Search...

Debian DSA-2008-1 : typo3-src - several vulnerabilities

2010-03-09T00:00:00

ID DEBIAN_DSA-2008.NASL
Type nessus
Reporter Tenable
Modified 2018-11-10T00:00:00

Description

Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2008. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include("compat.inc");

if (description)
{
  script_id(45008);
  script_version("1.7");
  script_cvs_date("Date: 2018/11/10 11:49:34");

  script_xref(name:"DSA", value:"2008");

  script_name(english:"Debian DSA-2008-1 : typo3-src - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several remote vulnerabilities have been discovered in the TYPO3 web
content management framework: Cross-site scripting vulnerabilities
have been discovered in both the frontend and the backend. Also, user
data could be leaked. More details can be found in the Typo3 security
advisory."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2010/dsa-2008"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the typo3-src package.

For the stable distribution (lenny), these problems have been fixed in
version 4.2.5-1+lenny3.

For the upcoming stable distribution (squeeze) and the unstable
distribution (sid), these problems have been fixed in version 4.3.2-1."
  );
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:typo3-src");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/03/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/09");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"5.0", prefix:"typo3", reference:"4.2.5-1+lenny3")) flag++;
if (deb_check(release:"5.0", prefix:"typo3-src-4.2", reference:"4.2.5-1+lenny3")) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "DEBIAN_DSA-2008.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-2008-1 : typo3-src - several vulnerabilities", "description": "Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory.", "published": "2010-03-09T00:00:00", "modified": "2018-11-10T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=45008", "reporter": "Tenable", "references": ["http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/", "https://www.debian.org/security/2010/dsa-2008", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151"], "cvelist": [], "type": "nessus", "lastseen": "2018-11-11T12:59:08", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory.", "edition": 1, "enchantments": {}, "hash": "7cd25b61f77c7c4d385adc5c960a4b953b15e407474e9a13ea40b2f78873a7a6", "hashmap": [{"hash": "69282fd6ae1442c4101b6fe4d2f122af", "key": "title"}, {"hash": "36379b3d8f0b7301d78a61860825d375", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "668a78f14dc6e662fec0a67ac451bd78", "key": "published"}, {"hash": "b816130e1431fcf42ec895b272d975bd", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d4b24d71ad02b4c4e82b4c7f1f598b05", "key": "references"}, {"hash": "f796fc42d2f31cacb127271b6ffa5d4b", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "0c162ebcde94679e506b2b0ee3e72fd2", "key": "modified"}, {"hash": "407cd3fa222d8ff91f0d8d1fbebdbb41", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=45008", "id": "DEBIAN_DSA-2008.NASL", "lastseen": "2016-09-26T17:25:40", "modified": "2013-05-17T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.2", "pluginID": "45008", "published": "2010-03-09T00:00:00", "references": ["http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/", "http://www.debian.org/security/2010/dsa-2008", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2008. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45008);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2013/05/17 23:54:24 $\");\n\n script_osvdb_id(62553, 62554, 62555, 62556);\n script_xref(name:\"DSA\", value:\"2008\");\n\n script_name(english:\"Debian DSA-2008-1 : typo3-src - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the TYPO3 web\ncontent management framework: Cross-site scripting vulnerabilities\nhave been discovered in both the frontend and the backend. Also, user\ndata could be leaked. More details can be found in the Typo3 security\nadvisory.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2008\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the typo3-src package.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4.2.5-1+lenny3.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version 4.3.2-1.