NuGet Package Manager Tampering Vulnerability

2019-03-12T07:00:00

Description

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure. An attacker who successfully exploited this vulnerability could potentially modify files and folders that are unpackaged on a system. To exploit this vulnerability, an attacker would need to log on to the affected system and tamper with the folder contents of a package prior to building or installation of an application. The security update addresses the vulnerability by correcting permissions on folders inside the NuGet packages folder structure.

{"id": "MS:CVE-2019-0757", "bulletinFamily": "microsoft", "title": "NuGet Package Manager Tampering Vulnerability", "description": "A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure. An attacker who successfully exploited this vulnerability could potentially modify files and folders that are unpackaged on a system.\n\nTo exploit this vulnerability, an attacker would need to log on to the affected system and tamper with the folder contents of a package prior to building or installation of an application.\n\nThe security update addresses the vulnerability by correcting permissions on folders inside the NuGet packages folder structure.\n", "published": "2019-03-12T07:00:00", "modified": "2019-03-13T07:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-0757", "reporter": "Microsoft", "references": [], "cvelist": ["CVE-2019-0757"], "immutableFields": [], "type": "mscve", "lastseen": "2022-10-03T16:29:42", "edition": 1, "viewCount": 5, "enchantments": {"backreferences": {"references": [{"idList": ["TALOSBLOG:D9C5C0AB436B4386A2A294DC24E5D966"], "type": "talosblog"}, {"idList": ["CVE-2019-0757"], "type": "cve"}, {"idList": ["KLA11433"], "type": "kaspersky"}, {"idList": ["CISA:574A6E25827684C587359C37EF1D5132"], "type": "cisa"}, {"idList": ["RH:CVE-2019-0757"], "type": "redhatcve"}, {"idList": ["OPENVAS:1361412562310815000"], "type": "openvas"}, {"idList": ["THREATPOST:0C6C1B17AFD30FEDE0604F98C6C93413"], "type": "threatpost"}, {"idList": ["DEBIANCVE:CVE-2019-0757"], "type": "debiancve"}, {"idList": ["RHSA-2019:0544"], "type": "redhat"}, {"idList": ["REDHAT-RHSA-2019-0544.NASL", "SMB_NT_MS19_MAR_DOTNET_CORE_SDK.NASL", "REDHAT-RHSA-2019-1259.NASL", "ORACLELINUX_ELSA-2019-1259.NASL"], "type": "nessus"}, {"idList": ["UB:CVE-2019-0757"], "type": "ubuntucve"}, {"idList": ["ELSA-2019-1259"], "type": "oraclelinux"}, {"idList": ["SMNTC-107285"], "type": "symantec"}]}, "dependencies": {"references": [{"idList": ["TALOSBLOG:D9C5C0AB436B4386A2A294DC24E5D966"], "type": "talosblog"}, {"idList": ["CVE-2019-0757"], "type": "cve"}, {"idList": ["KLA11433"], "type": "kaspersky"}, {"idList": ["REDHAT-RHSA-2019-0544.NASL", "SMB_NT_MS19_MAR_DOTNET_CORE_SDK.NASL", "REDHAT-RHSA-2019-1259.NASL", "ORACLELINUX_ELSA-2019-1259.NASL", "CENTOS8_RHSA-2019-1259.NASL"], "type": "nessus"}, {"idList": ["RH:CVE-2019-0757"], "type": "redhatcve"}, {"idList": ["THREATPOST:0C6C1B17AFD30FEDE0604F98C6C93413"], "type": "threatpost"}, {"idList": ["DEBIANCVE:CVE-2019-0757"], "type": "debiancve"}, {"idList": ["OPENVAS:1361412562310815000", "OPENVAS:1361412562310814698"], "type": "openvas"}, {"idList": ["RHSA-2019:0544", "RHSA-2019:1259"], "type": "redhat"}, {"idList": ["UB:CVE-2019-0757"], "type": "ubuntucve"}, {"idList": ["ELSA-2019-1259"], "type": "oraclelinux"}, {"idList": ["SMNTC-107285"], "type": "symantec"}], "rev": 4}, "exploitation": null, "score": {"value": 4.3, "vector": "NONE"}, "vulnersScore": 4.3}, "_state": {"dependencies": 1664814947, "score": 1664815070}, "_internal": {"score_hash": "e75fc4f76d520c3db20024f7cbbd7682"}, "kbList": [], "msrc": "", "mscve": "CVE-2019-0757", "msAffectedSoftware": [], "vendorCvss": {"baseScore": "", "temporalScore": "", "vectorString": ""}}

{"nessus": [{"lastseen": "2023-01-11T14:50:46", "description": "Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore, rh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for .NET Core on Red Hat Enterprise Linux.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n.NET Core is a managed-software framework. It implements the .NET standard APIs and several additional APIs, and it includes a CLR implementation.\n\nNew versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.15, 1.1.12, 2.1.9, and 2.2.3.\n\nSecurity Fix(es) :\n\n* A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. (CVE-2019-0757)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor more information, please refer to the upstream doc in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-18T00:00:00", "type": "nessus", "title": "RHEL 7 : dotNET (RHSA-2019:0544)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757"], "modified": "2020-02-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rh-dotnet21", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-debuginfo", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-host", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-runtime-2.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1.5xx", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-runtime", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet22", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-debuginfo", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-host", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-host-fxr-2.2", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-runtime-2.2", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-sdk-2.2", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-sdk-2.2.1xx", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-runtime", "p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore10-dotnetcore", "p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore10-dotnetcore-debuginfo", "p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore11-dotnetcore", "p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore11-dotnetcore-debuginfo", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-0544.NASL", "href": "https://www.tenable.com/plugins/nessus/122886", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0544. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122886);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2020/02/05\");\n\n script_cve_id(\"CVE-2019-0757\");\n script_xref(name:\"RHSA\", value:\"2019:0544\");\n\n script_name(english:\"RHEL 7 : dotNET (RHSA-2019:0544)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore,\nrh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for .NET\nCore on Red Hat Enterprise Linux.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\n.NET Core is a managed-software framework. It implements the .NET\nstandard APIs and several additional APIs, and it includes a CLR\nimplementation.\n\nNew versions of .NET Core that address security vulnerabilities are\nnow available. The updated versions are .NET Core 1.0.15, 1.1.12,\n2.1.9, and 2.2.3.