security Update : nss, nss-util, and nspr on SL6.x, SL7.x i386/x86_64 (20151104)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-poison flaw and a heap-based buffer overflow flaw were\nfound in the way NSS parsed certain ASN.1 structures. An attacker\ncould use these flaws to cause NSS to crash or execute arbitrary code\nwith the permissions of the user running an application compiled\nagainst the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use\nthis flaw to cause NSPR to crash or execute arbitrary code with the\npermissions of the user running an application compiled against the\nNSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the\nfixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the\nfixed nspr version.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1511&L=scientific-linux-errata&F=&S=&P=1275\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ea75e3d9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-util-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"nspr-4.10.8-2.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nspr-debuginfo-4.10.8-2.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nspr-devel-4.10.8-2.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-debuginfo-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-devel-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-pkcs11-devel-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-sysinit-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-tools-3.19.1-5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-util-3.19.1-2.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-util-debuginfo-3.19.1-2.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-util-devel-3.19.1-2.el6_7\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nspr-4.10.8-2.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nspr-debuginfo-4.10.8-2.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nspr-devel-4.10.8-2.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-debuginfo-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-devel-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-pkcs11-devel-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-sysinit-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-tools-3.19.1-7.el7_1.2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-util-3.19.1-4.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-util-debuginfo-3.19.1-4.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-util-devel-3.19.1-4.el7_1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:56", "description": "Updated nss and nspr packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter.\n\nAll nss and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "CentOS 5 : nspr / nss (CESA-2015:1980)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:nspr", "p-cpe:/a:centos:centos:nspr-devel", "p-cpe:/a:centos:centos:nss", "p-cpe:/a:centos:centos:nss-devel", "p-cpe:/a:centos:centos:nss-pkcs11-devel", "p-cpe:/a:centos:centos:nss-tools", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2015-1980.NASL", "href": "https://www.tenable.com/plugins/nessus/86724", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1980 and \n# CentOS Errata and Security Advisory 2015:1980 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86724);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_xref(name:\"RHSA\", value:\"2015:1980\");\n\n script_name(english:\"CentOS 5 : nspr / nss (CESA-2015:1980)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nss and nspr packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were\nfound in the way NSS parsed certain ASN.1 structures. An attacker\ncould use these flaws to cause NSS to crash or execute arbitrary code\nwith the permissions of the user running an application compiled\nagainst the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use\nthis flaw to cause NSPR to crash or execute arbitrary code with the\npermissions of the user running an application compiled against the\nNSPR library. (CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Tyson Smith, David Keeler and Ryan\nSleevi as the original reporter.\n\nAll nss and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-November/021472.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bd8222b0\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-November/021473.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4152c51\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nspr and / or nss packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7181\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"nspr-4.10.8-2.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"nspr-devel-4.10.8-2.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"nss-3.19.1-2.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"nss-devel-3.19.1-2.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"nss-pkcs11-devel-3.19.1-2.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"nss-tools-3.19.1-2.el5_11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-pkcs11-devel / nss-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:56", "description": "A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20151104)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:nspr", "p-cpe:/a:fermilab:scientific_linux:nspr-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nspr-devel", "p-cpe:/a:fermilab:scientific_linux:nss", "p-cpe:/a:fermilab:scientific_linux:nss-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nss-devel", "p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel", "p-cpe:/a:fermilab:scientific_linux:nss-tools", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151104_NSS_AND_NSPR_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/86751", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86751);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n\n script_name(english:\"Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20151104)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-poison flaw and a heap-based buffer overflow flaw were\nfound in the way NSS parsed certain ASN.1 structures. An attacker\ncould use these flaws to cause NSS to crash or execute arbitrary code\nwith the permissions of the user running an application compiled\nagainst the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use\nthis flaw to cause NSPR to crash or execute arbitrary code with the\npermissions of the user running an application compiled against the\nNSPR library. (CVE-2015-7183)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1511&L=scientific-linux-errata&F=&S=&P=79\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6ce5155\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"nspr-4.10.8-2.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nspr-debuginfo-4.10.8-2.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nspr-devel-4.10.8-2.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-3.19.1-2.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-debuginfo-3.19.1-2.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-devel-3.19.1-2.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-pkcs11-devel-3.19.1-2.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-tools-3.19.1-2.el5_11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:56", "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181 , CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the fixed nspr version.", "cvss3": {}, "published": "2015-11-06T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : nspr / nss-util,nss,jss (ALAS-2015-608)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:jss", "p-cpe:/a:amazon:linux:jss-debuginfo", "p-cpe:/a:amazon:linux:jss-javadoc", "p-cpe:/a:amazon:linux:nspr", "p-cpe:/a:amazon:linux:nspr-debuginfo", "p-cpe:/a:amazon:linux:nspr-devel", "p-cpe:/a:amazon:linux:nss", "p-cpe:/a:amazon:linux:nss-debuginfo", "p-cpe:/a:amazon:linux:nss-devel", "p-cpe:/a:amazon:linux:nss-pkcs11-devel", "p-cpe:/a:amazon:linux:nss-sysinit", "p-cpe:/a:amazon:linux:nss-tools", "p-cpe:/a:amazon:linux:nss-util", "p-cpe:/a:amazon:linux:nss-util-debuginfo", "p-cpe:/a:amazon:linux:nss-util-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-608.NASL", "href": "https://www.tenable.com/plugins/nessus/86770", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-608.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86770);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_xref(name:\"ALAS\", value:\"2015-608\");\n script_xref(name:\"RHSA\", value:\"2015:1981\");\n\n script_name(english:\"Amazon Linux AMI : nspr / nss-util,nss,jss (ALAS-2015-608)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Network Security Services (NSS) is a set of libraries designed to\nsupport cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were\nfound in the way NSS parsed certain ASN.1 structures. An attacker\ncould use these flaws to cause NSS to crash or execute arbitrary code\nwith the permissions of the user running an application compiled\nagainst the NSS library. (CVE-2015-7181 , CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use\nthis flaw to cause NSPR to crash or execute arbitrary code with the\npermissions of the user running an application compiled against the\nNSPR library. (CVE-2015-7183)\n\nNote: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,\nPL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the\nfixed nspr packages to completely resolve the CVE-2015-7183 issue.\nThis erratum includes nss and nss-utils packages rebuilt against the\nfixed nspr version.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-608.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update nspr' to update your system.\n\nRun 'yum update nss-util' to update your system.\n\nRun 'yum update nss' to update your system.\n\nRun 'yum update jss' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jss-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-util-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"jss-4.2.6-35.17.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"jss-debuginfo-4.2.6-35.17.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"jss-javadoc-4.2.6-35.17.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nspr-4.10.8-2.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nspr-debuginfo-4.10.8-2.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nspr-devel-4.10.8-2.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-3.19.1-7.74.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-debuginfo-3.19.1-7.74.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-devel-3.19.1-7.74.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-pkcs11-devel-3.19.1-7.74.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-sysinit-3.19.1-7.74.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-tools-3.19.1-7.74.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-util-3.19.1-4.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-util-debuginfo-3.19.1-4.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-util-devel-3.19.1-4.47.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jss / jss-debuginfo / jss-javadoc / nspr / nspr-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:29", "description": "New mozilla-nss packages are available for Slackware 14.0, 14.1, and\n-current to fix security issues.", "cvss3": {}, "published": "2015-11-09T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / current : mozilla-nss (SSA:2015-310-02)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:mozilla-nss", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2015-310-02.NASL", "href": "https://www.tenable.com/plugins/nessus/86792", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2015-310-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86792);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_xref(name:\"SSA\", value:\"2015-310-02\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / current : mozilla-nss (SSA:2015-310-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New mozilla-nss packages are available for Slackware 14.0, 14.1, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6df945af\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mozilla-nss package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"mozilla-nss\", pkgver:\"3.20.1\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"mozilla-nss\", pkgver:\"3.20.1\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"mozilla-nss\", pkgver:\"3.20.1\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"mozilla-nss\", pkgver:\"3.20.1\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"mozilla-nss\", pkgver:\"3.20.1\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"mozilla-nss\", pkgver:\"3.20.1\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:28", "description": "Updated nss and nspr packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter.\n\nAll nss and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2015-11-04T00:00:00", "type": "nessus", "title": "RHEL 5 : nss and nspr (RHSA-2015:1980)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nspr", "p-cpe:/a:redhat:enterprise_linux:nspr-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nspr-devel", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2015-1980.NASL", "href": "https://www.tenable.com/plugins/nessus/86719", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1980. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86719);\n script_version(\"2.16\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n script_xref(name:\"RHSA\", value:\"2015:1980\");\n\n script_name(english:\"RHEL 5 : nss and nspr (RHSA-2015:1980)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nss and nspr packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA use-after-poison flaw and a heap-based buffer overflow flaw were\nfound in the way NSS parsed certain ASN.1 structures. An attacker\ncould use these flaws to cause NSS to crash or execute arbitrary code\nwith the permissions of the user running an application compiled\nagainst the NSS library. (CVE-2015-7181, CVE-2015-7182)\n\nA heap-based buffer overflow was found in NSPR. An attacker could use\nthis flaw to cause NSPR to crash or execute arbitrary code with the\npermissions of the user running an application compiled against the\nNSPR library. (CVE-2015-7183)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Tyson Smith, David Keeler and Ryan\nSleevi as the original reporter.\n\nAll nss and nspr users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7181\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1980\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"nspr-4.10.8-2.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"nspr-debuginfo-4.10.8-2.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"nspr-devel-4.10.8-2.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"nss-3.19.1-2.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"nss-debuginfo-3.19.1-2.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"nss-devel-3.19.1-2.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"nss-pkcs11-devel-3.19.1-2.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"nss-tools-3.19.1-2.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"nss-tools-3.19.1-2.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"nss-tools-3.19.1-2.el5_11\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:17", "description": "The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a 'use-after-poison' issue", "cvss3": {}, "published": "2016-02-19T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Mozilla NSS vulnerabilities (SOL31372672)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183"], "modified": "2019-01-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL31372672.NASL", "href": "https://www.tenable.com/plugins/nessus/88849", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL31372672.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88849);\n script_version(\"2.13\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\");\n\n script_name(english:\"F5 Networks BIG-IP : Mozilla NSS vulnerabilities (SOL31372672)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The sec_asn1d_parse_leaf function in Mozilla Network Security Services\n(NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox\nbefore 42.0 and Firefox ESR 38.x before 38.4 and other products,\nimproperly restricts access to an unspecified data structure, which\nallows remote attackers to cause a denial of service (application\ncrash) or possibly execute arbitrary code via crafted OCTET STRING\ndata, related to a 'use-after-poison' issue\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K31372672\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL31372672.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL31372672\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.3.0-11.5.3\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.6.1\",\"11.5.4\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.4.0-11.5.3\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.6.1\",\"11.5.4\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.6.1\",\"11.5.4\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.6.1\",\"11.5.4\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.0.0-11.5.3\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.6.1\",\"11.5.4\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0\",\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.1\",\"11.5.4\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.6.1\",\"11.5.4\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.6.1\",\"11.5.4\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.3.0-11.5.3\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.6.1\",\"11.5.4\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:29", "description": "Tyson Smith and David Keeler discovered that NSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : nss vulnerabilities (USN-2791-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libnss3", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2791-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86760", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2791-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86760);\n script_version(\"2.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\");\n script_xref(name:\"USN\", value:\"2791-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : nss vulnerabilities (USN-2791-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tyson Smith and David Keeler discovered that NSS incorrectly handled\ndecoding certain ASN.1 data. An remote attacker could use this issue\nto cause NSS to crash, resulting in a denial of service, or possibly\nexecute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2791-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libnss3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libnss3\", pkgver:\"3.19.2.1-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libnss3\", pkgver:\"2:3.19.2.1-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libnss3\", pkgver:\"2:3.19.2.1-0ubuntu0.15.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libnss3\", pkgver:\"2:3.19.2.1-0ubuntu0.15.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnss3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:01", "description": "Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library. The Common Vulnerabilities and Exposures project identifies the following problems :\n\nCVE-2015-7181\n\nThe sec_asn1d_parse_leaf function improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a 'use-after-poison' issue.\n\nCVE-2015-7182\n\nA Heap-based buffer overflow in the ASN.1 decoder allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.\n\nFor the oldoldstable distribution (squeeze), these problems have been fixed in version 3.12.8-1+squeeze13.\n\nWe recommend that you upgrade your nss packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-11-30T00:00:00", "type": "nessus", "title": "Debian DLA-354-1 : nss security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnss3-1d", "p-cpe:/a:debian:debian_linux:libnss3-1d-dbg", "p-cpe:/a:debian:debian_linux:libnss3-dev", "p-cpe:/a:debian:debian_linux:libnss3-tools", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-354.NASL", "href": "https://www.tenable.com/plugins/nessus/87075", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-354-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87075);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\");\n\n script_name(english:\"Debian DLA-354-1 : nss security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in nss, the Mozilla\nNetwork Security Service library. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\nCVE-2015-7181\n\nThe sec_asn1d_parse_leaf function improperly restricts access to an\nunspecified data structure, which allows remote attackers to cause a\ndenial of service (application crash) or possibly execute arbitrary\ncode via crafted OCTET STRING data, related to a 'use-after-poison'\nissue.\n\nCVE-2015-7182\n\nA Heap-based buffer overflow in the ASN.1 decoder allows remote\nattackers to cause a denial of service (application crash) or possibly\nexecute arbitrary code via crafted OCTET STRING data.\n\nFor the oldoldstable distribution (squeeze), these problems have been\nfixed in version 3.12.8-1+squeeze13.\n\nWe recommend that you upgrade your nss packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/11/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/nss\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-1d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-1d-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libnss3-1d\", reference:\"3.12.8-1+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnss3-1d-dbg\", reference:\"3.12.8-1+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnss3-dev\", reference:\"3.12.8-1+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnss3-tools\", reference:\"3.12.8-1+squeeze13\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:06", "description": "It was discovered that incorrect memory allocation in the NetScape Portable Runtime library might result in denial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2015-11-30T00:00:00", "type": "nessus", "title": "Debian DSA-3406-1 : nspr - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7183"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:nspr", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3406.NASL", "href": "https://www.tenable.com/plugins/nessus/87079", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3406. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87079);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7183\");\n script_xref(name:\"DSA\", value:\"3406\");\n\n script_name(english:\"Debian DSA-3406-1 : nspr - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that incorrect memory allocation in the NetScape\nPortable Runtime library might result in denial of service or the\nexecution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/nspr\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/nspr\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3406\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the nspr packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 2:4.9.2-1+deb7u3.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2:4.10.7-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libnspr4\", reference:\"2:4.9.2-1+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libnspr4-0d\", reference:\"2:4.9.2-1+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libnspr4-dbg\", reference:\"2:4.9.2-1+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libnspr4-dev\", reference:\"2:4.9.2-1+deb7u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnspr4\", reference:\"2:4.10.7-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnspr4-0d\", reference:\"2:4.10.7-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnspr4-dbg\", reference:\"2:4.10.7-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnspr4-dev\", reference:\"2:4.10.7-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:46", "description": "Ryan Sleevi discovered that NSPR incorrectly handled memory allocation. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : nspr vulnerability (USN-2790-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7183"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libnspr4", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2790-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86759", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2790-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86759);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7183\");\n script_xref(name:\"USN\", value:\"2790-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : nspr vulnerability (USN-2790-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ryan Sleevi discovered that NSPR incorrectly handled memory\nallocation. A remote attacker could use this issue to cause NSPR to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2790-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libnspr4 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnspr4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libnspr4\", pkgver:\"4.10.10-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libnspr4\", pkgver:\"2:4.10.10-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libnspr4\", pkgver:\"2:4.10.10-0ubuntu0.15.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libnspr4\", pkgver:\"2:4.10.10-0ubuntu0.15.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnspr4\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:33", "description": "Google security engineer Ryan Sleevi found a vulnerability in the NetScape Portable Runtime Library (NSPR). NSPR allocated memory without specific checks, making it possible for remote attackers to cause a Denial of Service or execute arbitrary code.\n\nFor Debian 6 'Squeeze', this issue have been fixed in nspr version 4.8.6-1+squeeze3. We recommend that you upgrade your nspr packages.\n\nLearn more about the Debian Long Term Support (LTS) Project and how to apply these updates at: https://wiki.debian.org/LTS/\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-11-20T00:00:00", "type": "nessus", "title": "Debian DLA-344-1 : nspr security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7183"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnspr4-0d", "p-cpe:/a:debian:debian_linux:libnspr4-0d-dbg", "p-cpe:/a:debian:debian_linux:libnspr4-dev", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-344.NASL", "href": "https://www.tenable.com/plugins/nessus/86952", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-344-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86952);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7183\");\n\n script_name(english:\"Debian DLA-344-1 : nspr security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google security engineer Ryan Sleevi found a vulnerability in the\nNetScape Portable Runtime Library (NSPR). NSPR allocated memory\nwithout specific checks, making it possible for remote attackers to\ncause a Denial of Service or execute arbitrary code.\n\nFor Debian 6 'Squeeze', this issue have been fixed in nspr version\n4.8.6-1+squeeze3. We recommend that you upgrade your nspr packages.\n\nLearn more about the Debian Long Term Support (LTS) Project and how to\napply these updates at: https://wiki.debian.org/LTS/\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/11/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/nspr\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.debian.org/LTS/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnspr4-0d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnspr4-0d-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnspr4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libnspr4-0d\", reference:\"4.8.6-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnspr4-0d-dbg\", reference:\"4.8.6-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnspr4-dev\", reference:\"4.8.6-1+squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:13", "description": "According to its self-reported version, the Oracle GlassFish Server running on the remote host is 2.1.1.x prior to 2.1.1.27. It is, therefore, affected by a heap buffer overflow condition in the ASN.1 decoder in the Network Security Services (NSS) library. A remote attacker can exploit this, via crafted OCTET STRING data, to cause a denial of service or to execute arbitrary code.", "cvss3": {}, "published": "2016-04-22T00:00:00", "type": "nessus", "title": "Oracle GlassFish Server 2.1.1.x < 2.1.1.27 NSS ASN.1 Decoder RCE (April 2016 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7182"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:oracle:glassfish_server"], "id": "GLASSFISH_CPU_APR_2016.NASL", "href": "https://www.tenable.com/plugins/nessus/90681", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90681);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\"CVE-2015-7182\");\n script_bugtraq_id(77416);\n\n script_name(english:\"Oracle GlassFish Server 2.1.1.x < 2.1.1.27 NSS ASN.1 Decoder RCE (April 2016 CPU)\");\n script_summary(english:\"Checks the version of Oracle GlassFish.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by a remote code execution\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Oracle GlassFish Server\nrunning on the remote host is 2.1.1.x prior to 2.1.1.27. It is,\ntherefore, affected by a heap buffer overflow condition in the ASN.1\ndecoder in the Network Security Services (NSS) library. A remote\nattacker can exploit this, via crafted OCTET STRING data, to cause a\ndenial of service or to execute arbitrary code.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ffb7b96f\");\n # https://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?56572c1f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle GlassFish Server version 2.1.1.27 or later as\nreferenced in the April 2016 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7182\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:glassfish_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"glassfish_detect.nasl\");\n script_require_keys(\"www/glassfish\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"glassfish.inc\");\n\n#\n# Main\n#\n\n# Check for GlassFish\nget_kb_item_or_exit('www/glassfish');\n\nport = get_glassfish_port(default:8080);\n\n# Get the version number out of the KB.\nver = get_kb_item_or_exit(\"www/\" + port + \"/glassfish/version\");\nbanner = get_kb_item_or_exit(\"www/\" + port + \"/glassfish/source\");\npristine = get_kb_item_or_exit(\"www/\" + port + \"/glassfish/version/pristine\");\n\n# Set appropriate fixed versions.\nif (ver =~ \"^2\\.1\\.1(\\.|$)\") fix = \"2.1.1.27\";\nelse fix = NULL;\n\nif (!isnull(fix) && ver_compare(ver:ver, fix:fix, strict:FALSE) < 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + pristine +\n '\\n Fixed version : ' + fix +\n '\\n';\n\n security_report_v4(port:port, extra:report, severity:SECURITY_HOLE);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Oracle GlassFish\", port, pristine);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:12", "description": "According to its self-reported version, the Oracle iPlanet Web Proxy Server (formerly known as Sun Java System Web Proxy Server) installed on the remote host is version 4.0.x prior to 4.0.27. It is, therefore, affected by a heap buffer overflow condition in the ASN.1 decoder in the Network Security Services (NSS) library. A remote attacker can exploit this, via crafted OCTET STRING data, to cause a denial of service or to execute arbitrary code.", "cvss3": {}, "published": "2016-04-21T00:00:00", "type": "nessus", "title": "Oracle iPlanet Web Proxy Server 4.0.x < 4.0.27 NSS ASN.1 Decoder RCE (April 2016 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7182"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:oracle:iplanet_web_proxy_server", "cpe:/a:mozilla:network_security_services"], "id": "IPLANET_WEB_PROXY_4_0_27.NASL", "href": "https://www.tenable.com/plugins/nessus/90627", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90627);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\"CVE-2015-7182\");\n script_bugtraq_id(77416);\n\n script_name(english:\"Oracle iPlanet Web Proxy Server 4.0.x < 4.0.27 NSS ASN.1 Decoder RCE (April 2016 CPU)\");\n script_summary(english:\"Checks the proxyd.exe product version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web proxy server is affected by a remote code execution\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Oracle iPlanet Web Proxy\nServer (formerly known as Sun Java System Web Proxy Server) installed \non the remote host is version 4.0.x prior to 4.0.27. It is, therefore, \naffected by a heap buffer overflow condition in the ASN.1 decoder in\nthe Network Security Services (NSS) library. A remote attacker can\nexploit this, via crafted OCTET STRING data, to cause a denial of\nservice or to execute arbitrary code.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ffb7b96f\");\n # https://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?56572c1f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle iPlanet Web Proxy Server version 4.0.27 or later as\nreferenced in the April 2016 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7182\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:iplanet_web_proxy_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:network_security_services\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"iplanet_web_proxy_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle iPlanet Web Proxy Server\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp_name = 'Oracle iPlanet Web Proxy Server';\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\npath = install['path'];\n\nfixed_version = '4.0.27';\nmin_version = '4.0';\n\nif (\n ver_compare(ver:version, fix:min_version, strict:FALSE) >= 0 &&\n ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1\n)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n report = report_items_str(\n report_items:make_array(\n \"Path\", path,\n \"Installed version\", version,\n \"Fixed version\", fixed_version\n ),\n ordered_fields:make_list(\"Path\", \"Installed version\", \"Fixed version\")\n );\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:11", "description": "According to its self-reported version, the Oracle iPlanet Web Server (formerly known as Sun Java System Web Server) running on the remote host is 7.0.x prior to 7.0.23. It is, therefore, affected by a heap buffer overflow condition in the ASN.1 decoder in the Network Security Services (NSS) library. A remote attacker can exploit this, via crafted OCTET STRING data, to cause a denial of service or to execute arbitrary code.", "cvss3": {}, "published": "2016-04-21T00:00:00", "type": "nessus", "title": "Oracle iPlanet Web Server 7.0.x < 7.0.23 NSS ASN.1 Decoder RCE (April 2016 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7182"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:oracle:iplanet_web_server", "cpe:/a:mozilla:network_security_services"], "id": "SUN_JAVA_WEB_SERVER_7_0_23.NASL", "href": "https://www.tenable.com/plugins/nessus/90628", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90628);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\"CVE-2015-7182\");\n script_bugtraq_id(77416);\n\n script_name(english:\"Oracle iPlanet Web Server 7.0.x < 7.0.23 NSS ASN.1 Decoder RCE (April 2016 CPU)\");\n script_summary(english:\"Checks the version in the admin console.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by a remote code execution\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Oracle iPlanet Web Server\n(formerly known as Sun Java System Web Server) running on the remote \nhost is 7.0.x prior to 7.0.23. It is, therefore, affected by a heap\nbuffer overflow condition in the ASN.1 decoder in the Network Security\nServices (NSS) library. A remote attacker can exploit this, via\ncrafted OCTET STRING data, to cause a denial of service or to execute\narbitrary code.