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:typo3-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"typo3\", reference:\"4.2.5-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"typo3-src-4.2\", reference:\"4.2.5-1+lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-2008-1 : typo3-src - several vulnerabilities", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:25:40"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:typo3-src", "cpe:/o:debian:debian_linux:5.0"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory.", "edition": 3, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "71b48291d5282b304ee84531f40a3b7f7c9a8d47830c6ef5e8bcd7e45b6ed396", "hashmap": [{"hash": "69282fd6ae1442c4101b6fe4d2f122af", "key": "title"}, {"hash": "36379b3d8f0b7301d78a61860825d375", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "668a78f14dc6e662fec0a67ac451bd78", "key": "published"}, {"hash": "b816130e1431fcf42ec895b272d975bd", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "a03d359fb0b4e439f50091cee1f89df6", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "59d7cae33110e27013fc3d1ed9641897", "key": "cpe"}, {"hash": "d4b24d71ad02b4c4e82b4c7f1f598b05", "key": "references"}, {"hash": "e9b396bc0d6cc984264218c89d05f79c", "key": "sourceData"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "407cd3fa222d8ff91f0d8d1fbebdbb41", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=45008", "id": "DEBIAN_DSA-2008.NASL", "lastseen": "2018-08-10T17:23:09", "modified": "2018-08-09T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "45008", "published": "2010-03-09T00:00:00", "references": ["http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/", "http://www.debian.org/security/2010/dsa-2008", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2008. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45008);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/08/09 17:06:37\");\n\n script_xref(name:\"DSA\", value:\"2008\");\n\n script_name(english:\"Debian DSA-2008-1 : typo3-src - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the TYPO3 web\ncontent management framework: Cross-site scripting vulnerabilities\nhave been discovered in both the frontend and the backend. Also, user\ndata could be leaked. More details can be found in the Typo3 security\nadvisory.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2008\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the typo3-src package.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4.2.5-1+lenny3.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version 4.3.2-1.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:typo3-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"typo3\", reference:\"4.2.5-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"typo3-src-4.2\", reference:\"4.2.5-1+lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-2008-1 : typo3-src - several vulnerabilities", "type": "nessus", "viewCount": 0}, "differentElements": ["sourceData"], "edition": 3, "lastseen": "2018-08-10T17:23:09"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:typo3-src", "cpe:/o:debian:debian_linux:5.0"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory.", "edition": 4, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "03b7f7bc70c954eaded8e0b7fcfca2378d2b28b97e5e780bbab0f58143134563", "hashmap": [{"hash": "69282fd6ae1442c4101b6fe4d2f122af", "key": "title"}, {"hash": "36379b3d8f0b7301d78a61860825d375", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "be7a5bc12e6e5cd34822770c01dabcd2", "key": "sourceData"}, {"hash": "668a78f14dc6e662fec0a67ac451bd78", "key": "published"}, {"hash": "b816130e1431fcf42ec895b272d975bd", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "a03d359fb0b4e439f50091cee1f89df6", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "59d7cae33110e27013fc3d1ed9641897", "key": "cpe"}, {"hash": "d4b24d71ad02b4c4e82b4c7f1f598b05", "key": "references"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "407cd3fa222d8ff91f0d8d1fbebdbb41", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=45008", "id": "DEBIAN_DSA-2008.NASL", "lastseen": "2018-11-11T08:36:57", "modified": "2018-08-09T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "45008", "published": "2010-03-09T00:00:00", "references": ["http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/", "http://www.debian.org/security/2010/dsa-2008", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2008. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45008);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_xref(name:\"DSA\", value:\"2008\");\n\n script_name(english:\"Debian DSA-2008-1 : typo3-src - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the TYPO3 web\ncontent management framework: Cross-site scripting vulnerabilities\nhave been discovered in both the frontend and the backend. Also, user\ndata could be leaked. More details can be found in the Typo3 security\nadvisory.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2008\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the typo3-src package.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4.2.5-1+lenny3.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version 4.3.2-1.