\n\nSecurity Fix(es) :\n\n* A tampering vulnerability exists in NuGet software when executed in\na Linux or Mac environment. (CVE-2019-0757)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nFor more information, please refer to the upstream doc in the\nReferences section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0544\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-0757\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-runtime-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1.5xx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-host-fxr-2.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-runtime-2.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-sdk-2.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-sdk-2.2.1xx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore10-dotnetcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore10-dotnetcore-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore11-dotnetcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore11-dotnetcore-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0544\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet21-2.1-8.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet21-dotnet-2.1.505-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet21-dotnet-debuginfo-2.1.505-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet21-dotnet-host-2.1.9-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet21-dotnet-runtime-2.1-2.1.9-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet21-dotnet-sdk-2.1-2.1.505-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.505-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet21-runtime-2.1-8.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet22-2.2-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet22-dotnet-2.2.105-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet22-dotnet-debuginfo-2.2.105-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet22-dotnet-host-2.2.3-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet22-dotnet-host-fxr-2.2-2.2.3-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet22-dotnet-runtime-2.2-2.2.3-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet22-dotnet-sdk-2.2-2.2.105-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.105-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnet22-runtime-2.2-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnetcore10-dotnetcore-1.0.15-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnetcore10-dotnetcore-debuginfo-1.0.15-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnetcore11-dotnetcore-1.1.12-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-dotnetcore11-dotnetcore-debuginfo-1.1.12-1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rh-dotnet21 / rh-dotnet21-dotnet / rh-dotnet21-dotnet-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T14:50:03", "description": "The remote Windows host has an installation of .NET Core SDK with a version of 1.x < 1.1.13 or 2.1.x < 2.1.505. Therefore, the host is affected by a tampering vulnerability with in the NuGet Package Manager. An authenticated, attacker can exploit this, via manipulating the folder contents prior to building or installing a application, to modify files and folders after unpacking.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-12T00:00:00", "type": "nessus", "title": "Security Update for .NET Core SDK (March 2019)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757"], "modified": "2020-01-17T00:00:00", "cpe": ["cpe:/a:microsoft:.net_core"], "id": "SMB_NT_MS19_MAR_DOTNET_CORE_SDK.NASL", "href": "https://www.tenable.com/plugins/nessus/122778", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122778);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/17\");\n\n script_cve_id(\"CVE-2019-0757\");\n\n script_name(english:\"Security Update for .NET Core SDK (March 2019)\");\n script_summary(english:\"Checks for Windows Install of .NET Core.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by a tampering vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host has an installation of .NET Core SDK with a\nversion of 1.x < 1.1.13 or 2.1.x < 2.1.505. Therefore, the host is\naffected by a tampering vulnerability with in the NuGet Package\nManager. An authenticated, attacker can exploit this, via manipulating\nthe folder contents prior to building or installing a application, to\nmodify files and folders after unpacking.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/dotnet/announcements/issues/103\");\n # https://github.com/dotnet/core/blob/master/release-notes/1.0/1.0.15/1.0.15.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b5a86c1\");\n # https://github.com/dotnet/core/blob/master/release-notes/1.1/1.1.12/1.1.12.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0225f3cc\");\n # https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.9/2.1.9.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7c0a5e95\");\n script_set_attribute(attribute:\"solution\", value:\n\"Refer to vendor documentation.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0757\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_core\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_dotnet_core_sdk_win.nbin\");\n script_require_keys(\"installed_sw/.NET Core SDK Windows\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = '.NET Core SDK Windows';\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '1.0', 'fixed_version' : '1.1.13'},\n { 'min_version' : '2.1', 'fixed_version' : '2.1.505'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T15:23:03", "description": "From Red Hat Security Advisory 2019:1259 :\n\nAn update for dotnet is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nA new version of .NET Core that address security vulnerabilities is now available. The updated version is .NET Core Runtime 2.1.11 and SDK 2.1.507.\n\nSecurity Fix(es) :\n\n* dotnet: NuGet Tampering Vulnerability (CVE-2019-0757)\n\n* dotnet: timeouts for regular expressions are not enforced (CVE-2019-0820)\n\n* dotnet: infinite loop in URI.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0980)\n\n* dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0981)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* dotnet: new SocketException((int)SocketError.InvalidArgument).Message is empty (BZ#1712471)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : dotnet (ELSA-2019-1259)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757", "CVE-2019-0820", "CVE-2019-0980", "CVE-2019-0981"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:dotnet", "p-cpe:/a:oracle:linux:dotnet-host", "p-cpe:/a:oracle:linux:dotnet-host-fxr-2.1", "p-cpe:/a:oracle:linux:dotnet-runtime-2.1", "p-cpe:/a:oracle:linux:dotnet-sdk-2.1", "p-cpe:/a:oracle:linux:dotnet-sdk-2.1.5xx", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2019-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/127585", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:1259 and \n# Oracle Linux Security Advisory ELSA-2019-1259 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127585);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\n \"CVE-2019-0757\",\n \"CVE-2019-0820\",\n \"CVE-2019-0980\",\n \"CVE-2019-0981\"\n );\n script_xref(name:\"RHSA\", value:\"2019:1259\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0326\");\n\n script_name(english:\"Oracle Linux 8 : dotnet (ELSA-2019-1259)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2019:1259 :\n\nAn update for dotnet is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\n.NET Core is a managed-software framework. It implements a subset of\nthe .NET framework APIs and several new APIs, and it includes a CLR\nimplementation.