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ffb7b96f\");\n # https://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?56572c1f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle iPlanet Web Server version 7.0.23 or later as\nreferenced in the April 2016 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7182\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:iplanet_web_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:network_security_services\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_iplanet_web_server_detect.nbin\");\n script_require_keys(\"installed_sw/Oracle iPlanet Web Server\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\ninclude(\"http.inc\");\n\napp_name = \"Oracle iPlanet Web Server\";\nport = get_http_port(default:8989);\n\ninstall = get_single_install(app_name:app_name, port:port, exit_if_unknown_ver:TRUE);\nversion = install['version'];\n\nfix = \"7.0.23\";\nmin = \"7.0\";\n\n# Affected 7.0.x < 7.0.23\nif (\n ver_compare(ver:version, fix:min, strict:FALSE) >= 0 &&\n ver_compare(ver:version, fix:fix, strict:FALSE) == -1\n)\n{\n report = report_items_str(\n report_items:make_array(\n \"Installed version\", version,\n \"Fixed version\", fix\n ),\n ordered_fields:make_list(\"Installed version\", \"Fixed version\")\n );\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:49", "description": "Updated libxml2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for the serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-07-23T00:00:00", "type": "nessus", "title": "RHEL 6 : libxml2 (RHSA-2015:1419)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2021-02-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libxml2", "p-cpe:/a:redhat:enterprise_linux:libxml2-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libxml2-devel", "p-cpe:/a:redhat:enterprise_linux:libxml2-python", "p-cpe:/a:redhat:enterprise_linux:libxml2-static", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2015-1419.NASL", "href": "https://www.tenable.com/plugins/nessus/84945", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1419. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84945);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_bugtraq_id(75570);\n script_xref(name:\"RHSA\", value:\"2015:1419\");\n\n script_name(english:\"RHEL 6 : libxml2 (RHSA-2015:1419)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated libxml2 packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in\nthe References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library\nparsed certain XML files. An attacker could provide a specially\ncrafted XML file that, when parsed by an application using libxml2,\ncould cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for\nthe serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1419\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1819\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1419\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"libxml2-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"libxml2-debuginfo-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"libxml2-devel-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"libxml2-python-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"libxml2-python-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libxml2-python-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"libxml2-static-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"libxml2-static-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libxml2-static-2.7.6-20.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:15:59", "description": "Updated libxml2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for the serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-07-28T00:00:00", "type": "nessus", "title": "CentOS 6 : libxml2 (CESA-2015:1419)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libxml2", "p-cpe:/a:centos:centos:libxml2-devel", "p-cpe:/a:centos:centos:libxml2-python", "p-cpe:/a:centos:centos:libxml2-static", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2015-1419.NASL", "href": "https://www.tenable.com/plugins/nessus/85019", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1419 and \n# CentOS Errata and Security Advisory 2015:1419 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85019);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_bugtraq_id(75570);\n script_xref(name:\"RHSA\", value:\"2015:1419\");\n\n script_name(english:\"CentOS 6 : libxml2 (CESA-2015:1419)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libxml2 packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in\nthe References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library\nparsed certain XML files. An attacker could provide a specially\ncrafted XML file that, when parsed by an application using libxml2,\ncould cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for\nthe serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2015-July/002030.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?18612b78\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-1819\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-devel-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-python-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-static-2.7.6-20.el6\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-devel / libxml2-python / libxml2-static\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:52", "description": "Daniel Veilland reports :\n\nEnforce the reader to run in constant memory. One of the operation on the reader could resolve entities leading to the classic expansion issue. Make sure the buffer used for xmlreader operation is bounded.\nIntroduce a new allocation type for the buffers for this effect.", "cvss3": {}, "published": "2015-07-02T00:00:00", "type": "nessus", "title": "FreeBSD : libxml2 -- Enforce the reader to run in constant memory (9c7177ff-1fe1-11e5-9a01-bcaec565249c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-f10-libxml2", "p-cpe:/a:freebsd:freebsd:linux-c6-libxml2", "p-cpe:/a:freebsd:freebsd:libxml2", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_9C7177FF1FE111E59A01BCAEC565249C.NASL", "href": "https://www.tenable.com/plugins/nessus/84496", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84496);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-1819\");\n\n script_name(english:\"FreeBSD : libxml2 -- Enforce the reader to run in constant memory (9c7177ff-1fe1-11e5-9a01-bcaec565249c)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Veilland reports :\n\nEnforce the reader to run in constant memory. One of the operation on\nthe reader could resolve entities leading to the classic expansion\nissue. Make sure the buffer used for xmlreader operation is bounded.\nIntroduce a new allocation type for the buffers for this effect.\"\n );\n # https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0a2fe75c\"\n );\n # https://vuxml.freebsd.org/freebsd/9c7177ff-1fe1-11e5-9a01-bcaec565249c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6b68ce06\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-c6-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-f10-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libxml2<2.9.2_3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-c6-libxml2<2.7.6_5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-f10-libxml2>=*\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:43", "description": "The remote host is affected by the vulnerability described in GLSA-201507-08 (libxml2: Denial of Service)\n\n libxml2 returns the empty string when the allocation limit is encountered while constructing the attribute value string.\n Impact :\n\n A remote attacker may be able to cause Denial of Service via a specially crafted XML file.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2015-07-08T00:00:00", "type": "nessus", "title": "GLSA-201507-08 : libxml2: Denial of Service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:libxml2", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201507-08.NASL", "href": "https://www.tenable.com/plugins/nessus/84607", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201507-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84607);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_xref(name:\"GLSA\", value:\"201507-08\");\n\n script_name(english:\"GLSA-201507-08 : libxml2: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201507-08\n(libxml2: Denial of Service)\n\n libxml2 returns the empty string when the allocation limit is\n encountered while constructing the attribute value string.\n \nImpact :\n\n A remote attacker may be able to cause Denial of Service via a specially\n crafted XML file.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201507-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libxml2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/libxml2-2.9.2-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/libxml2\", unaffected:make_list(\"ge 2.9.2-r1\"), vulnerable:make_list(\"lt 2.9.2-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:51", "description": "From Red Hat Security Advisory 2015:1419 :\n\nUpdated libxml2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for the serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-07-30T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : libxml2 (ELSA-2015-1419)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libxml2", "p-cpe:/a:oracle:linux:libxml2-devel", "p-cpe:/a:oracle:linux:libxml2-python", "p-cpe:/a:oracle:linux:libxml2-static", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2015-1419.NASL", "href": "https://www.tenable.com/plugins/nessus/85106", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1419 and \n# Oracle Linux Security Advisory ELSA-2015-1419 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85106);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_bugtraq_id(75570);\n script_xref(name:\"RHSA\", value:\"2015:1419\");\n\n script_name(english:\"Oracle Linux 6 : libxml2 (ELSA-2015-1419)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1419 :\n\nUpdated libxml2 packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in\nthe References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library\nparsed certain XML files. An attacker could provide a specially\ncrafted XML file that, when parsed by an application using libxml2,\ncould cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for\nthe serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-July/005233.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-2.7.6-20.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-devel-2.7.6-20.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-python-2.7.6-20.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-static-2.7.6-20.0.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-devel / libxml2-python / libxml2-static\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:52", "description": "This upload to Debian squeeze-lts fixes three issues found in the libxml2 package.\n\n(1) CVE-2015-1819 / #782782\n\nFlorian Weimer from Red Hat reported an issue against libxml2, where a parser which uses libxml2 chokes on a crafted XML document, allocating gigabytes of data. This is a fine line issue between API misuse and a bug in libxml2. This issue got addressed in libxml2 upstream and the patch has been backported to libxml2 in squeeze-lts.\n\n(2) #782985\n\nJun Kokatsu reported an out-of-bounds memory access in libxml2. By entering an unclosed html comment the libxml2 parser didn't stop parsing at the end of the buffer, causing random memory to be included in the parsed comment that was returned to the evoking application.\n\nIn the Shopify application (where this issue was originally discovered), this caused ruby objects from previous http requests to be disclosed in the rendered page.