ID AL2_ALAS-2020-1430.NASL Type nessus Reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2020-05-21T00:00:00
Description
infinite loop via malformed DNS answers received from upstream servers
(CVE-2020-12663)
insufficient control of network message volume leads to DoS
(CVE-2020-12662)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1430.
#
include("compat.inc");
if (description)
{
script_id(136753);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/26");
script_cve_id("CVE-2020-12662", "CVE-2020-12663");
script_xref(name:"ALAS", value:"2020-1430");
script_name(english:"Amazon Linux 2 : unbound (ALAS-2020-1430)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Amazon Linux 2 host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"infinite loop via malformed DNS answers received from upstream servers
(CVE-2020-12663)
insufficient control of network message volume leads to DoS
(CVE-2020-12662)"
);
script_set_attribute(
attribute:"see_also",
value:"https://alas.aws.amazon.com/AL2/ALAS-2020-1430.html"
);
script_set_attribute(
attribute:"solution",
value:"Run 'yum update unbound' to update your system."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:unbound");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:unbound-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:unbound-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:unbound-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:unbound-python");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
script_set_attribute(attribute:"patch_publication_date", value:"2020/05/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/21");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Amazon Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "2")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux 2", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"AL2", reference:"unbound-1.6.6-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"unbound-debuginfo-1.6.6-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"unbound-devel-1.6.6-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"unbound-libs-1.6.6-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"unbound-python-1.6.6-1.amzn2.0.3")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "unbound / unbound-debuginfo / unbound-devel / unbound-libs / etc");
}
{"id": "AL2_ALAS-2020-1430.NASL", "bulletinFamily": "scanner", "title": "Amazon Linux 2 : unbound (ALAS-2020-1430)", "description": "infinite loop via malformed DNS answers received from upstream servers\n(CVE-2020-12663)\n\ninsufficient control of network message volume leads to DoS\n(CVE-2020-12662)", "published": "2020-05-21T00:00:00", "modified": "2020-05-21T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/136753", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://alas.aws.amazon.com/AL2/ALAS-2020-1430.html"], "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "type": "nessus", "lastseen": "2020-05-31T17:02:01", "edition": 2, "viewCount": 15, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-12663", "CVE-2020-12662"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4694-1:73545"]}, {"type": "redhat", "idList": ["RHSA-2020:2642", "RHSA-2020:4181", "RHSA-2020:2419", "RHSA-2020:2418", "RHSA-2020:2416", "RHSA-2020:3194", "RHSA-2020:2640", "RHSA-2020:2414"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-2416", "ELSA-2020-2640", "ELSA-2020-2414"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310883248", "OPENVAS:1361412562310853241", "OPENVAS:1361412562310877871", "OPENVAS:1361412562310883256", "OPENVAS:1361412562310877874", "OPENVAS:1361412562310853244", "OPENVAS:1361412562310704694", "OPENVAS:1361412562310143940", "OPENVAS:1361412562310844446"]}, {"type": "archlinux", "idList": ["ASA-202005-14"]}, {"type": "centos", "idList": ["CESA-2020:2642", "CESA-2020:2414"]}, {"type": "ubuntu", "idList": ["USN-4374-1"]}, {"type": "amazon", "idList": ["ALAS-2020-1373", "ALAS2-2020-1463", "ALAS2-2020-1430"]}, {"type": "freebsd", "idList": ["A2CB7C31-9C79-11EA-A9C2-D05099C0AE8C"]}, {"type": "fedora", "idList": ["FEDORA:C558F604E908", "FEDORA:895F26075DA0"]}, {"type": "nessus", "idList": ["ALA_ALAS-2020-1373.NASL", "ORACLELINUX_ELSA-2020-2640.NASL", "REDHAT-RHSA-2020-2419.NASL", "FEDORA_2020-8E9B62948E.NASL", "EULEROS_SA-2020-1933.NASL", "REDHAT-RHSA-2020-4181.NASL", "SL_20200609_UNBOUND_ON_SL7_X.NASL", "SL_20200622_UNBOUND_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2020-2416.NASL", "EULEROS_SA-2020-2454.NASL"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:9100A814D32D09030B2A8287AFAFD828"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0913-1", "OPENSUSE-SU-2020:0912-1"]}], "modified": "2020-05-31T17:02:01", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2020-05-31T17:02:01", "rev": 2}, "vulnersScore": 5.9}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1430.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136753);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/26\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_xref(name:\"ALAS\", value:\"2020-1430\");\n\n script_name(english:\"Amazon Linux 2 : unbound (ALAS-2020-1430)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"infinite loop via malformed DNS answers received from upstream servers\n(CVE-2020-12663)\n\ninsufficient control of network message volume leads to DoS\n(CVE-2020-12662)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1430.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update unbound' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:unbound-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:unbound-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:unbound-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:unbound-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"unbound-1.6.6-1.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"unbound-debuginfo-1.6.6-1.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"unbound-devel-1.6.6-1.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"unbound-libs-1.6.6-1.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"unbound-python-1.6.6-1.amzn2.0.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"unbound / unbound-debuginfo / unbound-devel / unbound-libs / etc\");\n}\n", "naslFamily": "Amazon Linux Local Security Checks", "pluginID": "136753", "cpe": ["p-cpe:/a:amazon:linux:unbound-debuginfo", "p-cpe:/a:amazon:linux:unbound-devel", "cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:unbound-python", "p-cpe:/a:amazon:linux:unbound", "p-cpe:/a:amazon:linux:unbound-libs"], "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "scheme": null}
{"cve": [{"lastseen": "2020-12-09T22:03:06", "description": "Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an \"NXNSAttack\" issue. This is triggered by random subdomains in the NSDNAME in NS records.", "edition": 12, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-19T14:15:00", "title": "CVE-2020-12662", "type": "cve", "cwe": ["CWE-674"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12662"], "modified": "2020-07-08T23:15:00", "cpe": [], "id": "CVE-2020-12662", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12662", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2020-12-09T22:03:06", "description": "Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.", "edition": 11, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-19T14:15:00", "title": "CVE-2020-12663", "type": "cve", "cwe": ["CWE-835"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12663"], "modified": "2020-07-08T23:15:00", "cpe": [], "id": "CVE-2020-12663", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12663", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}], "debian": [{"lastseen": "2020-08-12T01:10:34", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4694-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 26, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : unbound\nCVE ID : CVE-2020-12662 CVE-2020-12663\n\nTwo vulnerabiliites have been discovered in Unbound, a recursive-only\ncaching DNS server; a traffic amplification attack against third party\nauthoritative name servers (NXNSAttack) and insufficient sanitisation\nof replies from upstream servers could result in denial of service via\nan infinite loop.\n\nThe version of Unbound in the oldstable distribution (stretch) is\nno longer supported. If these security issues affect your setup, you\nshould upgrade to the stable distribution (buster).\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.9.0-2+deb10u2.\n\nWe recommend that you upgrade your unbound packages.\n\nFor the detailed security status of unbound please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/unbound\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2020-05-26T21:26:23", "published": "2020-05-26T21:26:23", "id": "DEBIAN:DSA-4694-1:73545", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00098.html", "title": "[SECURITY] [DSA 4694-1] unbound security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2020-10-07T18:05:07", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n* unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-10-06T14:09:02", "published": "2020-10-06T13:53:56", "id": "RHSA-2020:4181", "href": "https://access.redhat.com/errata/RHSA-2020:4181", "type": "redhat", "title": "(RHSA-2020:4181) Important: unbound security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-22T07:53:28", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n* unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-06-22T10:55:12", "published": "2020-06-22T10:27:28", "id": "RHSA-2020:2640", "href": "https://access.redhat.com/errata/RHSA-2020:2640", "type": "redhat", "title": "(RHSA-2020:2640) Important: unbound security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-08T11:52:20", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n* unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-06-08T14:16:00", "published": "2020-06-08T14:03:18", "id": "RHSA-2020:2419", "href": "https://access.redhat.com/errata/RHSA-2020:2419", "type": "redhat", "title": "(RHSA-2020:2419) Important: unbound security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-08T09:51:24", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n* unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-06-08T13:24:29", "published": "2020-06-08T13:03:29", "id": "RHSA-2020:2416", "href": "https://access.redhat.com/errata/RHSA-2020:2416", "type": "redhat", "title": "(RHSA-2020:2416) Important: unbound