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:typo3-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"typo3\", reference:\"4.2.5-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"typo3-src-4.2\", reference:\"4.2.5-1+lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-2008-1 : typo3-src - several vulnerabilities", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 4, "lastseen": "2018-11-11T08:36:57"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:typo3-src", "cpe:/o:debian:debian_linux:5.0"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory.", "edition": 2, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "d29545c3992d4ce0c8141dad7d75aaa010239417466ab28e2904f0979c7f862b", "hashmap": [{"hash": "69282fd6ae1442c4101b6fe4d2f122af", "key": "title"}, {"hash": "36379b3d8f0b7301d78a61860825d375", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "668a78f14dc6e662fec0a67ac451bd78", "key": "published"}, {"hash": "b816130e1431fcf42ec895b272d975bd", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "59d7cae33110e27013fc3d1ed9641897", "key": "cpe"}, {"hash": "d4b24d71ad02b4c4e82b4c7f1f598b05", "key": "references"}, {"hash": "f796fc42d2f31cacb127271b6ffa5d4b", "key": "sourceData"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "0c162ebcde94679e506b2b0ee3e72fd2", "key": "modified"}, {"hash": "407cd3fa222d8ff91f0d8d1fbebdbb41", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=45008", "id": "DEBIAN_DSA-2008.NASL", "lastseen": "2017-10-29T13:42:00", "modified": "2013-05-17T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "45008", "published": "2010-03-09T00:00:00", "references": ["http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/", "http://www.debian.org/security/2010/dsa-2008", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2008. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45008);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2013/05/17 23:54:24 $\");\n\n script_osvdb_id(62553, 62554, 62555, 62556);\n script_xref(name:\"DSA\", value:\"2008\");\n\n script_name(english:\"Debian DSA-2008-1 : typo3-src - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the TYPO3 web\ncontent management framework: Cross-site scripting vulnerabilities\nhave been discovered in both the frontend and the backend. Also, user\ndata could be leaked. More details can be found in the Typo3 security\nadvisory.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2008\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the typo3-src package.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4.2.5-1+lenny3.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version 4.3.2-1.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:typo3-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"typo3\", reference:\"4.2.5-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"typo3-src-4.2\", reference:\"4.2.5-1+lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-2008-1 : typo3-src - several vulnerabilities", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:42:00"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "59d7cae33110e27013fc3d1ed9641897"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "407cd3fa222d8ff91f0d8d1fbebdbb41"}, {"key": "href", "hash": "36379b3d8f0b7301d78a61860825d375"}, {"key": "modified", "hash": "3c764d4cf584f9ded7aa4dcca57c78ff"}, {"key": "naslFamily", "hash": "74562d71b087df9eabd0c21f99b132cc"}, {"key": "pluginID", "hash": "b816130e1431fcf42ec895b272d975bd"}, {"key": "published", "hash": "668a78f14dc6e662fec0a67ac451bd78"}, {"key": "references", "hash": "fac600960fdd0791b84079291684cd76"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "be7a5bc12e6e5cd34822770c01dabcd2"}, {"key": "title", "hash": "69282fd6ae1442c4101b6fe4d2f122af"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "be94ad3c84c4f1ff4133a8178b247412ab95b7324e94d32fc5cfe3961bf88049", "viewCount": 0, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "vulnersScore": 4.3}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2008. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45008);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_xref(name:\"DSA\", value:\"2008\");\n\n script_name(english:\"Debian DSA-2008-1 : typo3-src - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the TYPO3 web\ncontent management framework: Cross-site scripting vulnerabilities\nhave been discovered in both the frontend and the backend. Also, user\ndata could be leaked. More details can be found in the Typo3 security\nadvisory.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2008\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the typo3-src package.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4.2.5-1+lenny3.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version 4.3.2-1.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:typo3-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"typo3\", reference:\"4.2.5-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"typo3-src-4.2\", reference:\"4.2.5-1+lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "45008", "cpe": ["p-cpe:/a:debian:debian_linux:typo3-src", "cpe:/o:debian:debian_linux:5.0"]}