\n\nA new version of .NET Core that address security vulnerabilities is\nnow available. The updated version is .NET Core Runtime 2.1.11 and SDK\n2.1.507.\n\nSecurity Fix(es) :\n\n* dotnet: NuGet Tampering Vulnerability (CVE-2019-0757)\n\n* dotnet: timeouts for regular expressions are not enforced\n(CVE-2019-0820)\n\n* dotnet: infinite loop in URI.TryCreate leading to ASP.Net Core\nDenial of Service (CVE-2019-0980)\n\n* dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core Denial\nof Service (CVE-2019-0981)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* dotnet: new\nSocketException((int)SocketError.InvalidArgument).Message is empty\n(BZ#1712471)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2019-August/008972.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dotnet packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0757\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-host-fxr-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-runtime-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-sdk-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-sdk-2.1.5xx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"dotnet-2.1.507-2.el8_0\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"dotnet-host-2.1.11-2.el8_0\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"dotnet-host-fxr-2.1-2.1.11-2.el8_0\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"dotnet-runtime-2.1-2.1.11-2.el8_0\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"dotnet-sdk-2.1-2.1.507-2.el8_0\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"dotnet-sdk-2.1.5xx-2.1.507-2.el8_0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dotnet / dotnet-host / dotnet-host-fxr-2.1 / dotnet-runtime-2.1 / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:40:48", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1259 advisory.\n\n - dotnet: NuGet Tampering Vulnerability (CVE-2019-0757)\n\n - dotnet: timeouts for regular expressions are not enforced (CVE-2019-0820)\n\n - dotnet: infinite loop in Uri.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0980)\n\n - dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0981)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : dotnet (CESA-2019:1259)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757", "CVE-2019-0820", "CVE-2019-0980", "CVE-2019-0981"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:dotnet", "p-cpe:/a:centos:centos:dotnet-host", "p-cpe:/a:centos:centos:dotnet-host-fxr-2.1", "p-cpe:/a:centos:centos:dotnet-runtime-2.1", "p-cpe:/a:centos:centos:dotnet-sdk-2.1", "p-cpe:/a:centos:centos:dotnet-sdk-2.1.5xx"], "id": "CENTOS8_RHSA-2019-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/145596", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:1259. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145596);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0757\",\n \"CVE-2019-0820\",\n \"CVE-2019-0980\",\n \"CVE-2019-0981\"\n );\n script_bugtraq_id(\n 107285,\n 108207,\n 108232,\n 108245\n );\n script_xref(name:\"RHSA\", value:\"2019:1259\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0326\");\n\n script_name(english:\"CentOS 8 : dotnet (CESA-2019:1259)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:1259 advisory.\n\n - dotnet: NuGet Tampering Vulnerability (CVE-2019-0757)\n\n - dotnet: timeouts for regular expressions are not enforced (CVE-2019-0820)\n\n - dotnet: infinite loop in Uri.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0980)\n\n - dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0981)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:1259\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0757\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dotnet-host-fxr-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dotnet-runtime-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dotnet-sdk-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dotnet-sdk-2.1.5xx\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'dotnet-2.1.507-2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-host-2.1.11-2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-host-fxr-2.1-2.1.11-2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-runtime-2.1-2.1.11-2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-2.1-2.1.507-2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-2.1.5xx-2.1.507-2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dotnet / dotnet-host / dotnet-host-fxr-2.1 / dotnet-runtime-2.1 / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:22:35", "description": "An update for dotnet is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nA new version of .NET Core that address security vulnerabilities is now available. The updated version is .NET Core Runtime 2.1.11 and SDK 2.1.507.\n\nSecurity Fix(es) :\n\n* dotnet: NuGet Tampering Vulnerability (CVE-2019-0757)\n\n* dotnet: timeouts for regular expressions are not enforced (CVE-2019-0820)\n\n* dotnet: infinite loop in URI.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0980)\n\n* dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0981)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* dotnet: new SocketException((int)SocketError.InvalidArgument).Message is empty (BZ#1712471)", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}, "published": "2019-05-23T00:00:00", "type": "nessus", "title": "RHEL 8 : dotnet (RHSA-2019:1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0757", "CVE-2019-0820", "CVE-2019-0980", "CVE-2019-0981"], "modified": "2020-01-30T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:dotnet", "p-cpe:/a:redhat:enterprise_linux:dotnet-debuginfo", "p-cpe:/a:redhat:enterprise_linux:dotnet-debugsource", "p-cpe:/a:redhat:enterprise_linux:dotnet-host", "p-cpe:/a:redhat:enterprise_linux:dotnet-host-debuginfo", "p-cpe:/a:redhat:enterprise_linux:dotnet-host-fxr-2.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-host-fxr-2.1-debuginfo", "p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-2.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-2.1-debuginfo", "p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1.5xx", "p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1.5xx-debuginfo", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.0"], "id": "REDHAT-RHSA-2019-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/125347", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:1259. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125347);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2019-0757\", \"CVE-2019-0820\", \"CVE-2019-0980\", \"CVE-2019-0981\");\n script_xref(name:\"RHSA\", value:\"2019:1259\");\n\n script_name(english:\"RHEL 8 : dotnet (RHSA-2019:1259)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for dotnet is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\n.NET Core is a managed-software framework. It implements a subset of\nthe .NET framework APIs and several new APIs, and it includes a CLR\nimplementation.\n\nA new version of .NET Core that address security vulnerabilities is\nnow available. The updated version is .NET Core Runtime 2.1.11 and SDK\n2.1.507.\n\nSecurity Fix(es) :\n\n* dotnet: NuGet Tampering Vulnerability (CVE-2019-0757)\n\n* dotnet: timeouts for regular expressions are not enforced\n(CVE-2019-0820)\n\n* dotnet: infinite loop in URI.TryCreate leading to ASP.Net Core\nDenial of Service (CVE-2019-0980)\n\n* dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core Denial\nof Service (CVE-2019-0981)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* dotnet: new\nSocketException((int)SocketError.InvalidArgument).Message is empty\n(BZ#1712471)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.11/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:1259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-0757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-0820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-0980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-0981\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0757\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-host-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-host-fxr-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-host-fxr-2.1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-2.1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1.5xx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1.5xx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:1259\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-2.1.507-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-debuginfo-2.1.507-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-debugsource-2.1.507-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-host-2.1.11-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-host-debuginfo-2.1.11-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-host-fxr-2.1-2.1.11-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-host-fxr-2.1-debuginfo-2.1.11-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-runtime-2.1-2.1.11-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-runtime-2.1-debuginfo-2.1.11-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-sdk-2.1-2.1.507-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-sdk-2.1.5xx-2.1.507-2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dotnet-sdk-2.1.5xx-debuginfo-2.1.507-2.el8_0\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dotnet / dotnet-debuginfo / dotnet-debugsource / dotnet-host / etc\");\n }\n}\n", "cvss": {"score": 4, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2022-04-11T23:04:53", "description": "A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-09T02:29:00", "type": "cve", "title": "CVE-2019-0757", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757"], "modified": "2022-04-11T20:36:00", "cpe": ["cpe:/a:microsoft:.net_core_sdk:1.1", "cpe:/a:microsoft:visual_studio_2017:-", "cpe:/o:redhat:enterprise_linux_eus:8.2", "cpe:/a:microsoft:nuget:4.7.2", "cpe:/o:redhat:enterprise_linux_server_tus:8.2", "cpe:/a:microsoft:nuget:4.3.1", "cpe:/a:microsoft:nuget:4.9.4", "cpe:/a:microsoft:.net_core_sdk:2.1.500", "cpe:/a:mono-project:mono_framework:5.18.0.223", "cpe:/o:redhat:enterprise_linux_server_aus:8.4", "cpe:/o:redhat:enterprise_linux_server_aus:8.2", "cpe:/o:redhat:enterprise_linux:8.0", "cpe:/a:microsoft:nuget:4.4.2", "cpe:/a:microsoft:nuget:4.6.3", "cpe:/a:microsoft:nuget:4.5.2", "cpe:/a:mono-project:mono_framework:5.20.0", "cpe:/o:redhat:enterprise_linux_server_tus:8.4", "cpe:/o:redhat:enterprise_linux_eus:8.1", "cpe:/o:redhat:enterprise_linux_eus:8.4", "cpe:/a:microsoft:.net_core_sdk:2.2.100", "cpe:/a:microsoft:nuget:4.8.2"], "id": "CVE-2019-0757", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0757", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:nuget:4.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_core_sdk:2.1.500:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_core_sdk:2.2.100:*:*:*:*:*:*:*", "cpe:2.3:a:mono-project:mono_framework:5.18.0.223:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_core_sdk:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono-project:mono_framework:5.20.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.3.1:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2022-04-11T23:32:46", "description": ".NET Core is a managed-software framework. It implements the .NET standard APIs and several additional APIs, and it includes a CLR implementation.\n\nNew versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.15, 1.1.12, 2.1.9, and 2.2.3.\n\nSecurity Fix(es):\n\n* A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. (CVE-2019-0757)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor more information, please refer to the upstream doc in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-13T13:39:24", "type": "redhat", "title": "(RHSA-2019:0544) Important: .NET Core on Red Hat Enterprise Linux security update for March 2019", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757"], "modified": "2019-03-13T13:49:47", "id": "RHSA-2019:0544", "href": "https://access.redhat.com/errata/RHSA-2019:0544", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-02-02T22:12:56", "description": ".NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nA new version of .NET Core that address security vulnerabilities is now available. The updated version is .NET Core Runtime 2.1.11 and SDK 2.1.507.\n\nSecurity Fix(es):\n\n* dotnet: NuGet Tampering Vulnerability (CVE-2019-0757)\n\n* dotnet: timeouts for regular expressions are not enforced (CVE-2019-0820)\n\n* dotnet: infinite loop in URI.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0980)\n\n* dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0981)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* dotnet: new SocketException((int)SocketError.InvalidArgument).Message is empty (BZ#1712471)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-22T10:12:17", "type": "redhat", "title": "(RHSA-2019:1259) Important: dotnet security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757", "CVE-2019-0820", "CVE-2019-0980", "CVE-2019-0981"], "modified": "2019-05-22T10:16:28", "id": "RHSA-2019:1259", "href": "https://access.redhat.com/errata/RHSA-2019:1259", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-07-04T06:01:13", "description": "A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-09T02:29:00", "type": "debiancve", "title": "CVE-2019-0757", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757"], "modified": "2019-04-09T02:29:00", "id": "DEBIANCVE:CVE-2019-0757", "href": "https://security-tracker.debian.org/tracker/CVE-2019-0757", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:32:20", "description": "The