security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-08T11:52:21", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n* unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-06-08T14:10:51", "published": "2020-06-08T14:03:15", "id": "RHSA-2020:2418", "href": "https://access.redhat.com/errata/RHSA-2020:2418", "type": "redhat", "title": "(RHSA-2020:2418) Important: unbound security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-08T07:50:53", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n* unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-06-08T11:43:47", "published": "2020-06-08T11:19:48", "id": "RHSA-2020:2414", "href": "https://access.redhat.com/errata/RHSA-2020:2414", "type": "redhat", "title": "(RHSA-2020:2414) Important: unbound security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-22T09:53:25", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10772", "CVE-2020-12662"], "description": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: incomplete fix for CVE-2020-12662 in RHEL7 (CVE-2020-10772)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-06-22T13:38:21", "published": "2020-06-22T10:50:56", "id": "RHSA-2020:2642", "href": "https://access.redhat.com/errata/RHSA-2020:2642", "type": "redhat", "title": "(RHSA-2020:2642) Important: unbound security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-28T20:03:39", "bulletinFamily": "unix", "cvelist": ["CVE-2018-14404", "CVE-2018-18074", "CVE-2018-19519", "CVE-2018-20060", "CVE-2018-20337", "CVE-2018-20852", "CVE-2018-7263", "CVE-2018-9251", "CVE-2019-1010180", "CVE-2019-1010204", "CVE-2019-11236", "CVE-2019-11324", "CVE-2019-12447", "CVE-2019-12448", "CVE-2019-12449", "CVE-2019-13232", "CVE-2019-13752", "CVE-2019-13753", "CVE-2019-14563", "CVE-2019-14822", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563", "CVE-2019-15847", "CVE-2019-16056", "CVE-2019-17451", "CVE-2019-19126", "CVE-2019-19232", "CVE-2019-19807", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19959", "CVE-2019-3016", "CVE-2019-3825", "CVE-2019-5094", "CVE-2019-5436", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-8457", "CVE-2020-10749", "CVE-2020-10754", "CVE-2020-10757", "CVE-2020-10766", "CVE-2020-10767", "CVE-2020-10768", "CVE-2020-11008", "CVE-2020-11080", "CVE-2020-12049", "CVE-2020-12653", "CVE-2020-12654", "CVE-2020-12662", "CVE-2020-12663", "CVE-2020-12888", "CVE-2020-13777", "CVE-2020-14316", "CVE-2020-8616", "CVE-2020-8617"], "description": "OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.\n\nSecurity Fix(es):\n\n* kubevirt: VMIs can be used to access host files (CVE-2020-14316)\n\n* containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nThis update also fixes several bugs and adds various enhancements.\n\nThis advisory contains the following OpenShift Virtualization 2.4.0 images:\n\nRHEL-7-CNV-2.4\n==============\nkubevirt-ssp-operator-container-v2.4.0-71\n\nRHEL-8-CNV-2.4\n==============\nvirt-cdi-controller-container-v2.4.0-29\nvirt-cdi-uploadproxy-container-v2.4.0-29\nhostpath-provisioner-container-v2.4.0-25\nvirt-cdi-operator-container-v2.4.0-29\nkubevirt-metrics-collector-container-v2.4.0-18\ncnv-containernetworking-plugins-container-v2.4.0-36\nkubevirt-kvm-info-nfd-plugin-container-v2.4.0-18\nhostpath-provisioner-operator-container-v2.4.0-31\nvirt-cdi-uploadserver-container-v2.4.0-29\nvirt-cdi-apiserver-container-v2.4.0-29\nvirt-controller-container-v2.4.0-58\nvirt-cdi-cloner-container-v2.4.0-29\nkubevirt-template-validator-container-v2.4.0-21\nvm-import-operator-container-v2.4.0-21\nkubernetes-nmstate-handler-container-v2.4.0-37\nnode-maintenance-operator-container-v2.4.0-27\nvirt-operator-container-v2.4.0-58\nkubevirt-v2v-conversion-container-v2.4.0-23\ncnv-must-gather-container-v2.4.0-73\nvirtio-win-container-v2.4.0-15\nkubevirt-cpu-node-labeller-container-v2.4.0-19\novs-cni-plugin-container-v2.4.0-37\nkubevirt-vmware-container-v2.4.0-21\nhyperconverged-cluster-operator-container-v2.4.0-70\nvirt-handler-container-v2.4.0-58\nvirt-cdi-importer-container-v2.4.0-29\nvirt-launcher-container-v2.4.0-58\nkubevirt-cpu-model-nfd-plugin-container-v2.4.0-17\nvirt-api-container-v2.4.0-58\novs-cni-marker-container-v2.4.0-38\nkubemacpool-container-v2.4.0-39\ncluster-network-addons-operator-container-v2.4.0-38\nbridge-marker-container-v2.4.0-39\nvm-import-controller-container-v2.4.0-21\nhco-bundle-registry-container-v2.3.0-497", "modified": "2020-07-28T22:06:05", "published": "2020-07-28T22:02:45", "id": "RHSA-2020:3194", "href": "https://access.redhat.com/errata/RHSA-2020:3194", "type": "redhat", "title": "(RHSA-2020:3194) Important: Container-native Virtualization security, bug fix, and enhancement update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-06-09T09:31:23", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "[1.7.3-11]\n- Fix amplifying an incoming query into a large number of queries directed to a target\n- Resolves: rhbz#1839177 (CVE-2020-12662), rhbz#1840262 (CVE-2020-12663)", "edition": 1, "modified": "2020-06-08T00:00:00", "published": "2020-06-08T00:00:00", "id": "ELSA-2020-2416", "href": "http://linux.oracle.com/errata/ELSA-2020-2416.html", "title": "unbound security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-23T11:33:33", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "[1.4.20-29.1]\n- Fix segfault in unbound-1.4.20-amplifying-an-incoming-query.patch\n- Resolves: rhbz#1839171 (CVE-2020-12662), rhbz#1840257 (CVE-2020-12663)\n[1.4.20-28.1]\n- Fix unbound-1.4.20-amplifying-an-incoming-query.patch patch so it won't produce compiler warnings\n- Resolves: rhbz#1839171 (CVE-2020-12662), rhbz#1840257 (CVE-2020-12663)\n[1.4.20-27.1]\n- Fix amplifying an incoming query into a large number of queries directed to a target\n- Resolves: rhbz#1839171 (CVE-2020-12662), rhbz#1840257 (CVE-2020-12663)\n[1.4.20-26.1]\n- Resolves: #1655929 - Unbound crashed when running 'unbound-control log_reopen'", "edition": 1, "modified": "2020-06-23T00:00:00", "published": "2020-06-23T00:00:00", "id": "ELSA-2020-2640", "href": "http://linux.oracle.com/errata/ELSA-2020-2640.html", "title": "unbound security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-09T11:22:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "[1.6.6-4]\n- Fix amplifying an incoming query into a large number of queries directed to a target\n- Resolves: rhbz#1839172 (CVE-2020-12662), rhbz#1840258 (CVE-2020-12663)", "edition": 2, "modified": "2020-06-09T00:00:00", "published": "2020-06-09T00:00:00", "id": "ELSA-2020-2414", "href": "http://linux.oracle.com/errata/ELSA-2020-2414.html", "title": "unbound security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2020-06-03T15:38:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The remote host is missing an update for the ", "modified": "2020-05-29T00:00:00", "published": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562310877874", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877874", "type": "openvas", "title": "Fedora: Security Advisory for unbound (FEDORA-2020-3cfd38fefd)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877874\");\n script_version(\"2020-05-29T08:53:11+0000\");\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 08:53:11 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-29 03:28:54 +0000 (Fri, 29 May 2020)\");\n script_name(\"Fedora: Security Advisory for unbound (FEDORA-2020-3cfd38fefd)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-3cfd38fefd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F5NFROI2OMCZLYRTCNGHGO3TUD32LCIQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'unbound'\n package(s) announced via the FEDORA-2020-3cfd38fefd advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Unbound is a validating, recursive, and caching DNS(SEC) resolver.\n\nThe C implementation of Unbound is developed and maintained by NLnet\nLabs. It is based on ideas and algorithms taken from a java prototype\n\nUnbound is designed as a set of modular components, so that also\nDNSSEC (secure DNS) validation and stub-resolvers (that do not run\nas a server, but are linked into an application) are easily possible.\");\n\n script_tag(name:\"affected\", value:\"'unbound' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound\", rpm:\"unbound~1.10.1~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-03T15:39:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The remote host is missing an update for the ", "modified": "2020-05-29T00:00:00", "published": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562310877871", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877871", "type": "openvas", "title": "Fedora: Security Advisory for unbound (FEDORA-2020-8e9b62948e)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877871\");\n script_version(\"2020-05-29T08:53:11+0000\");\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 08:53:11 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-29 03:28:50 +0000 (Fri, 29 May 2020)\");\n script_name(\"Fedora: Security Advisory for unbound (FEDORA-2020-8e9b62948e)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-8e9b62948e\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJ42N2HBZ3DXMSEC56SWIIOFQGOS5M7I\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'unbound'\n package(s) announced via the FEDORA-2020-8e9b62948e advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Unbound is a validating, recursive, and caching DNS(SEC) resolver.\n\nThe C implementation of Unbound is developed and maintained by NLnet\nLabs. It is based on ideas and algorithms taken from a java prototype\n\nUnbound is designed as a set of modular components, so that also\nDNSSEC (secure DNS) validation and stub-resolvers (that do not run\nas a server, but are linked into an application) are easily possible.\");\n\n script_tag(name:\"affected\", value:\"'unbound' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound\", rpm:\"unbound~1.10.1~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-28T13:54:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The remote host is missing an update for the ", "modified": "2020-05-28T00:00:00", "published": "2020-05-28T00:00:00", "id": "OPENVAS:1361412562310704694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704694", "type": "openvas", "title": "Debian: Security Advisory for unbound (DSA-4694-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704694\");\n script_version(\"2020-05-28T03:00:07+0000\");\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-28 03:00:07 +0000 (Thu, 28 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-28 03:00:07 +0000 (Thu, 28 May 2020)\");\n script_name(\"Debian: Security Advisory for unbound (DSA-4694-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4694.