{"nessus": [{"lastseen": "2018-11-13T16:57:44", "references": ["https://security-tracker.debian.org/tracker/CVE-2014-9035", "https://security-tracker.debian.org/tracker/CVE-2014-9033", "https://security-tracker.debian.org/tracker/CVE-2014-9037", "https://security-tracker.debian.org/tracker/CVE-2014-9036", "https://security-tracker.debian.org/tracker/CVE-2014-9031", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770425", "https://packages.debian.org/source/wheezy/wordpress", "https://security-tracker.debian.org/tracker/CVE-2014-9034", "https://www.debian.org/security/2014/dsa-3085", "https://security-tracker.debian.org/tracker/CVE-2014-9038", "https://security-tracker.debian.org/tracker/CVE-2014-9039"], "pluginID": "79696", "description": "Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information can be found in the upstream advisory at\n\n - CVE-2014-9031 Jouko Pynnonen discovered an unauthenticated cross site scripting vulnerability (XSS) in wptexturize(), exploitable via comments or posts.\n\n - CVE-2014-9033 Cross site request forgery (CSRF) vulnerability in the password changing process, which could be used by an attacker to trick an user into changing her password.\n\n - CVE-2014-9034 Javier Nieto Arevalo and Andres Rojas Guerrero reported a potential denial of service in the way the phpass library is used to handle passwords, since no maximum password length was set.\n\n - CVE-2014-9035 John Blackbourn reported an XSS in the 'Press This' function (used for quick publishing using a browser 'bookmarklet').\n\n - CVE-2014-9036 Robert Chapin reported an XSS in the HTML filtering of CSS in posts.\n\n - CVE-2014-9037 David Anderson reported a hash comparison vulnerability for passwords stored using the old-style MD5 scheme.\n While unlikely, this could be exploited to compromise an account, if the user had not logged in after a Wordpress 2.5 update (uploaded to Debian on 2 Apr, 2008) and the password MD5 hash could be collided with due to PHP dynamic comparison.\n\n - CVE-2014-9038 Ben Bidner reported a server side request forgery (SSRF) in the core HTTP layer which unsufficiently blocked the loopback IP address space.\n\n - CVE-2014-9039 Momen Bassel, Tanoy Bose, and Bojan Slavkovic reported a vulnerability in the password reset process: an email address change would not invalidate a previous password reset email.", "edition": 6, "reporter": "Tenable", "published": "2014-12-04T00:00:00", "title": "Debian DSA-3085-1 : wordpress - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9031", "CVE-2014-9039", "CVE-2014-9035", "CVE-2014-9033", "CVE-2014-9036", "CVE-2014-9037", "CVE-2014-9034", "CVE-2014-9038"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wordpress", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3085.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79696", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3085. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79696);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/10 11:49:36\");\n\n script_cve_id(\"CVE-2014-9031\", \"CVE-2014-9033\", \"CVE-2014-9034\", \"CVE-2014-9035\", \"CVE-2014-9036\", \"CVE-2014-9037\", \"CVE-2014-9038\", \"CVE-2014-9039\");\n script_bugtraq_id(71231, 71232, 71233, 71234, 71236, 71237, 71238);\n script_xref(name:\"DSA\", value:\"3085\");\n\n script_name(english:\"Debian DSA-3085-1 : wordpress - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information\ndisclosure. More information can be found in the upstream advisory at\n\n - CVE-2014-9031\n Jouko Pynnonen discovered an unauthenticated cross site\n scripting vulnerability (XSS) in wptexturize(),\n exploitable via comments or posts.\n\n - CVE-2014-9033\n Cross site request forgery (CSRF) vulnerability in the\n password changing process, which could be used by an\n attacker to trick an user into changing her password.\n\n - CVE-2014-9034\n Javier Nieto Arevalo and Andres Rojas Guerrero reported\n a potential denial of service in the way the phpass\n library is used to handle passwords, since no maximum\n password length was set.\n\n - CVE-2014-9035\n John Blackbourn reported an XSS in the 'Press This'\n function (used for quick publishing using a browser\n 'bookmarklet').\n\n - CVE-2014-9036\n Robert Chapin reported an XSS in the HTML filtering of\n CSS in posts.\n\n - CVE-2014-9037\n David Anderson reported a hash comparison vulnerability\n for passwords stored using the old-style MD5 scheme.\n While unlikely, this could be exploited to compromise an\n account, if the user had not logged in after a Wordpress\n 2.5 update (uploaded to Debian on 2 Apr, 2008) and the\n password MD5 hash could be collided with due to PHP\n dynamic comparison.\n\n - CVE-2014-9038\n Ben Bidner reported a server side request forgery (SSRF)\n in the core HTTP layer which unsufficiently blocked the\n loopback IP address space.\n\n - CVE-2014-9039\n Momen Bassel, Tanoy Bose, and Bojan Slavkovic reported a\n vulnerability in the password reset process: an email\n address change would not invalidate a previous password\n reset email.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770425\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9035\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9036\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/wordpress\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-3085\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wordpress packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 3.6.1+dfsg-1~deb7u5.