host is installed with Visual Studio\n and is prone to tampering vulnerability.", "cvss3": {}, "published": "2019-03-14T00:00:00", "type": "openvas", "title": "Microsoft Visual Studio NuGet Package Manager Tampering Vulnerability-MACOSX", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0757"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310815000", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815000", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:microsoft:visual_studio\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815000\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2019-0757\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-14 12:34:57 +0530 (Thu, 14 Mar 2019)\");\n script_name(\"Microsoft Visual Studio NuGet Package Manager Tampering Vulnerability-MACOSX\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Visual Studio\n and is prone to tampering vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to an improper\n permissions on folders inside the NuGet packages folder structure.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n authenticated attacker to modify a NuGet package's folder structure. An attacker\n who successfully exploited this vulnerability could potentially modify files\n and folders that are unpackaged on a system.\");\n\n script_tag(name:\"affected\", value:\"Visual Studio 2017 prior to version 7.8.3.2 on MACOSX\");\n\n script_tag(name:\"solution\", value:\"Update Visual Studio to version Visual Studio 2017\n 7.8.0.1624 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-mac-relnotes\");\n script_xref(name:\"URL\", value:\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0757\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_visual_studio_detect_macosx.nasl\");\n script_mandatory_keys(\"VisualStudio/MacOSX/Version\");\n exit(0);\n}\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE) ) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"7.0\", test_version2:\"7.8.2.1\"))\n{\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Visual Studio 2017 7.8.3.2\", install_path: path);\n security_message(data: report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2020-06-05T16:27:24", "description": "The host is installed with .NET Core\n and is prone to tampering vulnerability.", "cvss3": {}, "published": "2019-03-13T00:00:00", "type": "openvas", "title": "Microsoft .NET Core NuGet Package Manager Tampering Vulnerability - Linux", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0757"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310814698", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814698", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:microsoft:.net_core\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814698\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-0757\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-13 08:37:41 +0530 (Wed, 13 Mar 2019)\");\n script_name(\"Microsoft .NET Core NuGet Package Manager Tampering Vulnerability - Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with .NET Core\n and is prone to tampering vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to an improper\n permissions on folders inside the NuGet packages folder structure.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an authenticated attacker to modify a NuGet package's folder structure.\n An attacker who successfully exploited this vulnerability could potentially\n modify files and folders that are unpackaged on a system.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Core 1.0 before 1.0.15, 1.1 before 1.1.12, 2.1 before 2.1.9 and 2.2 before 2.2.3.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Microsoft .NET Core version 1.0.15 or 1.1.12\n or 2.1.9 or 2.2.3 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0757\");\n script_xref(name:\"URL\", value:\"https://devblogs.microsoft.com/dotnet/net-core-march-2019\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_dotnet_core_runtime_detect_lin.nasl\");\n script_mandatory_keys(\"dotnet/core/runtime/Linux/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\n\ndot_ver = infos['version'];\ndot_path = infos['location'];\n\nif(version_in_range(version:dot_ver, test_version:\"1.0\", test_version2:\"1.0.14\")){\n fix = \"1.0.15\";\n}\nelse if(version_in_range(version:dot_ver, test_version:\"1.1\", test_version2:\"1.1.11\")){\n fix = \"1.1.12\";\n}\nelse if(version_in_range(version:dot_ver, test_version:\"2.1\", test_version2:\"2.1.8\")){\n fix = \"2.1.9\";\n}\nelse if(version_in_range(version:dot_ver, test_version:\"2.2\", test_version2:\"2.2.2\")){\n fix = \"2.2.3\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:dot_ver, fixed_version:fix, install_path:dot_path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:41:23", "description": "A tampering vulnerability exists in the NuGet Package Manager for Linux and\nMac that could allow an authenticated attacker to modify a NuGet package's\nfolder structure, aka 'NuGet Package Manager Tampering Vulnerability'.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[ebarretto](<https://launchpad.net/~ebarretto>) | < 4.3 are not affected\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-09T00:00:00", "type": "ubuntucve", "title": "CVE-2019-0757", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757"], "modified": "2019-04-09T00:00:00", "id": "UB:CVE-2019-0757", "href": "https://ubuntu.com/security/CVE-2019-0757", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "symantec": [{"lastseen": "2021-06-08T19:04:32", "description": "### Description\n\nMicrosoft NuGet is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions.\n\n### Technologies Affected\n\n * Microsoft .NET Core 1.0 \n * Microsoft .NET Core 1.1 \n * Microsoft .NET Core 2.1 \n * Microsoft .NET Core SDK 1.1 \n * Microsoft .NET Core SDK 2.1.500 \n * Microsoft NuGet 4.3.1 \n * Microsoft NuGet 4.4.2 \n * Microsoft NuGet 4.5.2 \n * Microsoft NuGet 4.6.3 \n * Microsoft NuGet 4.7.2 \n * Microsoft NuGet 4.8.2 \n * Microsoft NuGet 4.9.4 \n * Microsoft Visual Studio for Mac \n * Mono-Project Mono 5.18.0.223 \n * Mono-Project Mono 5.20.0 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nTo exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "edition": 2, "cvss3": {}, "published": "2019-03-12T00:00:00", "type": "symantec", "title": "Microsoft NuGet Package Manager CVE-2019-0757 Tampering Security Bypass Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-0757"], "modified": "2019-03-12T00:00:00", "id": "SMNTC-107285", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/107285", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhatcve": [{"lastseen": "2023-02-01T08:16:31", "description": "A flaw was found in dotnet. A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-02T02:53:41", "type": "redhatcve", "title": "CVE-2019-0757", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757"], "modified": "2023-02-01T05:37:36", "id": "RH:CVE-2019-0757", "href": "https://access.redhat.com/security/cve/cve-2019-0757", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "kaspersky": [{"lastseen": "2021-08-18T11:10:16", "description": "### *Microsoft official advisories*:\n\n\n### *Detect date*:\n03/12/2019\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code.