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4694-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'unbound'\n package(s) announced via the DSA-4694-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Two vulnerabiliites have been discovered in Unbound, a recursive-only\ncaching DNS server, a traffic amplification attack against third party\nauthoritative name servers (NXNSAttack) and insufficient sanitisation\nof replies from upstream servers could result in denial of service via\nan infinite loop.\n\nThe version of Unbound in the oldstable distribution (stretch) is\nno longer supported. If these security issues affect your setup, you\nshould upgrade to the stable distribution (buster).\");\n\n script_tag(name:\"affected\", value:\"'unbound' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 1.9.0-2+deb10u2.\n\nWe recommend that you upgrade your unbound packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libunbound-dev\", ver:\"1.9.0-2+deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libunbound8\", ver:\"1.9.0-2+deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-unbound\", ver:\"1.9.0-2+deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3-unbound\", ver:\"1.9.0-2+deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"unbound\", ver:\"1.9.0-2+deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"unbound-anchor\", ver:\"1.9.0-2+deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"unbound-host\", ver:\"1.9.0-2+deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-26T15:21:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "Unbound DNS Resolver is prone to multiple vulnerabilities.", "modified": "2020-05-25T00:00:00", "published": "2020-05-20T00:00:00", "id": "OPENVAS:1361412562310143940", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310143940", "type": "openvas", "title": "Unbound DNS Resolver < 1.10.1 Multiple Vulnerabilities", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:nlnetlabs:unbound\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.143940\");\n script_version(\"2020-05-25T07:05:32+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-25 07:05:32 +0000 (Mon, 25 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-20 02:43:01 +0000 (Wed, 20 May 2020)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Unbound DNS Resolver < 1.10.1 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"unbound_version.nasl\");\n script_mandatory_keys(\"unbound/installed\");\n\n script_tag(name:\"summary\", value:\"Unbound DNS Resolver is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Unbound DNS Resolver is prone to multiple vulnerabilities:\n\n - Unbound can be tricked into amplifying an incoming query into a large number of queries directed to a\n target (CVE-2020-12662)\n\n - Malformed answers from upstream name servers can be used to make Unbound unresponsive (CVE-2020-12663)\");\n\n script_tag(name:\"affected\", value:\"Ubound DNS Resolver version 1.10.0 and prior.\");\n\n script_tag(name:\"solution\", value:\"Update to version 1.10.1 or later.\");\n\n script_xref(name:\"URL\", value:\"https://nlnetlabs.nl/downloads/unbound/CVE-2020-12662_2020-12663.txt\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_proto(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif (version_is_less(version: version, test_version: \"1.10.1\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"1.10.1\");\n security_message(port: port, data: report, proto: proto);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-15T15:56:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The remote host is missing an update for the ", "modified": "2020-06-12T00:00:00", "published": "2020-06-10T00:00:00", "id": "OPENVAS:1361412562310883248", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883248", "type": "openvas", "title": "CentOS: Security Advisory for unbound (CESA-2020:2414)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883248\");\n script_version(\"2020-06-12T07:11:22+0000\");\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-12 07:11:22 +0000 (Fri, 12 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-10 03:02:19 +0000 (Wed, 10 Jun 2020)\");\n script_name(\"CentOS: Security Advisory for unbound (CESA-2020:2414)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2020:2414\");\n script_xref(name:\"URL\", value:\"https://lists.centos.org/pipermail/centos-announce/2020-June/035751.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'unbound'\n package(s) announced via the CESA-2020:2414 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The unbound packages provide a validating, recursive, and caching DNS or\nDNSSEC resolver.\n\nSecurity Fix(es):\n\n * unbound: amplification of an incoming query into a large number of\nqueries directed to a target (CVE-2020-12662)\n\n * unbound: infinite loop via malformed DNS answers received from upstream\nservers (CVE-2020-12663)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\");\n\n script_tag(name:\"affected\", value:\"'unbound' package(s) on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound\", rpm:\"unbound~1.6.6~4.el7_8\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-devel\", rpm:\"unbound-devel~1.6.6~4.el7_8\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-libs\", rpm:\"unbound-libs~1.6.6~4.el7_8\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-python\", rpm:\"unbound-python~1.6.6~4.el7_8\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-03T15:51:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "The remote host is missing an update for the ", "modified": "2020-05-29T00:00:00", "published": "2020-05-28T00:00:00", "id": "OPENVAS:1361412562310844446", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844446", "type": "openvas", "title": "Ubuntu: Security Advisory for unbound (USN-4374-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844446\");\n script_version(\"2020-05-29T08:53:11+0000\");\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 08:53:11 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-28 03:00:19 +0000 (Thu, 28 May 2020)\");\n script_name(\"Ubuntu: Security Advisory for unbound (USN-4374-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS|UBUNTU20\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4374-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-May/005450.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'unbound'\n package(s) announced via the USN-4374-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Unbound\nincorrectly handled certain queries. A remote attacker could use this issue\nto perform an amplification attack directed at a target. (CVE-2020-12662)\n\nIt was discovered that Unbound incorrectly handled certain malformed\nanswers. A remote attacker could possibly use this issue to cause Unbound\nto crash, resulting in a denial of service. (CVE-2020-12663)\");\n\n script_tag(name:\"affected\", value:\"'unbound' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libunbound8\", ver:\"1.9.0-2ubuntu1.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"unbound\", ver:\"1.9.0-2ubuntu1.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libunbound2\", ver:\"1.6.7-1ubuntu2.3\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"unbound\", ver:\"1.6.7-1ubuntu2.3\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU20.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libunbound8\", ver:\"1.9.4-2ubuntu1.1\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"unbound\", ver:\"1.9.4-2ubuntu1.1\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-21T19:28:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18934", "CVE-2020-12662", "CVE-2020-12663"], "description": "The remote host is missing an update for the ", "modified": "2020-06-30T00:00:00", "published": "2020-06-30T00:00:00", "id": "OPENVAS:1361412562310853241", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853241", "type": "openvas", "title": "openSUSE: Security Advisory for unbound (openSUSE-SU-2020:0912-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853241\");\n script_version(\"2020-06-30T06:18:22+0000\");\n script_cve_id(\"CVE-2019-18934\", \"CVE-2020-12662\", \"CVE-2020-12663\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-30 06:18:22 +0000 (Tue, 30 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-30 03:00:50 +0000 (Tue, 30 Jun 2020)\");\n script_name(\"openSUSE: Security Advisory for unbound (openSUSE-SU-2020:0912-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0912-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'unbound'\n package(s) announced via the openSUSE-SU-2020:0912-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for unbound fixes the following issues:\n\n - CVE-2020-12662: Fixed an issue where unbound could have been tricked\n into amplifying an incoming query into a large number of queries\n directed to a target (bsc#1171889).\n\n - CVE-2020-12663: Fixed an issue where malformed answers from upstream\n name servers could have been used to make unbound unresponsive\n (bsc#1171889).\n\n - CVE-2019-18934: Fixed a vulnerability in the IPSec module which could\n have allowed code execution after receiving a special crafted answer\n (bsc#1157268).