\n\nFor the upcoming stable distribution (jessie), these problems have\nbeen fixed in version 4.0.1+dfsg-1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"wordpress\", reference:\"3.6.1+dfsg-1~deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wordpress-l10n\", reference:\"3.6.1+dfsg-1~deb7u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-11T12:56:39", "references": ["https://www.debian.org/security/2011/dsa-2207", "http://tomcat.apache.org/security-5.html"], "pluginID": "53212", "description": "Various vulnerabilities have been discovered in the Tomcat Servlet and JSP engine, resulting in denial of service, cross-site scripting, information disclosure and WAR file traversal. Further details on the individual security issues can be found on the Apache Tomcat 5 vulnerabilities page.", "edition": 9, "reporter": "Tenable", "published": "2011-03-30T00:00:00", "title": "Debian DSA-2207-1 : tomcat5.5 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0033", "CVE-2009-2693", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2010-1157", "CVE-2010-2227", "CVE-2009-0783", "CVE-2009-2902"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:tomcat5.5"], "id": "DEBIAN_DSA-2207.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=53212", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2207. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53212);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-2693\", \"CVE-2009-2902\", \"CVE-2010-1157\", \"CVE-2010-2227\");\n script_bugtraq_id(35193, 35196, 35263, 35416, 37944, 37945, 39635, 41544);\n script_xref(name:\"DSA\", value:\"2207\");\n\n script_name(english:\"Debian DSA-2207-1 : tomcat5.5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various vulnerabilities have been discovered in the Tomcat Servlet and\nJSP engine, resulting in denial of service, cross-site scripting,\ninformation disclosure and WAR file traversal. Further details on the\nindividual security issues can be found on the Apache Tomcat 5\nvulnerabilities page.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2207\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat5.5 packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 5.5.26-5lenny2.\n\nThe stable distribution (squeeze) no longer contains tomcat5.5.\ntomcat6 is already fixed.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat5.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"tomcat5.5\", reference:\"5.5.26-5lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-11T12:45:10", "references": ["https://security-tracker.debian.org/tracker/CVE-2010-4562", "https://security-tracker.debian.org/tracker/CVE-2010-3867", "https://security-tracker.debian.org/tracker/CVE-2008-7265", "https://www.debian.org/security/2011/dsa-2191"], "pluginID": "52660", "description": "Several vulnerabilities have been discovered in ProFTPD, a versatile, virtual-hosting FTP daemon :\n\n - CVE-2008-7265 Incorrect handling of the ABOR command could lead to denial of service through elevated CPU consumption.\n\n - CVE-2010-3867 Several directory traversal vulnerabilities have been discovered in the mod_site_misc module.\n\n - CVE-2010-4562 A SQL injection vulnerability was discovered in the mod_sql module.", "edition": 7, "reporter": "Tenable", "published": "2011-03-15T00:00:00", "title": "Debian DSA-2191-1 : proftpd-dfsg - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7265", "CVE-2010-4652", "CVE-2010-3867"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:proftpd-dfsg", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2191.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52660", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2191. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52660);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2008-7265\", \"CVE-2010-3867\", \"CVE-2010-4652\");\n script_bugtraq_id(44562, 44933);\n script_xref(name:\"DSA\", value:\"2191\");\n\n script_name(english:\"Debian DSA-2191-1 : proftpd-dfsg - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in ProFTPD, a versatile,\nvirtual-hosting FTP daemon :\n\n - CVE-2008-7265\n Incorrect handling of the ABOR command could lead to\n denial of service through elevated CPU consumption.\n\n - CVE-2010-3867\n Several directory traversal vulnerabilities have been\n discovered in the mod_site_misc module.\n\n - CVE-2010-4562\n A SQL injection vulnerability was discovered in the\n mod_sql module.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-7265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3867\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2191\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the proftpd-dfsg packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.3.1-17lenny6.\n\nThe stable distribution (squeeze) and the unstable distribution (sid)\nare not affected, these vulnerabilities have been fixed prior to the\nrelease of Debian 6.0 (squeeze).