\n\n(3) #783010\n\nMichal Zalewski reported another out-of-bound reads issue in libxml2 that did not cause any crashes but could be detected under ASAN and Valgrind.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-07-06T00:00:00", "type": "nessus", "title": "Debian DLA-266-1 : libxml2 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "p-cpe:/a:debian:debian_linux:libxml2-dbg", "p-cpe:/a:debian:debian_linux:libxml2-dev", "p-cpe:/a:debian:debian_linux:libxml2-doc", "p-cpe:/a:debian:debian_linux:libxml2-utils", "p-cpe:/a:debian:debian_linux:python-libxml2", "p-cpe:/a:debian:debian_linux:python-libxml2-dbg", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-266.NASL", "href": "https://www.tenable.com/plugins/nessus/84508", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-266-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84508);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_bugtraq_id(75570);\n\n script_name(english:\"Debian DLA-266-1 : libxml2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This upload to Debian squeeze-lts fixes three issues found in the\nlibxml2 package.\n\n(1) CVE-2015-1819 / #782782\n\nFlorian Weimer from Red Hat reported an issue against libxml2, where a\nparser which uses libxml2 chokes on a crafted XML document, allocating\ngigabytes of data. This is a fine line issue between API misuse and a\nbug in libxml2. This issue got addressed in libxml2 upstream and the\npatch has been backported to libxml2 in squeeze-lts.\n\n(2) #782985\n\nJun Kokatsu reported an out-of-bounds memory access in libxml2. By\nentering an unclosed html comment the libxml2 parser didn't stop\nparsing at the end of the buffer, causing random memory to be included\nin the parsed comment that was returned to the evoking application.\n\nIn the Shopify application (where this issue was originally\ndiscovered), this caused ruby objects from previous http requests to\nbe disclosed in the rendered page.\n\n(3) #783010\n\nMichal Zalewski reported another out-of-bound reads issue in libxml2\nthat did not cause any crashes but could be detected under ASAN and\nValgrind.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/07/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/libxml2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libxml2\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-dbg\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-dev\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-doc\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-utils\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"python-libxml2\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"python-libxml2-dbg\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:48", "description": "A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for the serialization of HTML documents.\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-08-04T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : libxml2 on SL6.x i386/x86_64 (20150722)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:libxml2", "p-cpe:/a:fermilab:scientific_linux:libxml2-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libxml2-devel", "p-cpe:/a:fermilab:scientific_linux:libxml2-python", "p-cpe:/a:fermilab:scientific_linux:libxml2-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150722_LIBXML2_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85200", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85200);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-1819\");\n\n script_name(english:\"Scientific Linux Security Update : libxml2 on SL6.x i386/x86_64 (20150722)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the way the libxml2 library\nparsed certain XML files. An attacker could provide a specially\ncrafted XML file that, when parsed by an application using libxml2,\ncould cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for\nthe serialization of HTML documents.\n\nThe desktop must be restarted (log out, then log back in) for this\nupdate to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1508&L=scientific-linux-errata&F=&S=&P=2135\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6960edf5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-debuginfo-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-devel-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-python-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-static-2.7.6-20.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:27", "description": "In Debian LTS (squeeze), the fix for CVE-2015-5600[1] in openssh 1:5.5p1-6+squeeze7 breaks authentication mechanisms that rely on the keyboard-interactive method. Thanks to Colin Watson for making aware of that.\n\nThe patch fixing CVE-2015-5600 introduces the field 'devices_done' to the KbdintAuthctxt struct, but does not initialize the field in the kbdint_alloc() function. On Linux, this ends up filling that field with junk data. The result of this are random login failures when keyboard-interactive authentication is used.\n\nThis upload of openssh 1:5.5p1-6+squeeze7 to Debian LTS (squeeze) adds that initialization of the `devices_done` field alongside the existing initialization code.\n\nPeople relying on keyboard-interactive based authentication mechanisms with OpenSSH on Debian squeeze(-lts) systems are recommended to upgrade OpenSSH to 1:5.5p1-6+squeeze7.\n\n[1] https://lists.debian.org/debian-lts-announce/2015/08/msg00001.html\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-08-10T00:00:00", "type": "nessus", "title": "Debian DLA-288-2 : openssh regression update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssh-client", "p-cpe:/a:debian:debian_linux:openssh-client-udeb", "p-cpe:/a:debian:debian_linux:openssh-server", "p-cpe:/a:debian:debian_linux:openssh-server-udeb", "p-cpe:/a:debian:debian_linux:ssh", "p-cpe:/a:debian:debian_linux:ssh-askpass-gnome", "p-cpe:/a:debian:debian_linux:ssh-krb5", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-288.NASL", "href": "https://www.tenable.com/plugins/nessus/85278", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-288-2. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85278);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5600\");\n\n script_name(english:\"Debian DLA-288-2 : openssh regression update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"In Debian LTS (squeeze), the fix for CVE-2015-5600[1] in openssh\n1:5.5p1-6+squeeze7 breaks authentication mechanisms that rely on the\nkeyboard-interactive method. Thanks to Colin Watson for making aware\nof that.\n\nThe patch fixing CVE-2015-5600 introduces the field 'devices_done' to\nthe KbdintAuthctxt struct, but does not initialize the field in the\nkbdint_alloc() function. On Linux, this ends up filling that field\nwith junk data. The result of this are random login failures when\nkeyboard-interactive authentication is used.\n\nThis upload of openssh 1:5.5p1-6+squeeze7 to Debian LTS (squeeze) adds\nthat initialization of the `devices_done` field alongside the existing\ninitialization code.\n\nPeople relying on keyboard-interactive based authentication mechanisms\nwith OpenSSH on Debian squeeze(-lts) systems are recommended to\nupgrade OpenSSH to 1:5.5p1-6+squeeze7.\n\n[1] https://lists.debian.org/debian-lts-announce/2015/08/msg00001.html\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/08/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/09/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/openssh\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssh-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssh-client-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssh-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssh-server-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ssh-askpass-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ssh-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"openssh-client\", reference:\"1:5.5p1-6+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"openssh-client-udeb\", reference:\"1:5.5p1-6+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"openssh-server\", reference:\"1:5.5p1-6+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"openssh-server-udeb\", reference:\"1:5.5p1-6+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ssh\", reference:\"1:5.5p1-6+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ssh-askpass-gnome\", reference:\"1:5.5p1-6+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ssh-krb5\", reference:\"1:5.5p1-6+squeeze7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:51", "description": "Security fix for CVE-2015-5600\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-07-31T00:00:00", "type": "nessus", "title": "Fedora 22 : openssh-6.9p1-3.fc22 (2015-11981)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssh", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-11981.NASL", "href": "https://www.tenable.com/plugins/nessus/85133", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-11981.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85133);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5600\");\n script_xref(name:\"FEDORA\", value:\"2015-11981\");\n\n script_name(english:\"Fedora 22 : openssh-6.9p1-3.fc22 (2015-11981)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-5600\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1245969\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-July/162955.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2764763e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssh package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssh\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"openssh-6.9p1-3.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssh\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:16", "description": "The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list. (CVE-2015-5600)", "cvss3": {}, "published": "2016-02-18T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : OpenSSH vulnerability (K17113)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600"], "modified": "2019-01-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL17113.NASL", "href": "https://www.tenable.com/plugins/nessus/88812", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K17113.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88812);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2015-5600\");\n\n script_name(english:\"F5 Networks BIG-IP : OpenSSH vulnerability (K17113)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH\nthrough 6.9 does not properly restrict the processing of\nkeyboard-interactive devices within a single connection, which makes\nit easier for remote attackers to conduct brute-force attacks or cause\na denial of service (CPU consumption) via a long and duplicative list\nin the ssh -oKbdInteractiveDevices option, as demonstrated by a\nmodified client that provides a different password for each pam\nelement on this list. (CVE-2015-5600)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K17113\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K17113.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K17113\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.3.0-11.5.3\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.0.0-13.1.1\",\"12.1.0-12.1.3\",\"12.0.0HF3\",\"11.6.1-11.6.3\",\"11.5.4-11.5.7\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.4.0-11.5.3\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.0.0-13.1.1\",\"12.1.0-12.1.3\",\"12.0.0HF3\",\"11.6.1-11.6.3\",\"11.5.4-11.5.7\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.0.0-13.1.1\",\"12.1.0-12.1.3\",\"12.0.0HF3\",\"11.6.1-11.6.3\",\"11.5.4-11.5.7\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.0.0-13.1.1\",\"12.1.0-12.1.3\",\"12.0.0HF3\",\"11.6.1-11.6.3\",\"11.5.4-11.5.7\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.0.0-11.5.3\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.0.0-13.1.1\",\"12.1.0-12.1.3\",\"12.0.0HF3\",\"11.6.1-11.6.3\",\"11.5.4-11.5.7\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0\",\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.1-11.6.3\",\"11.5.4-11.5.7\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.0.0-13.1.1\",\"12.1.0-12.1.3\",\"12.0.0HF3\",\"11.6.1-11.6.3\",\"11.5.4-11.5.7\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.0.0-13.1.1\",\"12.1.0-12.1.3\",\"12.0.0HF3\",\"11.6.1-11.6.3\",\"11.5.4-11.5.7\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.0\",\"11.3.0-11.5.3\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.0.0-13.1.1\",\"12.1.0-12.1.3\",\"12.0.0HF3\",\"11.6.1-11.6.3\",\"11.5.4-11.5.7\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:16:34", "description": "The remote SSH server is affected by a security bypass vulnerability due to a flaw in the keyboard-interactive authentication mechanisms.