\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-912=1\");\n\n script_tag(name:\"affected\", value:\"'unbound' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libunbound-devel-mini\", rpm:\"libunbound-devel-mini~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libunbound-devel-mini-debuginfo\", rpm:\"libunbound-devel-mini-debuginfo~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libunbound-devel-mini-debugsource\", rpm:\"libunbound-devel-mini-debugsource~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-munin\", rpm:\"unbound-munin~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libunbound2\", rpm:\"libunbound2~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libunbound2-debuginfo\", rpm:\"libunbound2-debuginfo~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound\", rpm:\"unbound~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-anchor\", rpm:\"unbound-anchor~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-anchor-debuginfo\", rpm:\"unbound-anchor-debuginfo~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-debuginfo\", rpm:\"unbound-debuginfo~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-debugsource\", rpm:\"unbound-debugsource~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-devel\", rpm:\"unbound-devel~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-python\", rpm:\"unbound-python~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-python-debuginfo\", rpm:\"unbound-python-debuginfo~1.6.8~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-21T19:30:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18934", "CVE-2020-12662", "CVE-2020-12663"], "description": "The remote host is missing an update for the ", "modified": "2020-06-30T00:00:00", "published": "2020-06-30T00:00:00", "id": "OPENVAS:1361412562310853244", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853244", "type": "openvas", "title": "openSUSE: Security Advisory for unbound (openSUSE-SU-2020:0913-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853244\");\n script_version(\"2020-06-30T06:18:22+0000\");\n script_cve_id(\"CVE-2019-18934\", \"CVE-2020-12662\", \"CVE-2020-12663\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-30 06:18:22 +0000 (Tue, 30 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-30 03:00:57 +0000 (Tue, 30 Jun 2020)\");\n script_name(\"openSUSE: Security Advisory for unbound (openSUSE-SU-2020:0913-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.2\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0913-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'unbound'\n package(s) announced via the openSUSE-SU-2020:0913-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for unbound fixes the following issues:\n\n - CVE-2020-12662: Fixed an issue where unbound could have been tricked\n into amplifying an incoming query into a large number of queries\n directed to a target (bsc#1171889).\n\n - CVE-2020-12663: Fixed an issue where malformed answers from upstream\n name servers could have been used to make unbound unresponsive\n (bsc#1171889).\n\n - CVE-2019-18934: Fixed a vulnerability in the IPSec module which could\n have allowed code execution after receiving a special crafted answer\n (bsc#1157268).\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2020-913=1\");\n\n script_tag(name:\"affected\", value:\"'unbound' package(s) on openSUSE Leap 15.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libunbound-devel-mini\", rpm:\"libunbound-devel-mini~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libunbound-devel-mini-debuginfo\", rpm:\"libunbound-devel-mini-debuginfo~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libunbound-devel-mini-debugsource\", rpm:\"libunbound-devel-mini-debugsource~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-munin\", rpm:\"unbound-munin~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libunbound2\", rpm:\"libunbound2~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libunbound2-debuginfo\", rpm:\"libunbound2-debuginfo~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound\", rpm:\"unbound~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-anchor\", rpm:\"unbound-anchor~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-anchor-debuginfo\", rpm:\"unbound-anchor-debuginfo~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-debuginfo\", rpm:\"unbound-debuginfo~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-debugsource\", rpm:\"unbound-debugsource~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-devel\", rpm:\"unbound-devel~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-python\", rpm:\"unbound-python~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-python-debuginfo\", rpm:\"unbound-python-debuginfo~1.6.8~lp152.9.3.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-21T20:05:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-10772"], "description": "The remote host is missing an update for the ", "modified": "2020-06-30T00:00:00", "published": "2020-06-24T00:00:00", "id": "OPENVAS:1361412562310883256", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883256", "type": "openvas", "title": "CentOS: Security Advisory for unbound (CESA-2020:2642)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883256\");\n script_version(\"2020-06-30T06:18:22+0000\");\n script_cve_id(\"CVE-2020-10772\", \"CVE-2020-12662\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-30 06:18:22 +0000 (Tue, 30 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-24 03:01:15 +0000 (Wed, 24 Jun 2020)\");\n script_name(\"CentOS: Security Advisory for unbound (CESA-2020:2642)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2020:2642\");\n script_xref(name:\"URL\", value:\"https://lists.centos.org/pipermail/centos-announce/2020-June/035766.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'unbound'\n package(s) announced via the CESA-2020:2642 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The unbound packages provide a validating, recursive, and caching DNS or\nDNSSEC resolver.\n\nSecurity Fix(es):\n\n * unbound: incomplete fix for CVE-2020-12662 in RHEL7 (CVE-2020-10772)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\");\n\n script_tag(name:\"affected\", value:\"'unbound' package(s) on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound\", rpm:\"unbound~1.6.6~5.el7_8\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-devel\", rpm:\"unbound-devel~1.6.6~5.el7_8\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-libs\", rpm:\"unbound-libs~1.6.6~5.el7_8\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"unbound-python\", rpm:\"unbound-python~1.6.6~5.el7_8\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:39", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "Arch Linux Security Advisory ASA-202005-14\n==========================================\n\nSeverity: High\nDate : 2020-05-20\nCVE-ID : CVE-2020-12662 CVE-2020-12663\nPackage : unbound\nType : denial of service\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1164\n\nSummary\n=======\n\nThe package unbound before version 1.10.1-1 is vulnerable to denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 1.10.1-1.\n\n# pacman -Syu \"unbound>=1.10.1-1\"\n\nThe problems have been fixed upstream in version 1.10.1.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2020-12662 (denial of service)\n\nAn issue has been found in unbound before 1.10.1, that makes it\npossible to have a single incoming query result in a large number of\noutgoing queries. This amplification makes it possible for Unbound to\nbe used in a denial of service attack. The researchers discovering this\ncalled this attack the NXNSattack.This attack makes use of cache\nbypassing using random subdomains in the NSDNAME in NS records. When\nthese delegation records are received during iteration, and the answer\ndoes not contain glue records, a resolver has to send out a query to\nthe get the IP address for one of the names. When this query fails (for\nexample because the random name does not exist) a resolver will try the\nnext one. A large set of NS records with random names can result in a\nlarge number of outgoing queries going to the same target.\n\n- CVE-2020-12663 (denial of service)\n\nA security issue has been found in Unbound before 1.1.0.1, in the\nparser of received answers. Malformed answers received from upstream\nservers can result in Unbound entering an infinite loop and thereby\nbecoming unresponsive.\n\nImpact\n======\n\nA remote attacker can use the recursor has an amplification vector to\ncause a denial of service via a crafted reply. In addition, a remote\nattacker can crash the application via a crafted request.\n\nReferences\n==========\n\nhttps://nlnetlabs.nl/projects/unbound/security-advisories/\nhttps://nlnetlabs.nl/downloads/unbound/patch_cve_2020-12662_2020-12663.diff\nhttp://www.nxnsattack.com/\nhttps://security.archlinux.org/CVE-2020-12662\nhttps://security.archlinux.org/CVE-2020-12663", "modified": "2020-05-20T00:00:00", "published": "2020-05-20T00:00:00", "id": "ASA-202005-14", "href": "https://security.archlinux.org/ASA-202005-14", "type": "archlinux", "title": "[ASA-202005-14] unbound: denial of service", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2020-12-08T03:35:20", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "**CentOS Errata and Security Advisory** CESA-2020:2414\n\n\nThe unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n* unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2020-June/035750.html\nhttp://lists.centos.org/pipermail/centos-announce/2020-June/048084.html\n\n**Affected packages:**\nunbound\nunbound-devel\nunbound-libs\nunbound-python\n\n**Upstream details at:**\n", "edition": 2, "modified": "2020-06-09T17:13:01", "published": "2020-06-09T15:58:30", "id": "CESA-2020:2414", "href": "http://lists.centos.org/pipermail/centos-announce/2020-June/035750.html", "title": "unbound security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-23T23:26:51", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-10772"], "description": "**CentOS Errata and Security Advisory** CESA-2020:2642\n\n\nThe unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: incomplete fix for CVE-2020-12662 in RHEL7 (CVE-2020-10772)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2020-June/035766.html\n\n**Affected packages:**\nunbound\nunbound-devel\nunbound-libs\nunbound-python\n\n**Upstream details at:**\n", "edition": 1, "modified": "2020-06-23T19:42:44", "published": "2020-06-23T19:42:44", "id": "CESA-2020:2642", "href": "http://lists.centos.org/pipermail/centos-announce/2020-June/035766.html", "title": "unbound security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:35:06", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Unbound \nincorrectly handled certain queries. A remote attacker could use this issue \nto perform an amplification attack directed at a target. (CVE-2020-12662)\n\nIt was discovered that Unbound incorrectly handled certain malformed \nanswers. A remote attacker could possibly use this issue to cause Unbound \nto crash, resulting in a denial of service. (CVE-2020-12663)", "edition": 2, "modified": "2020-05-27T00:00:00", "published": "2020-05-27T00:00:00", "id": "USN-4374-1", "href": "https://ubuntu.com/security/notices/USN-4374-1", "title": "Unbound vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:35:45", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "**Issue Overview:**\n\nA network amplification vulnerability was found in Unbound, in the way it processes delegation messages from one authoritative zone to another. This flaw allows an attacker to cause a denial of service or be part of an attack against another DNS server when Unbound is deployed as a recursive resolver or authoritative name server.([CVE-2020-12662 __](<https://access.redhat.com/security/cve/CVE-2020-12662>))\n\nUnbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.