\n\n### *Affected products*:\nNuget 4.8.2 \nNuget 4.4.2 \nNuget 4.7.2 \nMono Framework Version 5.18.0.223 \n.NET Core SDK 2.1.500 \nNuget 4.3.1 \nNuget 4.9.4 \n.NET Core SDK 1.1 \nMono Framework Version 5.20.0 \nNuget 4.6.3 \nNuget 4.5.2 \nVisual Studio 2017 for Mac \n.NET Core SDK 2.2.100 \nTeam Foundation Server 2018 Update 3.2 \nMicrosoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8) \nTeam Foundation Server 2018 Update 1.2 \nTeam Foundation Server 2017 Update 3.1\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-0757](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0757>) \n[CVE-2019-0809](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0809>) \n[CVE-2019-0777](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0777>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Visual Studio](<https://threats.kaspersky.com/en/product/Microsoft-Visual-Studio/>)\n\n### *CVE-IDS*:\n[CVE-2019-0809](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0809>)6.8High \n[CVE-2019-0777](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0777>)3.5Warning \n[CVE-2019-0757](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0757>)4.0Warning", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-03-12T00:00:00", "type": "kaspersky", "title": "KLA11433 Multiple vulnerabilities in Microsoft Developer Tools", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757", "CVE-2019-0777", "CVE-2019-0809"], "modified": "2020-07-22T00:00:00", "id": "KLA11433", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11433/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:37", "description": "[2.1.507-2]\n- Link against strerror_r correctly\n- Resolves: RHBZ#1712471\n[2.1.507-1]\n- Update to .NET Core Runtime 2.1.11 and SDK 2.1.507\n- Resolves: RHBZ#1710068\n[2.1.506-1]\n- Update to .NET Core Runtime 2.1.10 and SDK 2.1.506\n- Resolves: RHBZ#1696836", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-07-30T00:00:00", "type": "oraclelinux", "title": "dotnet security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0757", "CVE-2019-0820", "CVE-2019-0980", "CVE-2019-0981"], "modified": "2019-07-30T00:00:00", "id": "ELSA-2019-1259", "href": "http://linux.oracle.com/errata/ELSA-2019-1259.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "threatpost": [{"lastseen": "2020-02-15T11:44:46", "description": "Microsoft released patches for two Win32k bugs actively under attack, along with fixes for four additional bugs that are publicly known, as part of its March Patch Tuesday security bulletin. The Win32k bugs are both elevation of privilege vulnerabilities, rated important, and tied to the way Windows handles objects in memory.\n\n\u201cAn attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,\u201d wrote Microsoft in its security bulletin for both Win32k bugs ([CVE-2019-0797](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797>), [CVE-2019-0808](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808>)).\n\nOne of the bugs being actively exploited was reported by Kaspersky Lab, while the other was reported by the Google Threat Analysis Group. News broke last week that two vulnerabilities \u2013 CVE-2019-0808 and a separate Google Chrome [CVE-2019-5786](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5786>) \u2013 were being actively exploited in the wild together. Now all three zero-days have been patched.\n\n[![](https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg)](<https://threatpost.com/newsletter-sign/>)\n\nThe four additional bugs, rated important, which are publicly known exploits ([CVE-2019-0683](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0683>), [CVE-2019-0754](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0754>), [CVE-2019-0757](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0757>) and [CVE-2019-0809](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0809>)), ranged from an Active Directory elevation of privilege vulnerability to a Windows denial of service vulnerability.\n\nThe most interesting of the above bugs is CVE-2019-0757 \u2013 a NuGet package manager tampering vulnerability. According to commentary by researchers at the Zero Day Initiative, the patch corrects a bug in the NuGet package manager that allows an attacker to modify a package\u2019s folder structure.\n\n\u201cIf successful, [an adversary] could modify files and folders that are unpackaged on a system,\u201d ZDI wrote. \u201cIf done silently, an attacker could potentially propagate their modified package to many unsuspecting users of the package manager. Fortunately, this requires authentication, which greatly reduces the chances of this occurring. This is one of the four publicly known bugs for this month, so if you\u2019re a NuGet user, definitely get this patch.\u201d\n\n## 17 Critical Bugs, Slayed\n\nIn all, Microsoft reported 64 unique bugs, 17 critical, 45 rated important, one moderate and one rated low in severity.\n\n\u201cThere are three Windows DHCP Client Remote Code Execution vulnerabilities with a 9.8 CVSS score in this month\u2019s release,\u201d wrote Satnam Narang, senior research engineer at Tenable in security brief. \u201cThis is the third straight month that Microsoft patched high severity bugs in either Windows DHCP Client or Windows DHCP Server, signaling increased attention on finding DHCP bugs.\u201d\n\nThose DHCP bugs ([CVE-2019-0697](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0697>), [CVE-2019-0698](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0698>), [CVE-2019-0726](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0726>)) could allow attackers to execute their code in the DHCP client on affected systems.\n\n\u201cThese bugs are particularly impactful since they require no user interaction \u2013 an attacker send a specially crafted response to a client \u2013 and every OS has a DHCP client,\u201d wrote [Dustin Childs in a blog post on the ZDI](<https://www.zerodayinitiative.com/blog/2019/3/12/the-march-2019-security-update-review>). \u201cThere would likely need to be a man-in-the-middle component to properly execute an attack, but a successful exploit would have wide-ranging consequences.\u201d\n\n## Battling Bad Scripting\n\nThis month\u2019s critical and important bug fixes were dominated by code execution flaws impacting Microsoft\u2019s Edge and Internet Explorer browsers. A Chakra scripting engine memory corruption vulnerability ([CVE-2019-0592](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592>)) patched by Microsoft is typical.\n\nThe flaw (CVE-2019-0592) is tied to the way the Chakra JavaScript scripting engine handles objects in memory in Microsoft Edge. \u201cAn attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system,\u201d Microsoft wrote. The attack scenario includes a booby-trapped website where specially crafted content triggers the attack chain.