\nThe kbdint_next_device() function in auth2-chall.c improperly restricts the processing of keyboard-interactive devices within a single connection. A remote attacker can exploit this, via a crafted keyboard-interactive 'devices' string, to bypass the normal restriction of 6 login attempts (MaxAuthTries), resulting in the ability to conduct a brute-force attack or cause a denial of service condition.", "cvss3": {}, "published": "2015-09-24T00:00:00", "type": "nessus", "title": "OpenSSH MaxAuthTries Bypass", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600"], "modified": "2020-06-12T00:00:00", "cpe": ["cpe:/a:openbsd:openssh"], "id": "OPENSSH_MAXAUTHTRIES_BRUTEFORCE.NASL", "href": "https://www.tenable.com/plugins/nessus/86122", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86122);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/12\");\n\n script_cve_id(\"CVE-2015-5600\");\n script_bugtraq_id(75990);\n\n script_name(english:\"OpenSSH MaxAuthTries Bypass\");\n script_summary(english:\"Attempts to bypass MaxAuthTries to allow password brute-force attack.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The SSH server running on the remote host is affected by a security\nbypass vulnerability that allows password brute-force attacks.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SSH server is affected by a security bypass vulnerability\ndue to a flaw in the keyboard-interactive authentication mechanisms.\nThe kbdint_next_device() function in auth2-chall.c improperly\nrestricts the processing of keyboard-interactive devices within a\nsingle connection. A remote attacker can exploit this, via a crafted\nkeyboard-interactive 'devices' string, to bypass the normal\nrestriction of 6 login attempts (MaxAuthTries), resulting in the\nability to conduct a brute-force attack or cause a denial of service\ncondition.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openssh.com/txt/release-7.0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSH 7.0 or later.\n\nAlternatively, this vulnerability can be mitigated on some Linux\ndistributions by disabling the keyboard-interactive authentication\nmethod. This can be done on Red Hat Linux by setting\n'ChallengeResponseAuthentication' to 'no' in the /etc/ssh/sshd_config\nconfiguration file and restarting the sshd service.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openbsd:openssh\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_detect.nasl\");\n script_require_ports(\"Services/ssh\");\n script_exclude_keys(\"global_settings/supplied_logins_only\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"ssh_func.inc\");\n\n\nenable_ssh_wrappers();\n\nglobal_var ERR_AUTH_SUCCESS, ERR_PASSWORD_CHANGE, ERR_PASSWORD_NOT_SUPP;\nchecking_default_account_dont_report = TRUE;\n\nERR_AUTH_SUCCESS = 0;\nERR_PASSWORD_CHANGE = -1;\nERR_PASSWORD_NOT_SUPP = -2;\n\nfunction rand_auth()\n{\n return 'nessus_' + rand_str(length:8, charset:\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\");\n}\n\n##\n# Attempts MaxAuthTries Brute-force via SSHv2 authentication using the keyboard interactive method\n#\n# @remark See RFC 4256 for details of keyboard-interactive auth.\n#\n# @param password Password to attempt to log in with.\n# @param user Username to attempt to log in with.\n# @param submethods Optional comma-separated list of authentication submethods\n#\n# @return number of attempts or <= 0 for error.\n##\nfunction ssh_auth_keyboard_bruteforce(password, user, submethods, port)\n{\n local_var attempts, code, crap, kb_ok, next, payload, prompt, prompts, res, inst;\n\n if (isnull(submethods)) submethods = \"\";\n if (isnull(password) || password == \"\") password = rand_auth(); \n\n # Request keyboard-interactive authentication from the server.\n payload =\n putstring(buffer:user) +\n putstring(buffer:\"ssh-connection\") +\n putstring(buffer:\"keyboard-interactive\") +\n putstring(buffer:\"en-US\") +\n putstring(buffer:submethods);\n\n send_ssh_packet(code:SSH_MSG_USERAUTH_REQUEST, payload:payload);\n\n # Read the server's response.\n res = recv_ssh_packet();\n code = ord(res[0]);\n next = 1;\n\n if (code == SSH_MSG_USERAUTH_FAILURE)\n {\n # Not vuln\n return 1;\n }\n\n if (code == SSH_MSG_UNIMPLEMENTED)\n {\n # Doesn't support SSH_MSG_USERAUTH_REQUEST so doesn't support keyboard-interactive.\n ssh_close_connection();\n exit(0, \"The SSH service listening on port \"+port+\" does not support 'keyboard-interactive' authentication.\");\n }\n\n if (code != SSH_MSG_USERAUTH_INFO_REQUEST)\n {\n ssh_close_connection();\n exit(1, \"Server did not reply with SSH_MSG_USERAUTH_INFO_REQUEST during\"+'\\n'+\"keyboard-interactive exchange. It replied with : \" + code + \".\");\n }\n\n # Skip over name.\n crap = getstring(buffer:res, pos:next);\n next += 4 + strlen(crap);\n\n # Skip over instruction.\n inst = getstring(buffer:res, pos:next);\n next += 4 + strlen(inst);\n\n # Skip over language.\n crap = getstring(buffer:res, pos:next);\n next += 4 + strlen(crap);\n\n # Parse number of prompts.\n prompts = ntol(buffer:res, begin:next);\n next += 4;\n\n kb_ok = FALSE;\n if (prompts > 0)\n {\n prompt = getstring(buffer:res, pos:next);\n #\n # nb: Alcatel OS switches have a bug in their SSH server which make the prompt be a single space.\n if (\n buffer_contains_password_prompt(prompt, user) ||\n \"'s password for keyboard-interactive method:\" >< inst\n )\n {\n if ( \"'s password for keyboard-interactive method:\" >< inst && prompt == \" \") AOS_SSH = TRUE;\n kb_ok = TRUE;\n }\n }\n\n if (!kb_ok)\n {\n return ERR_PASSWORD_NOT_SUPP;\n }\n\n attempts = 1;\n # Put limit on attempts to be sure this loop will exit.\n while (attempts <= 50)\n {\n # Send a single response, containing the password, to server.\n SSH_PACKET_LOG_SCRUB_STRING = password;\n payload = raw_int32(i:1) + putstring(buffer:password);\n send_ssh_packet(code:SSH_MSG_USERAUTH_INFO_RESPONSE, payload:payload);\n SSH_PACKET_LOG_SCRUB_STRING = FALSE;\n\n # Read response from server.\n res = recv_ssh_packet();\n code = ord(res[0]);\n if (code == SSH_MSG_USERAUTH_INFO_REQUEST)\n {\n if (\n \"Changing password for \" >< res || # HPUX\n \"Password change requested\" >< res || # SuSE 10\n \"Password changing requested\" >< res || # SuSE 9\n \"Your password has expired\" >< res || # Solaris\n \"New Password\" >< res || # FreeBSD\n \"You are required to change your password\" >< res # Gentoo\n )\n {\n return ERR_PASSWORD_CHANGE;\n }\n }\n else if (code == SSH_MSG_USERAUTH_SUCCESS)\n {\n # Auth succeeded this shouldn't happen.\n return ERR_AUTH_SUCCESS;\n }\n else\n {\n break;\n }\n\n attempts += 1;\n }\n\n return attempts;\n}\n\nif (supplied_logins_only) audit(AUDIT_SUPPLIED_LOGINS_ONLY);\n\n# Bad username/password\nuser = rand_auth();\npassword = rand_auth();\n\nport = get_service(svc:\"ssh\", exit_on_fail:TRUE);\n\n_ssh_socket = open_sock_tcp(port);\nif (!_ssh_socket) audit(AUDIT_SOCK_FAIL, port);\n\n# initialization\ninit();\nserver_version = ssh_exchange_identification();\nif (!server_version)\n{\n ssh_close_connection();\n exit(1, get_ssh_error());\n}\n\n_ssh_server_version = server_version;\n\n# key exchange\nret = ssh_kex2(server_version:server_version, nofingerprint:TRUE);\nif (ret != 0)\n{\n ssh_close_connection();\n exit(1, get_ssh_error());\n}\n\nif (!ssh_req_svc(\"ssh-userauth\"))\n{\n ssh_close_connection();\n exit(0, \"The SSH service listening on port \"+port+\" does not support 'ssh-userauth'.\");\n}\n\nif (!ssh_auth_supported(method:\"keyboard-interactive\", user:user))\n{\n ssh_close_connection();\n exit(0, \"The SSH service listening on port \"+port+\" does not support 'keyboard-interactive' authentication.\");\n}\n\nvuln = FALSE;\nattempts = -1;\n# Try an attempt with no devices set followed by one with 2 set.\n# First attempt checks normal attempt and sets attempts baseline.\n# Second attempt should see an increase matching the number of devices.\n# In this case two.\n# If an increase in attempts that matches the number of devices passed is\n# detected then the openssh service is vulnerable.\nfor (i=0; i < 3; i+=2)\n{\n prev_attempts = attempts;\n submethods = crap(data:\"p,\", length:i*2);\n attempts = ssh_auth_keyboard_bruteforce(user:user, password:password, submethods:submethods, port:port);\n if (attempts == ERR_PASSWORD_CHANGE)\n {\n ssh_close_connection();\n exit(1, \"Couldn't determine, target requested password change.\");\n }\n else if (attempts == ERR_AUTH_SUCCESS)\n {\n ssh_close_connection();\n exit(1, \"Couldn't determine, authentication with account \" + user + \" succeeded.\");\n }\n else if (attempts == ERR_PASSWORD_NOT_SUPP)\n {\n # Not vuln\n break;\n }\n else if (attempts == i && attempts > prev_attempts)\n {\n vuln = TRUE;\n break;\n }\n}\n\nssh_close_connection();\n\nif (vuln)\n{\n security_hole(port:port);\n}\nelse\n{\n audit(AUDIT_LISTEN_NOT_VULN, \"SSH\", port);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:15:59", "description": "It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to perform password guessing attacks.", "cvss3": {}, "published": "2015-07-28T00:00:00", "type": "nessus", "title": "FreeBSD : OpenSSH -- MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (5b74a5bc-348f-11e5-ba05-c80aa9043978)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5600"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:openssh-portable", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_5B74A5BC348F11E5BA05C80AA9043978.NASL", "href": "https://www.tenable.com/plugins/nessus/85033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85033);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-5600\");\n script_xref(name:\"FreeBSD\", value:\"SA-15:16.openssh\");\n\n script_name(english:\"FreeBSD : OpenSSH -- MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (5b74a5bc-348f-11e5-ba05-c80aa9043978)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the OpenSSH sshd daemon did not check the list\nof keyboard-interactive authentication methods for duplicates. A\nremote attacker could use this flaw to bypass the MaxAuthTries limit,\nmaking it easier to perform password guessing attacks.\"\n );\n # https://access.redhat.com/security/cve/CVE-2015-5600\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5600\"\n );\n # https://vuxml.freebsd.org/freebsd/5b74a5bc-348f-11e5-ba05-c80aa9043978.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b40b3cd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:openssh-portable\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"openssh-portable<6.9.p1_2,1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:10", "description": "This security update fixes serious security issues in NSS including arbitrary code execution and remote denial service attacks.\n\nFor Debian 7 'wheezy', these problems have been fixed in 3.14.5-1+deb7u6. We recommend you upgrade your nss packages as soon as possible.\n\nCVE-2015-7181\n\nThe sec_asn1d_parse_leaf function improperly restricts access to an unspecified data structure.\n\nCVE-2015-7182\n\nHeap-based buffer overflow in the ASN.1 decoder.\n\nCVE-2016-1938\n\nThe s_mp_div function in lib/freebl/mpi/mpi.c in improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms.\n\nCVE-2016-1950\n\nHeap-based buffer overflow allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.