([CVE-2020-12663 __](<https://access.redhat.com/security/cve/CVE-2020-12663>))\n\n \n**Affected Packages:** \n\n\nunbound\n\n \n**Issue Correction:** \nRun _yum update unbound_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n unbound-1.6.6-1.5.amzn1.i686 \n unbound-libs-1.6.6-1.5.amzn1.i686 \n unbound-debuginfo-1.6.6-1.5.amzn1.i686 \n unbound-devel-1.6.6-1.5.amzn1.i686 \n unbound-python-1.6.6-1.5.amzn1.i686 \n \n src: \n unbound-1.6.6-1.5.amzn1.src \n \n x86_64: \n unbound-devel-1.6.6-1.5.amzn1.x86_64 \n unbound-debuginfo-1.6.6-1.5.amzn1.x86_64 \n unbound-libs-1.6.6-1.5.amzn1.x86_64 \n unbound-python-1.6.6-1.5.amzn1.x86_64 \n unbound-1.6.6-1.5.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2020-05-22T20:58:00", "published": "2020-05-22T20:58:00", "id": "ALAS-2020-1373", "href": "https://alas.aws.amazon.com/ALAS-2020-1373.html", "title": "Important: unbound", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-10T12:34:50", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "**Issue Overview:**\n\ninfinite loop via malformed DNS answers received from upstream servers ([CVE-2020-12663 __](<https://access.redhat.com/security/cve/CVE-2020-12663>))\n\n \ninsufficient control of network message volume leads to DoS ([CVE-2020-12662 __](<https://access.redhat.com/security/cve/CVE-2020-12662>)) \n\n\n \n**Affected Packages:** \n\n\nunbound\n\n \n**Issue Correction:** \nRun _yum update unbound_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n unbound-1.6.6-1.amzn2.0.3.aarch64 \n unbound-devel-1.6.6-1.amzn2.0.3.aarch64 \n unbound-libs-1.6.6-1.amzn2.0.3.aarch64 \n unbound-python-1.6.6-1.amzn2.0.3.aarch64 \n unbound-debuginfo-1.6.6-1.amzn2.0.3.aarch64 \n \n i686: \n unbound-1.6.6-1.amzn2.0.3.i686 \n unbound-devel-1.6.6-1.amzn2.0.3.i686 \n unbound-libs-1.6.6-1.amzn2.0.3.i686 \n unbound-python-1.6.6-1.amzn2.0.3.i686 \n unbound-debuginfo-1.6.6-1.amzn2.0.3.i686 \n \n src: \n unbound-1.6.6-1.amzn2.0.3.src \n \n x86_64: \n unbound-1.6.6-1.amzn2.0.3.x86_64 \n unbound-devel-1.6.6-1.amzn2.0.3.x86_64 \n unbound-libs-1.6.6-1.amzn2.0.3.x86_64 \n unbound-python-1.6.6-1.amzn2.0.3.x86_64 \n unbound-debuginfo-1.6.6-1.amzn2.0.3.x86_64 \n \n \n", "edition": 1, "modified": "2020-05-19T18:32:00", "published": "2020-05-19T18:32:00", "id": "ALAS2-2020-1430", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1430.html", "title": "Important: unbound", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-10T12:37:30", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-10772"], "description": "**Issue Overview:**\n\nAn incomplete fix for [CVE-2020-12662 __](<https://access.redhat.com/security/cve/CVE-2020-12662>) was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum [RHSA-2020-2414 __](<https://rhn.redhat.com/errata/RHSA-2020-2414.html>). Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification ratio compared to versions of Unbound that shipped before the mentioned erratum. This issue is about the incomplete fix for [CVE-2020-12662 __](<https://access.redhat.com/security/cve/CVE-2020-12662>), and it does not affect upstream versions of Unbound. ([CVE-2020-10772 __](<https://access.redhat.com/security/cve/CVE-2020-10772>))\n\n \n**Affected Packages:** \n\n\nunbound\n\n \n**Issue Correction:** \nRun _yum update unbound_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n unbound-1.6.6-5.amzn2.aarch64 \n unbound-devel-1.6.6-5.amzn2.aarch64 \n unbound-libs-1.6.6-5.amzn2.aarch64 \n unbound-python-1.6.6-5.amzn2.aarch64 \n unbound-debuginfo-1.6.6-5.amzn2.aarch64 \n \n i686: \n unbound-1.6.6-5.amzn2.i686 \n unbound-devel-1.6.6-5.amzn2.i686 \n unbound-libs-1.6.6-5.amzn2.i686 \n unbound-python-1.6.6-5.amzn2.i686 \n unbound-debuginfo-1.6.6-5.amzn2.i686 \n \n src: \n unbound-1.6.6-5.amzn2.src \n \n x86_64: \n unbound-1.6.6-5.amzn2.x86_64 \n unbound-devel-1.6.6-5.amzn2.x86_64 \n unbound-libs-1.6.6-5.amzn2.x86_64 \n unbound-python-1.6.6-5.amzn2.x86_64 \n unbound-debuginfo-1.6.6-5.amzn2.x86_64 \n \n \n", "edition": 1, "modified": "2020-07-14T02:51:00", "published": "2020-07-14T02:51:00", "id": "ALAS2-2020-1463", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1463.html", "title": "Important: unbound", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2020-07-10T09:25:09", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "\nNLNetLabs reports:\n\nThis release fixes CVE-2020-12662 and CVE-2020-12663.\nBug Fixes:\n\nCVE-2020-12662 Unbound can be tricked into\n\t amplifying an incoming query into a large\n\t number of queries directed to a target.\nCVE-2020-12663 Malformed answers from\n\t upstream name servers can be used to make\n\t Unbound unresponsive.\n\n\n", "edition": 3, "modified": "2020-07-10T00:00:00", "published": "2020-05-19T00:00:00", "id": "A2CB7C31-9C79-11EA-A9C2-D05099C0AE8C", "href": "https://vuxml.freebsd.org/freebsd/a2cb7c31-9c79-11ea-a9c2-d05099c0ae8c.html", "title": "unbound -- mutliple vulnerabilities", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "Unbound is a validating, recursive, and caching DNS(SEC) resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular components, so that also DNSSEC (secure DNS) validation and stub-resolvers (that do not run as a server, but are linked into an application) are easily possible. ", "modified": "2020-05-24T03:30:06", "published": "2020-05-24T03:30:06", "id": "FEDORA:C558F604E908", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: unbound-1.10.1-1.fc32", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "Unbound is a validating, recursive, and caching DNS(SEC) resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular components, so that also DNSSEC (secure DNS) validation and stub-resolvers (that do not run as a server, but are linked into an application) are easily possible. ", "modified": "2020-05-28T02:01:05", "published": "2020-05-28T02:01:05", "id": "FEDORA:895F26075DA0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: unbound-1.10.1-1.fc31", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2020-11-19T05:31:33", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2418 advisory.\n\n - unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n - unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 4, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-06-08T00:00:00", "title": "RHEL 8 : unbound (RHSA-2020:2418)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "modified": "2020-06-08T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:unbound-debugsource", "p-cpe:/a:redhat:enterprise_linux:unbound-devel", "p-cpe:/a:redhat:enterprise_linux:unbound", "p-cpe:/a:redhat:enterprise_linux:unbound-libs", "p-cpe:/a:redhat:enterprise_linux:python3-unbound", "cpe:/a:redhat:rhel_e4s:8.0::appstream", "cpe:/o:redhat:rhel_e4s:8.0"], "id": "REDHAT-RHSA-2020-2418.NASL", "href": "https://www.tenable.com/plugins/nessus/137236", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2418. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137236);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/18\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_xref(name:\"RHSA\", value:\"2020:2418\");\n\n script_name(english:\"RHEL 8 : unbound (RHSA-2020:2418)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2418 advisory.\n\n - unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n - unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/406.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/835.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-12662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-12663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2418\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1837597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1837604\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(20, 400, 406, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_e4s:8.0::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-libs\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'rhel_e4s_8_0_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:2418');\n}\n\npkgs = [\n {'reference':'python3-unbound-1.7.3-9.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'python3-unbound-1.7.3-9.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'python3-unbound-1.7.3-9.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-1.7.3-9.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-1.7.3-9.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-1.7.3-9.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-debugsource-1.7.3-9.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-debugsource-1.7.3-9.el8_0', 'cpu':'i686', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-debugsource-1.7.3-9.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-debugsource-1.7.3-9.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-devel-1.7.3-9.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-devel-1.7.3-9.el8_0', 'cpu':'i686', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-devel-1.7.3-9.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-devel-1.7.3-9.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-libs-1.7.3-9.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-libs-1.7.3-9.el8_0', 'cpu':'i686', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-libs-1.7.3-9.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'unbound-libs-1.7.3-9.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-unbound / unbound / unbound-debugsource / unbound-devel / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-06T09:25:00", "description": "Two vulnerabiliites have been discovered in Unbound, a recursive-only\ncaching DNS server; a traffic amplification attack against third-party\nauthoritative name servers (NXNSAttack) and insufficient sanitisation\nof replies from upstream servers could result in denial of service via\nan infinite loop.\n\nThe version of Unbound in the oldstable distribution (stretch) is no\nlonger supported. If these security issues affect your setup, you\nshould upgrade to the stable distribution (buster).", "edition": 2, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-28T00:00:00", "title": "Debian DSA-4694-1 : unbound - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "modified": "2020-05-28T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:unbound", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4694.NASL", "href": "https://www.tenable.com/plugins/nessus/136933", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4694. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136933);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/05\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_xref(name:\"DSA\", value:\"4694\");\n\n script_name(english:\"Debian DSA-4694-1 : unbound - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Two vulnerabiliites have been discovered in Unbound, a recursive-only\ncaching DNS server; a traffic amplification attack against third-party\nauthoritative name servers (NXNSAttack) and insufficient sanitisation\nof replies from upstream servers could result in denial of service via\nan infinite loop.