\n\nOn Tuesday, Microsoft also include three advisories. Here they are verbatim:\n\n * [ADV190009](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190009>) announces SHA-2 Code Sign support for Windows 7 SP1 and Windows Server 2008 R2. This update will be [required](<https://support.microsoft.com/en-us/help/4472027/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus>) for any new patches released after July 2019. Older versions of WSUS should also be updated to distribute the new SHA-2 signed patches.\n * [ADV190005](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190005>) gives guidance on sharing the same user account across multiple users. Microsoft discourages this behavior and considers it a major security risk.\n * [ADV190005](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190005>) provides mitigations for a potential denial-of-service in http.sys when receiving HTTP/2 requests. The patch allows users to set a limit on how many SETTINGS parameters can be sent in a single request.\n\n**_Don\u2019t miss our free live _****_[Threatpost webinar](<https://attendee.gotowebinar.com/register/6499105876772027139?source=ART>)_****_, \u201cExploring the Top 15 Most Common Vulnerabilities with HackerOne and GitHub,\u201d on Wed., Mar 20, at 2:00 p.m. ET._**\n\n**_Vulnerability experts Michiel Prins, co-founder of webinar sponsor HackerOne, and Greg Ose, GitHub\u2019s application security engineering manager, will join Threatpost editor Tom Spring to discuss what vulnerability types are most common in today\u2019s software, and what kind of impact they would have on organizations if exploited._**\n", "cvss3": {}, "published": "2019-03-12T21:52:31", "type": "threatpost", "title": "Microsoft Patches Two Win32k Bugs Under Active Attack", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2019-0592", "CVE-2019-0683", "CVE-2019-0697", "CVE-2019-0698", "CVE-2019-0726", "CVE-2019-0754", "CVE-2019-0757", "CVE-2019-0797", "CVE-2019-0808", "CVE-2019-0809", "CVE-2019-5786"], "modified": "2019-03-12T21:52:31", "id": "THREATPOST:0C6C1B17AFD30FEDE0604F98C6C93413", "href": "https://threatpost.com/microsoft-patches-two-win32k-bugs-under-active-attack/142742/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "talosblog": [{"lastseen": "2019-04-10T07:55:24", "description": "[![](https://4.bp.blogspot.com/-N7KuLtUvvXQ/XIfHXnKAXQI/AAAAAAAAFjI/trcN807FgdUskZ_UAx0dWuRlD5HpF9xeACK4BGAYYCw/s1600/recurring%2Bblog%2Bimages_patch%2Btuesday.jpg)](<http://4.bp.blogspot.com/-N7KuLtUvvXQ/XIfHXnKAXQI/AAAAAAAAFjI/trcN807FgdUskZ_UAx0dWuRlD5HpF9xeACK4BGAYYCw/s1600/recurring%2Bblog%2Bimages_patch%2Btuesday.jpg>) \nMicrosoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 64 vulnerabilities, 17 of which are rated \u201ccritical,\u201d 45 that are considered \u201cimportant\u201d and one \u201cmoderate\u201d and \u201clow\u201d vulnerability each. This release also includes two critical advisories \u2014 one covering security updates to Adobe Flash Player and another concerning SHA-2. \n \nThis month\u2019s security update covers security issues in a variety of Microsoft\u2019s products, including the VBScript scripting engine, Dynamic Host Configuration Protocol and the Chakra scripting engine. For coverage of these vulnerabilities, read the SNORT\u24c7 blog post [here](<https://blog.snort.org/2019/03/snort-rule-update-for-march-12-2019.html>). \n\n\n### Critical vulnerabilities\n\nMicrosoft disclosed 17 critical vulnerabilities this month, all of which we will highlight below. \n \n[CVE-2019-0592](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592>) is a memory corruption vulnerability in the Chakra scripting engine that could allow an attacker to elevate their privileges. The bug lies in the way that the scripting engine handles objects in memory. In order to exploit this vulnerability, an attacker would need to trick a user into visiting a specially crafted, malicious web page in the Microsoft Edge web browser. \n \n[CVE-2019-0763](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0763>) is a remote code execution vulnerability that exists when the Internet Explorer web browser improperly handles objects in memory. An attacker could exploit this vulnerability by tricking a user into visiting a malicious web page while using Internet Explorer. \n \n[CVE-2019-0756](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0756>) is a remote code execution vulnerability in the Microsoft XML Core Services MSXML parser. An attacker can exploit this bug by tricking the user into opening a specially crafted website designed to invoke MSXML through a web browser. Eventually, the attacker would gain the ability to execute malicious code and take control of the user\u2019s system. \n \n[CVE-2019-0609](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609>), [CVE-2019-0639](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639>), [CVE-2019-0680](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0680>), [CVE-2019-0769](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769>), [CVE-2019-0770](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0770>), [CVE-2019-0771](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771>) and [CVE-2019-0773](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773>) are all memory corruption vulnerabilities in Microsoft\u2019s scripting engine that exist due to the way Microsoft Edge handles objects in memory. An attacker could exploit these bugs to corrupt memory in a way that would allow them to execute arbitrary code in the context of the current user. A user would trigger this vulnerability if they visited a specially crafted, malicious web page in Edge. \n \n[CVE-2019-0784](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0784>) is a remote code execution vulnerability that exists due to the way ActiveX Data Objects (ADO) handle objects in memory. An attacker could exploit this bug by tricking a user into visiting a specially crafted, malicious web page in Internet Explorer. Alternatively, they could embed an ActiveX control marked \u201csafe for initialization\u201d in an application or Microsoft Office document that hosts the Internet Explorer rendering engine. \n \n[CVE-2019-0603](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0603>) is a remote code execution vulnerability in Windows Deployment Services TFTP Server. The bug lies in the way the server handles objects in memory. If an attacker were to exploit this vulnerability, they\u2019d gain the ability to execute arbitrary code with elevated permissions on a target system. \n \n[CVE-2019-0697](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0697>), [CVE-2019-0698](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0698>) and [CVE-2019-0726](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0726>) are remote code execution vulnerabilities in the Windows DHCP client. The vulnerability triggers when the client receives specially crafted DHCP responses to a client, potentially allowing an attacker to execute arbitrary code on the target machine. \n \n[CVE-2019-0666](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0666>) and [CVE-2019-0667](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0667>) are vulnerabilities in the VBScript engine that exist due to the way the engine handles objects in memory. An attacker could use these bugs to corrupt memory in a way that would allow them to execute arbitrary code in the context of the current user. A user could trigger these vulnerabilities by visiting an attacker-created website through Internet Explorer. An attacker could also provide them with an embedded ActiveX control marked \u201csafe for initialization\u201d in an application or Microsoft Office document that hosts the Internet Explorer rendering engine. \n\n\n### Important vulnerabilities\n\nThis release also contains 45 important vulnerabilities: \n\n\n * [CVE-2019-0784](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0784>)\n * [CVE-2019-0611](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0611>)\n * [CVE-2019-0612](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0612>)\n * [CVE-2019-0614](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0614>)\n * [CVE-2019-0617](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0617>)\n * [CVE-2019-0665](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0665>)\n * [CVE-2019-0678](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0678>)\n * [CVE-2019-0682](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0682>)\n * [CVE-2019-0683](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0683>)\n * [CVE-2019-0689](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0689>)\n * [CVE-2019-0690](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0690>)\n * [CVE-2019-0692](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0692>)\n * [CVE-2019-0693](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0693>)\n * [CVE-2019-0694](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0694>)\n * [CVE-2019-0695](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0695>)\n * [CVE-2019-0696](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0696>)\n * [CVE-2019-0701](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0701>)\n * [CVE-2019-0702](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0702>)\n * [CVE-2019-0703](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0703>)\n * [CVE-2019-0704](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0704>)\n * [CVE-2019-0746](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746>)\n * [CVE-2019-0748](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0748>)\n * [CVE-2019-0754](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0754>)\n * [CVE-2019-0755](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0755>)\n * [CVE-2019-0757](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0757>)\n * [CVE-2019-0759](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0759>)\n * [CVE-2019-0761](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0761>)\n * [CVE-2019-0762](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0762>)\n * [CVE-2019-0765](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0765>)\n * [CVE-2019-0766](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0766>)\n * [CVE-2019-0767](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0767>)\n * [CVE-2019-0768](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0768>)\n * [CVE-2019-0772](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0772>)\n * [CVE-2019-0774](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0774>)\n * [CVE-2019-0775](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0775>)\n * [CVE-2019-0776](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0776>)\n * [CVE-2019-0778](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0778>)\n * [CVE-2019-0779](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0779>)\n * [CVE-2019-0780](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0780>)\n * [CVE-2019-0782](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0782>)\n * [CVE-2019-0783](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0783>)\n * [CVE-2019-0797](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797>)\n * [CVE-2019-0798](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0798>)\n * [CVE-2019-0808](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808>)\n * [CVE-2019-0809](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0809>)\n * [CVE-2019-0821](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0821>)\n\n### Moderate\n\nThere was one moderate vulnerability in this release: [CVE-2019-0816](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0816>), a security feature bypass vulnerability in Azure SSH Keypairs. \n\n\n### Low\n\nThe only low vulnerability in this release is [CVE-2019-0777](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0777>), a cross-site scripting vulnerability in Team Foundation. \n\n\n### Coverage \n\nIn response to these vulnerability disclosures, Talos is releasing the following SNORT\u24c7 rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up-to-date by downloading the latest rule pack available for purchase on Snort.org. \n \nSnort rules: [45142, 45143](<https://snort.org/advisories/600>), [46554, 46555](<https://snort.org/advisories/760>), [48051, 48052](<https://snort.org/advisories/609>), [49172, 49173, 49364 - 49369, 49371, 49372, 49378 - 49395, 49400 - 49403](<https://snort.org/advisories/760>) \n\n\n \n\n\n![](http://feeds.feedburner.com/~r/feedburner/Talos/~4/I_OWyHUhlnc)", "cvss3": {}, "published": "2019-03-12T11:00:00", "type": "talosblog", "title": "Microsoft Patch Tuesday \u2014 March 2019: Vulnerability disclosures and Snort coverage", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2019-0592", "CVE-2019-0603", "CVE-2019-0609", "CVE-2019-0611", "CVE-2019-0612", "CVE-2019-0614", "CVE-2019-0617", "CVE-2019-0639", "CVE-2019-0665", "CVE-2019-0666", "CVE-2019-0667", "CVE-2019-0678", "CVE-2019-0680", "CVE-2019-0682", "CVE-2019-0683", "CVE-2019-0689", "CVE-2019-0690", "CVE-2019-0692", "CVE-2019-0693", "CVE-2019-0694", "CVE-2019-0695", "CVE-2019-0696", "CVE-2019-0697", "CVE-2019-0698", "CVE-2019-0701", "CVE-2019-0702", "CVE-2019-0703", "CVE-2019-0704", "CVE-2019-0726", "CVE-2019-0746", "CVE-2019-0748", "CVE-2019-0754", "CVE-2019-0755", "CVE-2019-0756", "CVE-2019-0757", "CVE-2019-0759", "CVE-2019-0761", "CVE-2019-0762", "CVE-2019-0763", "CVE-2019-0765", "CVE-2019-0766", "CVE-2019-0767", "CVE-2019-0768", "CVE-2019-0769", "CVE-2019-0770", "CVE-2019-0771", "CVE-2019-0772", "CVE-2019-0773", "CVE-2019-0774", "CVE-2019-0775", "CVE-2019-0776", "CVE-2019-0777", "CVE-2019-0778", "CVE-2019-0779", "CVE-2019-0780", "CVE-2019-0782", "CVE-2019-0783", "CVE-2019-0784", "CVE-2019-0797", "CVE-2019-0798", "CVE-2019-0808", "CVE-2019-0809", "CVE-2019-0816", "CVE-2019-0821"], "modified": "2019-03-12T18:00:13", "id": "TALOSBLOG:D9C5C0AB436B4386A2A294DC24E5D966", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/I_OWyHUhlnc/microsoft-patch-tuesday-march-2019.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}