\n\nCVE-2016-1978\n\nUse-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.\n\nCVE-2016-1979\n\nUse-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-19T00:00:00", "type": "nessus", "title": "Debian DLA-480-1 : nss security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7181", "CVE-2015-7182", "CVE-2016-1938", "CVE-2016-1950", "CVE-2016-1978", "CVE-2016-1979"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnss3", "p-cpe:/a:debian:debian_linux:libnss3-1d", "p-cpe:/a:debian:debian_linux:libnss3-dbg", "p-cpe:/a:debian:debian_linux:libnss3-dev", "p-cpe:/a:debian:debian_linux:libnss3-tools", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-480.NASL", "href": "https://www.tenable.com/plugins/nessus/91242", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-480-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91242);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2016-1938\", \"CVE-2016-1950\", \"CVE-2016-1978\", \"CVE-2016-1979\");\n\n script_name(english:\"Debian DLA-480-1 : nss security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This security update fixes serious security issues in NSS including\narbitrary code execution and remote denial service attacks.\n\nFor Debian 7 'wheezy', these problems have been fixed in\n3.14.5-1+deb7u6. We recommend you upgrade your nss packages as soon as\npossible.\n\nCVE-2015-7181\n\nThe sec_asn1d_parse_leaf function improperly restricts access to an\nunspecified data structure.\n\nCVE-2015-7182\n\nHeap-based buffer overflow in the ASN.1 decoder.\n\nCVE-2016-1938\n\nThe s_mp_div function in lib/freebl/mpi/mpi.c in improperly divides\nnumbers, which might make it easier for remote attackers to defeat\ncryptographic protection mechanisms.\n\nCVE-2016-1950\n\nHeap-based buffer overflow allows remote attackers to execute\narbitrary code via crafted ASN.1 data in an X.509 certificate.\n\nCVE-2016-1978\n\nUse-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange\nfunction allows remote attackers to cause a denial of service or\npossibly have unspecified other impact by making an SSL (1) DHE or (2)\nECDHE handshake at a time of high memory consumption.\n\nCVE-2016-1979\n\nUse-after-free vulnerability in the\nPK11_ImportDERPrivateKeyInfoAndReturnKey function allows remote\nattackers to cause a denial of service or possibly have unspecified\nother impact via crafted key data with DER encoding.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/05/msg00032.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/nss\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-1d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libnss3\", reference:\"3.14.5-1+deb7u6\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libnss3-1d\", reference:\"3.14.5-1+deb7u6\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libnss3-dbg\", reference:\"3.14.5-1+deb7u6\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libnss3-dev\", reference:\"3.14.5-1+deb7u6\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libnss3-tools\", reference:\"3.14.5-1+deb7u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:04", "description": "Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, and Gary Kwong discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2015-4513)\n\nTyson Smith and David Keeler discovered a use-after-poison and buffer overflow in NSS. An attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2015-7181, CVE-2015-7182)\n\nRyan Sleevi discovered an integer overflow in NSPR. An attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2015-7183)\n\nMichal Bentkowski discovered that adding white-space to hostnames that are IP addresses can bypass same-origin protections. If a user were tricked in to opening a specially crafted website in a browser-like context, an attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2015-7188)\n\nLooben Yang discovered a buffer overflow during script interactions with the canvas element in some circumstances. If a user were tricked in to opening a specially crafted website in a browser-like context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2015-7189)\n\nShinto K Anto discovered that CORS preflight is bypassed when receiving non-standard Content-Type headers in some circumstances. If a user were tricked in to opening a specially crafted website in a browser-like context, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2015-7193)\n\nGustavo Grieco discovered a buffer overflow in libjar in some circumstances. If a user were tricked in to opening a specially crafted website in a browser-like context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2015-7194)\n\nEhsan Akhgari discovered a mechanism for a web worker to bypass secure requirements for web sockets. If a user were tricked in to opening a specially crafted website in a browser-like context, an attacker could exploit this to bypass the mixed content web socket policy.\n(CVE-2015-7197)\n\nRonald Crane discovered several vulnerabilities through code-inspection. If a user were tricked in to opening a specially crafted website in a browser-like context, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2015-7198, CVE-2015-7199, CVE-2015-7200).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-02T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : thunderbird vulnerabilities (USN-2819-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4513", "CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183", "CVE-2015-7188", "CVE-2015-7189", "CVE-2015-7193", "CVE-2015-7194", "CVE-2015-7197", "CVE-2015-7198", "CVE-2015-7199", "CVE-2015-7200"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:thunderbird", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2819-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87168", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2819-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87168);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-4513\", \"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\", \"CVE-2015-7188\", \"CVE-2015-7189\", \"CVE-2015-7193\", \"CVE-2015-7194\", \"CVE-2015-7197\", \"CVE-2015-7198\", \"CVE-2015-7199\", \"CVE-2015-7200\");\n script_xref(name:\"USN\", value:\"2819-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : thunderbird vulnerabilities (USN-2819-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris\nZbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, and\nGary Kwong discovered multiple memory safety issues in Thunderbird. If\na user were tricked in to opening a specially crafted message, an\nattacker could potentially exploit these to cause a denial of service\nvia application crash, or execute arbitrary code with the privileges\nof the user invoking Thunderbird. (CVE-2015-4513)\n\nTyson Smith and David Keeler discovered a use-after-poison and buffer\noverflow in NSS. An attacker could potentially exploit these to cause\na denial of service via application crash, or execute arbitrary code\nwith the privileges of the user invoking Thunderbird. (CVE-2015-7181,\nCVE-2015-7182)\n\nRyan Sleevi discovered an integer overflow in NSPR. An attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user\ninvoking Thunderbird. (CVE-2015-7183)\n\nMichal Bentkowski discovered that adding white-space to hostnames\nthat are IP addresses can bypass same-origin protections. If a user\nwere tricked in to opening a specially crafted website in a\nbrowser-like context, an attacker could potentially exploit this to\nconduct cross-site scripting (XSS) attacks. (CVE-2015-7188)\n\nLooben Yang discovered a buffer overflow during script interactions\nwith the canvas element in some circumstances. If a user were tricked\nin to opening a specially crafted website in a browser-like context,\nan attacker could potentially exploit this to cause a denial of\nservice via application crash, or execute arbitrary code with the\nprivileges of the user invoking Thunderbird. (CVE-2015-7189)\n\nShinto K Anto discovered that CORS preflight is bypassed when\nreceiving non-standard Content-Type headers in some circumstances. If\na user were tricked in to opening a specially crafted website in a\nbrowser-like context, an attacker could potentially exploit this to\nbypass same-origin restrictions. (CVE-2015-7193)\n\nGustavo Grieco discovered a buffer overflow in libjar in some\ncircumstances. If a user were tricked in to opening a specially\ncrafted website in a browser-like context, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user\ninvoking Thunderbird. (CVE-2015-7194)\n\nEhsan Akhgari discovered a mechanism for a web worker to bypass secure\nrequirements for web sockets. If a user were tricked in to opening a\nspecially crafted website in a browser-like context, an attacker could\nexploit this to bypass the mixed content web socket policy.\n(CVE-2015-7197)\n\nRonald Crane discovered several vulnerabilities through\ncode-inspection. If a user were tricked in to opening a specially\ncrafted website in a browser-like context, an attacker could\npotentially exploit these to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user\ninvoking Thunderbird. (CVE-2015-7198, CVE-2015-7199, CVE-2015-7200).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2819-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"thunderbird\", pkgver:\"1:38.4.0+build3-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"thunderbird\", pkgver:\"1:38.4.0+build3-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"thunderbird\", pkgver:\"1:38.4.0+build3-0ubuntu0.15.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"thunderbird\", pkgver:\"1:38.4.0+build3-0ubuntu0.15.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:35", "description": "The version of Thunderbird installed on the remote Mac OS X host is prior to 38.4. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple memory corruption issues exist due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these issues, via a specially crafted web page, to cause a denial of service condition or the execution of arbitrary code.\n (CVE-2015-4513, CVE-2015-4514)\n\n - An unspecified use-after-poison flaw exists in the sec_asn1d_parse_leaf() function in Mozilla Network Security Services (NSS) due to improper restriction of access to an unspecified data structure. A remote attacker can exploit this, via crafted OCTET STRING data, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-7181)\n\n - A heap buffer overflow condition exists in the ASN.1 decoder in Mozilla Network Security Services (NSS) due to improper validation of user-supplied input. A remote attacker can exploit this, via crafted OCTET STRING data, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-7182)\n\n - An integer overflow condition exists in the PL_ARENA_ALLOCATE macro in the Netscape Portable Runtime (NSPR) due to improper validation of user-supplied input. A remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-7183)\n\n - A same-origin bypass vulnerability exists due to improper handling of trailing whitespaces in the IP address hostname. A remote attacker can exploit this, by appending whitespace characters to an IP address string, to bypass the same-origin policy and conduct a cross-site scripting attack. (CVE-2015-7188)\n\n - A race condition exists in the JPEGEncoder() function due to improper validation of user-supplied input when handling canvas elements. A remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-7189)\n\n - A cross-origin resource sharing (CORS) request bypass vulnerability exists due to improper implementation of the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation. A remote attacker can exploit this to perform a simple request instead of a 'preflight' request. (CVE-2015-7193)\n\n - A buffer underflow condition exists in libjar due to improper validation of user-supplied input when handling ZIP archives. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-7194)\n\n - A security bypass vulnerability exists due to improperly controlling the ability of a web worker to create a WebSocket object in the WebSocketImpl::Init() method.\n A remote attacker can exploit this to bypass intended mixed-content restrictions. (CVE-2015-7197)\n\n - A buffer overflow condition exists in TextureStorage11 in ANGLE due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-7198)\n\n - A flaw exists in the AddWeightedPathSegLists() function due to missing return value checks during SVG rendering.\n A remote attacker can exploit this, via a crafted SVG document, to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n (CVE-2015-7199)\n\n - A flaw exists in the CryptoKey interface implementation due to missing status checks. A remote attacker can exploit this to make changes to cryptographic keys and execute arbitrary code. (CVE-2015-7200)", "cvss3": {}, "published": "2015-11-30T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 38.4 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4513", "CVE-2015-4514", "CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183", "CVE-2015-7188", "CVE-2015-7189", "CVE-2015-7193", "CVE-2015-7194", "CVE-2015-7197", "CVE-2015-7198", "CVE-2015-7199", "CVE-2015-7200"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MACOSX_THUNDERBIRD_38_4.NASL", "href": "https://www.tenable.com/plugins/nessus/87109", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87109);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-4513\",\n \"CVE-2015-4514\",\n \"CVE-2015-7181\",\n \"CVE-2015-7182\",\n \"CVE-2015-7183\",\n \"CVE-2015-7188\",\n \"CVE-2015-7189\",\n \"CVE-2015-7193\",\n \"CVE-2015-7194\",\n \"CVE-2015-7197\",\n \"CVE-2015-7198\",\n \"CVE-2015-7199\",\n \"CVE-2015-7200\"\n );\n script_bugtraq_id(77411, 77415, 77416);\n\n script_name(english:\"Mozilla Thunderbird < 38.4 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Thunderbird.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a mail client that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Thunderbird installed on the remote Mac OS X host is\nprior to 38.4. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple memory corruption issues exist due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit these issues, via a\n specially crafted web page, to cause a denial of service\n condition or the execution of arbitrary code.\n (CVE-2015-4513, CVE-2015-4514)\n\n - An unspecified use-after-poison flaw exists in the\n sec_asn1d_parse_leaf() function in Mozilla Network\n Security Services (NSS) due to improper restriction of\n access to an unspecified data structure. A remote\n attacker can exploit this, via crafted OCTET STRING\n data, to cause a denial of service condition or the\n execution of arbitrary code. (CVE-2015-7181)\n\n - A heap buffer overflow condition exists in the ASN.1\n decoder in Mozilla Network Security Services (NSS) due\n to improper validation of user-supplied input. A remote\n attacker can exploit this, via crafted OCTET STRING\n data, to cause a denial of service condition or the\n execution of arbitrary code. (CVE-2015-7182)\n\n - An integer overflow condition exists in the\n PL_ARENA_ALLOCATE macro in the Netscape Portable Runtime\n (NSPR) due to improper validation of user-supplied\n input. A remote attacker can exploit this to corrupt\n memory, resulting in a denial of service condition or\n the execution of arbitrary code. (CVE-2015-7183)\n\n - A same-origin bypass vulnerability exists due to\n improper handling of trailing whitespaces in the IP\n address hostname. A remote attacker can exploit this, by\n appending whitespace characters to an IP address string,\n to bypass the same-origin policy and conduct a\n cross-site scripting attack. (CVE-2015-7188)\n\n - A race condition exists in the JPEGEncoder() function\n due to improper validation of user-supplied input when\n handling canvas elements. A remote attacker can exploit\n this to cause a heap-based buffer overflow, resulting in\n a denial of service condition or the execution of\n arbitrary code. (CVE-2015-7189)\n\n - A cross-origin resource sharing (CORS) request bypass\n vulnerability exists due to improper implementation of\n the CORS cross-origin request algorithm for the POST\n method in situations involving an unspecified\n Content-Type header manipulation. A remote attacker can\n exploit this to perform a simple request instead of a\n 'preflight' request. (CVE-2015-7193)\n\n - A buffer underflow condition exists in libjar due to\n improper validation of user-supplied input when handling\n ZIP archives. A remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2015-7194)\n\n - A security bypass vulnerability exists due to improperly\n controlling the ability of a web worker to create a\n WebSocket object in the WebSocketImpl::Init() method.\n A remote attacker can exploit this to bypass intended\n mixed-content restrictions. (CVE-2015-7197)\n\n - A buffer overflow condition exists in TextureStorage11\n in ANGLE due to improper validation of user-supplied\n input. A remote attacker can exploit this to cause a\n denial of service condition or the execution of\n arbitrary code. (CVE-2015-7198)\n\n - A flaw exists in the AddWeightedPathSegLists() function\n due to missing return value checks during SVG rendering.\n A remote attacker can exploit this, via a crafted SVG\n document, to corrupt memory, resulting in a denial of\n service condition or the execution of arbitrary code.\n (CVE-2015-7199)\n\n - A flaw exists in the CryptoKey interface implementation\n due to missing status checks. A remote attacker can\n exploit this to make changes to cryptographic keys and\n execute arbitrary code. (CVE-2015-7200)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/thunderbird/38.4.0/releasenotes/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-122/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-123/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-127/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-128/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-132/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Thunderbird 38.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7200\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_thunderbird_installed.nasl\");\n script_require_keys(\"MacOSX/Thunderbird/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nkb_base = \"MacOSX/Thunderbird\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nif (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Thunderbird install is in the ESR branch.');\n\nmozilla_check_version(product:'thunderbird', version:version, path:path, esr:FALSE, fix:'38.4', min:'38.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:43", "description": "The version of Thunderbird installed on the remote Windows host is prior to 38.4. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple memory corruption issues exist due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these issues, via a specially crafted web page, to cause a denial of service condition or the execution of arbitrary code.\n (CVE-2015-4513, CVE-2015-4514)\n\n - An unspecified use-after-poison flaw exists in the sec_asn1d_parse_leaf() function in Mozilla Network Security Services (NSS) due to improper restriction of access to an unspecified data structure. A remote attacker can exploit this, via crafted OCTET STRING data, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-7181)\n\n - A heap buffer overflow condition exists in the ASN.1 decoder in Mozilla Network Security Services (NSS) due to improper validation of user-supplied input. A remote attacker can exploit this, via crafted OCTET STRING data, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-7182)\n\n - An integer overflow condition exists in the PL_ARENA_ALLOCATE macro in the Netscape Portable Runtime (NSPR) due to improper validation of user-supplied input. A remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-7183)\n\n - A same-origin bypass vulnerability exists due to improper handling of trailing whitespaces in the IP address hostname. A remote attacker can exploit this, by appending whitespace characters to an IP address string, to bypass the same-origin policy and conduct a cross-site scripting attack. (CVE-2015-7188)\n\n - A race condition exists in the JPEGEncoder() function due to improper validation of user-supplied input when handling canvas elements. A remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-7189)\n\n - A cross-origin resource sharing (CORS) request bypass vulnerability exists due to improper implementation of the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation. A remote attacker can exploit this to perform a simple request instead of a 'preflight' request. (CVE-2015-7193)\n\n - A buffer underflow condition exists in libjar due to improper validation of user-supplied input when handling ZIP archives. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-7194)\n\n - A security bypass vulnerability exists due to improperly controlling the ability of a web worker to create a WebSocket object in the WebSocketImpl::Init() method.\n A remote attacker can exploit this to bypass intended mixed-content restrictions. (CVE-2015-7197)\n\n - A buffer overflow condition exists in TextureStorage11 in ANGLE due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-7198)\n\n - A flaw exists in the AddWeightedPathSegLists() function due to missing return value checks during SVG rendering.\n A remote attacker can exploit this, via a crafted SVG document, to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n (CVE-2015-7199)\n\n - A flaw exists in the CryptoKey interface implementation due to missing status checks. A remote attacker can exploit this to make changes to cryptographic keys and execute arbitrary code. (CVE-2015-7200)", "cvss3": {}, "published": "2015-11-30T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 38.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4513", "CVE-2015-4514", "CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183", "CVE-2015-7188", "CVE-2015-7189", "CVE-2015-7193", "CVE-2015-7194", "CVE-2015-7197", "CVE-2015-7198", "CVE-2015-7199", "CVE-2015-7200"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_38_4.NASL", "href": "https://www.tenable.com/plugins/nessus/87110", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87110);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-4513\",\n \"CVE-2015-4514\",\n \"CVE-2015-7181\",\n \"CVE-2015-7182\",\n \"CVE-2015-7183\",\n \"CVE-2015-7188\",\n \"CVE-2015-7189\",\n \"CVE-2015-7193\",\n \"CVE-2015-7194\",\n \"CVE-2015-7197\",\n \"CVE-2015-7198\",\n \"CVE-2015-7199\",\n \"CVE-2015-7200\"\n );\n script_bugtraq_id(77411, 77415, 77416);\n\n script_name(english:\"Mozilla Thunderbird < 38.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Thunderbird.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Thunderbird installed on the remote Windows host is\nprior to 38.4. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple memory corruption issues exist due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit these issues, via a\n specially crafted web page, to cause a denial of service\n condition or the execution of arbitrary code.\n (CVE-2015-4513, CVE-2015-4514)\n\n - An unspecified use-after-poison flaw exists in the\n sec_asn1d_parse_leaf() function in Mozilla Network\n Security Services (NSS) due to improper restriction of\n access to an unspecified data structure. A remote\n attacker can exploit this, via crafted OCTET STRING\n data, to cause a denial of service condition or the\n execution of arbitrary code. (CVE-2015-7181)\n\n - A heap buffer overflow condition exists in the ASN.1\n decoder in Mozilla Network Security Services (NSS) due\n to improper validation of user-supplied input. A remote\n attacker can exploit this, via crafted OCTET STRING\n data, to cause a de
Security Bulletin: Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-1819, CVE-2015-5600, CVE-2015-7183, CVE-2015-7181, CVE-2015-7182)