\n\nThe version of Unbound in the oldstable distribution (stretch) is no\nlonger supported. If these security issues affect your setup, you\nshould upgrade to the stable distribution (buster).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/unbound\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/unbound\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4694\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the unbound packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 1.9.0-2+deb10u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libunbound-dev\", reference:\"1.9.0-2+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libunbound8\", reference:\"1.9.0-2+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"python-unbound\", reference:\"1.9.0-2+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"python3-unbound\", reference:\"1.9.0-2+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"unbound\", reference:\"1.9.0-2+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"unbound-anchor\", reference:\"1.9.0-2+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"unbound-host\", reference:\"1.9.0-2+deb10u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-18T11:05:09", "description": "Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that\nUnbound incorrectly handled certain queries. A remote attacker could\nuse this issue to perform an amplification attack directed at a\ntarget. (CVE-2020-12662)\n\nIt was discovered that Unbound incorrectly handled certain malformed\nanswers. A remote attacker could possibly use this issue to cause\nUnbound to crash, resulting in a denial of service. (CVE-2020-12663).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 3, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-28T00:00:00", "title": "Ubuntu 18.04 LTS / 19.10 / 20.04 : Unbound vulnerabilities (USN-4374-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "modified": "2020-05-28T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04", "p-cpe:/a:canonical:ubuntu_linux:libunbound2", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libunbound8", "cpe:/o:canonical:ubuntu_linux:19.10", "p-cpe:/a:canonical:ubuntu_linux:unbound"], "id": "UBUNTU_USN-4374-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136943", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4374-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136943);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_xref(name:\"USN\", value:\"4374-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 19.10 / 20.04 : Unbound vulnerabilities (USN-4374-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that\nUnbound incorrectly handled certain queries. A remote attacker could\nuse this issue to perform an amplification attack directed at a\ntarget. (CVE-2020-12662)\n\nIt was discovered that Unbound incorrectly handled certain malformed\nanswers. A remote attacker could possibly use this issue to cause\nUnbound to crash, resulting in a denial of service. (CVE-2020-12663).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4374-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected libunbound2, libunbound8 and / or unbound\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libunbound2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libunbound8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|19\\.10|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 19.10 / 20.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libunbound2\", pkgver:\"1.6.7-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"unbound\", pkgver:\"1.6.7-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"libunbound8\", pkgver:\"1.9.0-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"unbound\", pkgver:\"1.9.0-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"libunbound8\", pkgver:\"1.9.4-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"unbound\", pkgver:\"1.9.4-2ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libunbound2 / libunbound8 / unbound\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T09:05:38", "description": "According to the versions of the unbound packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Unbound before 1.10.1 has Insufficient Control of\n Network Message Volume, aka an 'NXNSAttack' issue. This\n is triggered by random subdomains in the NSDNAME in NS\n records.(CVE-2020-12662)\n\n - Unbound before 1.10.1 has an infinite loop via\n malformed DNS answers received from upstream\n servers.(CVE-2020-12663)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 5, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-30T00:00:00", "title": "EulerOS 2.0 SP8 : unbound (EulerOS-SA-2020-1830)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "modified": "2020-07-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:unbound", "p-cpe:/a:huawei:euleros:unbound-libs", "p-cpe:/a:huawei:euleros:python3-unbound", "p-cpe:/a:huawei:euleros:python2-unbound", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1830.NASL", "href": "https://www.tenable.com/plugins/nessus/139160", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139160);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-12662\",\n \"CVE-2020-12663\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : unbound (EulerOS-SA-2020-1830)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the unbound packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Unbound before 1.10.1 has Insufficient Control of\n Network Message Volume, aka an 'NXNSAttack' issue. This\n is triggered by random subdomains in the NSDNAME in NS\n records.(CVE-2020-12662)\n\n - Unbound before 1.10.1 has an infinite loop via\n malformed DNS answers received from upstream\n servers.(CVE-2020-12663)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1830\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1e4f8cec\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected unbound packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:unbound-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python2-unbound-1.7.3-9.h3.eulerosv2r8\",\n \"python3-unbound-1.7.3-9.h3.eulerosv2r8\",\n \"unbound-1.7.3-9.h3.eulerosv2r8\",\n \"unbound-libs-1.7.3-9.h3.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"unbound\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-21T06:01:29", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2414 advisory.\n\n - unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n - unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 4, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-06-08T00:00:00", "title": "RHEL 7 : unbound (RHSA-2020:2414)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "modified": "2020-06-08T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7::server", "p-cpe:/a:redhat:enterprise_linux:unbound-devel", "p-cpe:/a:redhat:enterprise_linux:unbound", "cpe:/o:redhat:enterprise_linux:7::computenode", "p-cpe:/a:redhat:enterprise_linux:unbound-libs", "p-cpe:/a:redhat:enterprise_linux:unbound-python", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7::workstation", "cpe:/o:redhat:enterprise_linux:7::client"], "id": "REDHAT-RHSA-2020-2414.NASL", "href": "https://www.tenable.com/plugins/nessus/137204", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2414. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137204);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/19\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_xref(name:\"RHSA\", value:\"2020:2414\");\n\n script_name(english:\"RHEL 7 : unbound (RHSA-2020:2414)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2414 advisory.\n\n - unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n - unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/406.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/835.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-12662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-12663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1837597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1837604\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(20, 400, 406, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::computenode\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-python\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'enterprise_linux_7_client': [\n 'rhel-7-desktop-debug-rpms',\n 'rhel-7-desktop-fastrack-debug-rpms',\n 'rhel-7-desktop-fastrack-rpms',\n 'rhel-7-desktop-fastrack-source-rpms',\n 'rhel-7-desktop-optional-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-rpms',\n 'rhel-7-desktop-optional-fastrack-source-rpms',\n 'rhel-7-desktop-optional-rpms',\n 'rhel-7-desktop-optional-source-rpms',\n 'rhel-7-desktop-rpms',\n 'rhel-7-desktop-source-rpms'\n ],\n 'enterprise_linux_7_computenode': [\n 'rhel-7-for-hpc-node-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-fastrack-rpms',\n 'rhel-7-for-hpc-node-fastrack-source-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-source-rpms',\n 'rhel-7-hpc-node-debug-rpms',\n 'rhel-7-hpc-node-optional-debug-rpms',\n 'rhel-7-hpc-node-optional-rpms',\n 'rhel-7-hpc-node-optional-source-rpms',\n 'rhel-7-hpc-node-rpms',\n 'rhel-7-hpc-node-source-rpms'\n ],\n 'enterprise_linux_7_server': [\n 'rhel-7-for-system-z-a-debug-rpms',\n 'rhel-7-for-system-z-a-optional-debug-rpms',\n 'rhel-7-for-system-z-a-optional-rpms',\n 'rhel-7-for-system-z-a-optional-source-rpms',\n 'rhel-7-for-system-z-a-rpms',\n 'rhel-7-for-system-z-a-source-rpms',\n 'rhel-7-for-system-z-debug-rpms',\n 'rhel-7-for-system-z-fastrack-debug-rpms',\n 'rhel-7-for-system-z-fastrack-rpms',\n 'rhel-7-for-system-z-fastrack-source-rpms',\n 'rhel-7-for-system-z-optional-debug-rpms',\n 'rhel-7-for-system-z-optional-fastrack-debug-rpms',\n 'rhel-7-for-system-z-optional-fastrack-rpms',\n 'rhel-7-for-system-z-optional-fastrack-source-rpms',\n 'rhel-7-for-system-z-optional-rpms',\n 'rhel-7-for-system-z-optional-source-rpms',\n 'rhel-7-for-system-z-rpms',\n 'rhel-7-for-system-z-source-rpms',\n 'rhel-7-server-debug-rpms',\n 'rhel-7-server-fastrack-debug-rpms',\n 'rhel-7-server-fastrack-rpms',\n 'rhel-7-server-fastrack-source-rpms',\n 'rhel-7-server-optional-debug-rpms',\n 'rhel-7-server-optional-fastrack-debug-rpms',\n 'rhel-7-server-optional-fastrack-rpms',\n 'rhel-7-server-optional-fastrack-source-rpms',\n 'rhel-7-server-optional-rpms',\n 'rhel-7-server-optional-source-rpms',\n 'rhel-7-server-rpms',\n 'rhel-7-server-source-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-debug-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-source-rpms',\n 'rhel-ha-for-rhel-7-server-debug-rpms',\n 'rhel-ha-for-rhel-7-server-rpms',\n 'rhel-ha-for-rhel-7-server-source-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-debug-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-source-rpms',\n 'rhel-rs-for-rhel-7-server-debug-rpms',\n 'rhel-rs-for-rhel-7-server-rpms',\n 'rhel-rs-for-rhel-7-server-source-rpms'\n ],\n 'enterprise_linux_7_workstation': [\n 'rhel-7-workstation-debug-rpms',\n 'rhel-7-workstation-fastrack-debug-rpms',\n 'rhel-7-workstation-fastrack-rpms',\n 'rhel-7-workstation-fastrack-source-rpms',\n 'rhel-7-workstation-optional-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-rpms',\n 'rhel-7-workstation-optional-fastrack-source-rpms',\n 'rhel-7-workstation-optional-rpms',\n 'rhel-7-workstation-optional-source-rpms',\n 'rhel-7-workstation-rpms',\n 'rhel-7-workstation-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:2414');\n}\n\npkgs = [\n {'reference':'unbound-1.6.6-4.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-1.6.6-4.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-devel-1.6.6-4.el7_8', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-devel-1.6.6-4.el7_8', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-devel-1.6.6-4.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-devel-1.6.6-4.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-libs-1.6.6-4.el7_8', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-libs-1.6.6-4.el7_8', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-libs-1.6.6-4.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-libs-1.6.6-4.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-python-1.6.6-4.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'unbound-python-1.6.6-4.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'unbound / unbound-devel / unbound-libs / unbound-python');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-19T05:31:33", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2419 advisory.\n\n - unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n - unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 4, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-06-08T00:00:00", "title": "RHEL 8 : unbound (RHSA-2020:2419)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "modified": "2020-06-08T00:00:00", "cpe": ["cpe:/o:redhat:rhel_eus:8.1", "cpe:/a:redhat:rhel_eus:8.1::appstream", "p-cpe:/a:redhat:enterprise_linux:unbound-debugsource", "p-cpe:/a:redhat:enterprise_linux:unbound-devel", "p-cpe:/a:redhat:enterprise_linux:unbound", "p-cpe:/a:redhat:enterprise_linux:unbound-libs", "cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:python3-unbound", "cpe:/a:redhat:rhel_e4s:8.1::appstream"], "id": "REDHAT-RHSA-2020-2419.NASL", "href": "https://www.tenable.com/plugins/nessus/137239", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2419. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137239);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/18\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_xref(name:\"RHSA\", value:\"2020:2419\");\n\n script_name(english:\"RHEL 8 : unbound (RHSA-2020:2419)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2419 advisory.\n\n - unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n - unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/406.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/835.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-12662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-12663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2419\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1837597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1837604\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(20, 400, 406, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_e4s:8.1::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_eus:8.1::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-libs\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'rhel_e4s_8_1_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms'\n ],\n 'rhel_eus_8_1_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:2419');\n}\n\npkgs = [\n {'reference':'python3-unbound-1.7.3-9.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'python3-unbound-1.7.3-9.el8_1', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'python3-unbound-1.7.3-9.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-1.7.3-9.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-1.7.3-9.el8_1', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-1.7.3-9.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-debugsource-1.7.3-9.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-debugsource-1.7.3-9.el8_1', 'sp':'1', 'cpu':'i686', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-debugsource-1.7.3-9.el8_1', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-debugsource-1.7.3-9.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-devel-1.7.3-9.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-devel-1.7.3-9.el8_1', 'sp':'1', 'cpu':'i686', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-devel-1.7.3-9.el8_1', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-devel-1.7.3-9.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-libs-1.7.3-9.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-libs-1.7.3-9.el8_1', 'sp':'1', 'cpu':'i686', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-libs-1.7.3-9.el8_1', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']},\n {'reference':'unbound-libs-1.7.3-9.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_eus_8_1_appstream']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-unbound / unbound / unbound-debugsource / unbound-devel / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-15T09:59:34", "description": "CVE-2020-12662\n\nUnbound before 1.10.1 has Insufficient Control of Network Message\nVolume, aka an 'NXNSAttack' issue. This is triggered by random\nsubdomains in the NSDNAME in NS records.\n\nCVE-2020-12663 Unbound before 1.10.1 has an infinite loop via\nmalformed DNS answers received from upstream servers.\n\nImpact\n\nThere are three types of DNS cache configurations available on the\nBIG-IP system: a transparent cache, a resolver cache, and a validating\nresolver cache. Only BIG-IP systems licensed for DNS services and\nusing the DNS Cache feature are vulnerable.\n\nNotes :\n\nThe DNS Cache feature is available only when you licensethe BIG-IP\nsystemfor DNS Services, but you do NOT have to provisionthe BIG-IP GTM\nor BIG-IP DNS moduleon your BIG-IP system.\n\nStarting with BIG-IP 12.0.0, F5 renamed BIG-IP GTM to BIG-IP DNS.\n\nDNS Express does not use Unbound and is not vulnerable to either\nCVE-2020-12662 or CVE-2020-12663.\n\nCVE-2020-12662\n\nWhen the DNS Cache feature is enabled on the BIG-IP system, an\nattacker may exploit this vulnerability to generate a large number of\ncommunications between the BIG-IP system and the victim's\nauthoritative DNS server to cause a denial-of-service (DoS) attack.\n\nNote : For more information about NXNSAttack, refer to the NXNSAttack\nresearch paper.\n\nCVE-2020-12663\n\nA remote attacker may be able to perform a DoS attack on a DNS cache\nconfigured on the BIG-IP system by causing Unbound to become\nunresponsive.", "edition": 6, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-09T00:00:00", "title": "F5 Networks BIG-IP : Unbound DNS Cache vulnerabilities (K37661551)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "modified": "2020-07-09T00:00:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL37661551.NASL", "href": "https://www.tenable.com/plugins/nessus/138233", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K37661551.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138233);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/14\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n\n script_name(english:\"F5 Networks BIG-IP : Unbound DNS Cache vulnerabilities (K37661551)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"CVE-2020-12662\n\nUnbound before 1.10.1 has Insufficient Control of Network Message\nVolume, aka an 'NXNSAttack' issue. This is triggered by random\nsubdomains in the NSDNAME in NS records.\n\nCVE-2020-12663 Unbound before 1.10.1 has an infinite loop via\nmalformed DNS answers received from upstream servers.\n\nImpact\n\nThere are three types of DNS cache configurations available on the\nBIG-IP system: a transparent cache, a resolver cache, and a validating\nresolver cache. Only BIG-IP systems licensed for DNS services and\nusing the DNS Cache feature are vulnerable.\n\nNotes :\n\nThe DNS Cache feature is available only when you licensethe BIG-IP\nsystemfor DNS Services, but you do NOT have to provisionthe BIG-IP GTM\nor BIG-IP DNS moduleon your BIG-IP system.\n\nStarting with BIG-IP 12.0.0, F5 renamed BIG-IP GTM to BIG-IP DNS.\n\nDNS Express does not use Unbound and is not vulnerable to either\nCVE-2020-12662 or CVE-2020-12663.\n\nCVE-2020-12662\n\nWhen the DNS Cache feature is enabled on the BIG-IP system, an\nattacker may exploit this vulnerability to generate a large number of\ncommunications between the BIG-IP system and the victim's\nauthoritative DNS server to cause a denial-of-service (DoS) attack.\n\nNote : For more information about NXNSAttack, refer to the NXNSAttack\nresearch paper.\n\nCVE-2020-12663\n\nA remote attacker may be able to perform a DoS attack on a DNS cache\nconfigured on the BIG-IP system by causing Unbound to become\nunresponsive.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nxnsattack.com/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K37661551\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K37661551.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K37661551\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.6.1-11.6.5\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"14.1.2.7\",\"13.1.3.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running the affected module GTM\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-11T02:09:24", "description": "NLNetLabs reports :\n\nThis release fixes CVE-2020-12662 and CVE-2020-12663.\n\nBug Fixes :\n\n- CVE-2020-12662 Unbound can be tricked into amplifying an incoming\nquery into a large number of queries directed to a target.\n\n- CVE-2020-12663 Malformed answers from upstream name servers can be\nused to make Unbound unresponsive.", "edition": 2, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-26T00:00:00", "title": "FreeBSD : unbound -- mutliple vulnerabilities (a2cb7c31-9c79-11ea-a9c2-d05099c0ae8c)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "modified": "2020-05-26T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:unbound", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_A2CB7C319C7911EAA9C2D05099C0AE8C.NASL", "href": "https://www.tenable.com/plugins/nessus/136852", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136852);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/10\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_xref(name:\"FreeBSD\", value:\"SA-20:19.unbound\");\n\n script_name(english:\"FreeBSD : unbound -- mutliple vulnerabilities (a2cb7c31-9c79-11ea-a9c2-d05099c0ae8c)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"NLNetLabs reports :\n\nThis release fixes CVE-2020-12662 and CVE-2020-12663.\n\nBug Fixes :\n\n- CVE-2020-12662 Unbound can be tricked into amplifying an incoming\nquery into a large number of queries directed to a target.\n\n- CVE-2020-12663 Malformed answers from upstream name servers can be\nused to make Unbound unresponsive.\"\n );\n # https://lists.nlnetlabs.nl/pipermail/unbound-users/2020-May/006833.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?39e1a370\"\n );\n # https://vuxml.freebsd.org/freebsd/a2cb7c31-9c79-11ea-a9c2-d05099c0ae8c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?419b6b8d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"unbound<1.10.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-18T08:55:12", "description": "An update of the unbound package has been released.", "edition": 2, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-06-11T00:00:00", "title": "Photon OS 2.0: Unbound PHSA-2020-2.0-0246", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "modified": "2020-06-11T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:unbound", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2020-2_0-0246_UNBOUND.NASL", "href": "https://www.tenable.com/plugins/nessus/137329", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-2.0-0246. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137329);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/17\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n\n script_name(english:\"Photon OS 2.0: Unbound PHSA-2020-2.0-0246\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the unbound package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-246.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"unbound-1.6.8-2.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"unbound-devel-1.6.8-2.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"unbound-docs-1.6.8-2.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"unbound\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-19T05:31:33", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2416 advisory.\n\n - unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n - unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 4, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-06-08T00:00:00", "title": "RHEL 8 : unbound (RHSA-2020:2416)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "modified": "2020-06-08T00:00:00", "cpe": ["cpe:/o:redhat:rhel_tus:8.2", "cpe:/a:redhat:rhel_e4s:8.2::appstream", "p-cpe:/a:redhat:enterprise_linux:unbound-debugsource", "cpe:/o:redhat:rhel_eus:8.4", "p-cpe:/a:redhat:enterprise_linux:unbound-devel", "p-cpe:/a:redhat:enterprise_linux:unbound", "cpe:/a:redhat:rhel_eus:8.4::appstream", "p-cpe:/a:redhat:enterprise_linux:unbound-libs", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/a:redhat:rhel_tus:8.2::appstream", "p-cpe:/a:redhat:enterprise_linux:python3-unbound", "cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/a:redhat:rhel_eus:8.2::appstream"], "id": "REDHAT-RHSA-2020-2416.NASL", "href": "https://www.tenable.com/plugins/nessus/137238", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2416. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137238);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/18\");\n\n script_cve_id(\"CVE-2020-12662\", \"CVE-2020-12663\");\n script_xref(name:\"RHSA\", value:\"2020:2416\");\n\n script_name(english:\"RHEL 8 : unbound (RHSA-2020:2416)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2416 advisory.\n\n - unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)\n\n - unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/406.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/835.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-12662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-12663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2416\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1837597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1837604\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(20, 400, 406, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:enterprise_linux:8::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_aus:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_e4s:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_eus:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_eus:8.4::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_tus:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:unbound-libs\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:2416');\n}\n\npkgs = [\n {'reference':'python3-unbound-1.7.3-11.el8_2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'python3-unbound-1.7.3-11.el8_2', 'cpu':'s390x', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'python3-unbound-1.7.3-11.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-1.7.3-11.el8_2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-1.7.3-11.el8_2', 'cpu':'s390x', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-1.7.3-11.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-debugsource-1.7.3-11.el8_2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-debugsource-1.7.3-11.el8_2', 'cpu':'i686', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-debugsource-1.7.3-11.el8_2', 'cpu':'s390x', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-debugsource-1.7.3-11.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-devel-1.7.3-11.el8_2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-devel-1.7.3-11.el8_2', 'cpu':'i686', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-devel-1.7.3-11.el8_2', 'cpu':'s390x', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-devel-1.7.3-11.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-libs-1.7.3-11.el8_2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-libs-1.7.3-11.el8_2', 'cpu':'i686', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-libs-1.7.3-11.el8_2', 'cpu':'s390x', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'unbound-libs-1.7.3-11.el8_2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-unbound / unbound / unbound-debugsource / unbound-devel / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cloudfoundry": [{"lastseen": "2020-06-25T01:24:15", "bulletinFamily": "software", "cvelist": ["CVE-2020-12662", "CVE-2020-12663"], "description": "# \n\n## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 18.04\n\n## Description\n\nLior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Unbound incorrectly handled certain queries. A remote attacker could use this issue to perform an amplification attack directed at a target. (CVE-2020-12662)\n\nIt was discovered that Unbound incorrectly handled certain malformed answers. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. (CVE-2020-12663)\n\nCVEs contained in this USN include: CVE-2020-12662, CVE-2020-12663.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * cflinuxfs3 \n * All versions prior to 0.188.0\n * CF Deployment \n * All versions prior to v13.5.0\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * cflinuxfs3 \n * Upgrade All versions to 0.188.0 or greater\n * CF Deployment \n * Upgrade All versions to v13.5.0 or greater\n\n## References\n\n * [USN Notice](<https://usn.ubuntu.com/4374-1/>)\n * [CVE-2020-12662](<https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12662>)\n * [CVE-2020-12663](<https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12663>)\n\n## History\n\n2020-05-27: Initial vulnerability report published.\n", "edition": 1, "modified": "2020-06-24T00:00:00", "published": "2020-06-24T00:00:00", "id": "CFOUNDRY:9100A814D32D09030B2A8287AFAFD828", "href": "https://www.cloudfoundry.org/blog/usn-4374-1/", "title": "USN-4374-1: Unbound vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2020-06-30T01:23:54", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18934", "CVE-2020-12662", "CVE-2020-12663"], "description": "This update for unbound fixes the following issues:\n\n - CVE-2020-12662: Fixed an issue where unbound could have been tricked\n into amplifying an incoming query into a large number of queries\n directed to a target (bsc#1171889).\n - CVE-2020-12663: Fixed an issue where malformed answers from upstream\n name servers could have been used to make unbound unresponsive\n (bsc#1171889).\n - CVE-2019-18934: Fixed a vulnerability in the IPSec module which could\n have allowed code execution after receiving a special crafted answer\n (bsc#1157268).\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n", "edition": 1, "modified": "2020-06-30T00:17:29", "published": "2020-06-30T00:17:29", "id": "OPENSUSE-SU-2020:0912-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html", "title": "Security update for unbound (important)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-30T01:23:54", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18934", "CVE-2020-12662", "CVE-2020-12663"], "description": "This update for unbound fixes the following issues:\n\n - CVE-2020-12662: Fixed an issue where unbound could have been tricked\n into amplifying an incoming query into a large number of queries\n directed to a target (bsc#1171889).\n - CVE-2020-12663: Fixed an issue where malformed answers from upstream\n name servers could have been used to make unbound unresponsive\n (bsc#1171889).\n - CVE-2019-18934: Fixed a vulnerability in the IPSec module which could\n have allowed code execution after receiving a special crafted answer\n (bsc#1157268).\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n", "edition": 1, "modified": "2020-06-30T00:15:53", "published": "2020-06-30T00:15:53", "id": "OPENSUSE-SU-2020:0913-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html", "title": "Security update for unbound (important)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