\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"metasploit_name\", value:'ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (Linux)');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:proftpd-dfsg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"proftpd-dfsg\", reference:\"1.3.1-17lenny6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-11T13:04:50", "references": ["https://www.debian.org/security/2011/dsa-2176", "https://security-tracker.debian.org/tracker/CVE-2010-1748", "https://security-tracker.debian.org/tracker/CVE-2010-2432", "https://security-tracker.debian.org/tracker/CVE-2010-0540", "https://security-tracker.debian.org/tracker/CVE-2008-5183", "https://security-tracker.debian.org/tracker/CVE-2010-2431", "https://security-tracker.debian.org/tracker/CVE-2009-3553", "https://security-tracker.debian.org/tracker/CVE-2010-2941", "https://security-tracker.debian.org/tracker/CVE-2010-0542"], "pluginID": "52484", "description": "Several vulnerabilities have been discovered in the Common UNIX Printing System :\n\n - CVE-2008-5183 A NULL pointer dereference in RSS job completion notifications could lead to denial of service.\n\n - CVE-2009-3553 It was discovered that incorrect file descriptor handling could lead to denial of service.\n\n - CVE-2010-0540 A cross-site request forgery vulnerability was discovered in the web interface.\n\n - CVE-2010-0542 Incorrect memory management in the filter subsystem could lead to denial of service.\n\n - CVE-2010-1748 Information disclosure in the web interface.\n\n - CVE-2010-2431 Emmanuel Bouillon discovered a symlink vulnerability in handling of cache files.\n\n - CVE-2010-2432 Denial of service in the authentication code.\n\n - CVE-2010-2941 Incorrect memory management in the IPP code could lead to denial of service or the execution of arbitrary code.", "edition": 7, "reporter": "Tenable", "published": "2011-03-02T00:00:00", "title": "Debian DSA-2176-1 : cups - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2941", "CVE-2010-2432", "CVE-2008-5183", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2009-3553", "CVE-2010-2431"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:cups", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2176.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52484", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2176. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52484);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2008-5183\", \"CVE-2009-3553\", \"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-2431\", \"CVE-2010-2432\", \"CVE-2010-2941\");\n script_bugtraq_id(32419, 37048, 40889, 40897, 40943, 41126, 41131, 44530);\n script_xref(name:\"DSA\", value:\"2176\");\n\n script_name(english:\"Debian DSA-2176-1 : cups - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Common UNIX\nPrinting System :\n\n - CVE-2008-5183\n A NULL pointer dereference in RSS job completion\n notifications could lead to denial of service.\n\n - CVE-2009-3553\n It was discovered that incorrect file descriptor\n handling could lead to denial of service.\n\n - CVE-2010-0540\n A cross-site request forgery vulnerability was\n discovered in the web interface.\n\n - CVE-2010-0542\n Incorrect memory management in the filter subsystem\n could lead to denial of service.\n\n - CVE-2010-1748\n Information disclosure in the web interface.\n\n - CVE-2010-2431\n Emmanuel Bouillon discovered a symlink vulnerability in\n handling of cache files.\n\n - CVE-2010-2432\n Denial of service in the authentication code.\n\n - CVE-2010-2941\n Incorrect memory management in the IPP code could lead\n to denial of service or the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-1748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-2431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-2432\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-2941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2176\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the cups packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.3.8-1+lenny9.\n\nThe stable distribution (squeeze) and the unstable distribution (sid)\nhad already been fixed prior to the initial Squeeze release.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"cups\", reference:\"1.3.8-1+lenny9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-11T12:57:37", "references": ["https://www.debian.org/security/2010/dsa-2080"], "pluginID": "48223", "description": "Several security issues have been discovered in Ghostscript, a GPL PostScript/PDF interpreter, which might lead to the execution of arbitrary code if a user processes a malformed PDF or Postscript file.", "edition": 8, "reporter": "Tenable", "published": "2010-08-03T00:00:00", "title": "Debian DSA-2080-1 : ghostscript - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0196", "CVE-2009-4270", "CVE-2009-0792", "CVE-2008-3522", "CVE-2007-6725", "CVE-2008-6679", "CVE-2010-1869"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ghostscript", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2080.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=48223", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2080. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(48223);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-3522\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-4270\", \"CVE-2010-1869\");\n script_bugtraq_id(31470, 34184, 34337, 34340, 34445, 37410, 40103);\n script_xref(name:\"DSA\", value:\"2080\");\n\n script_name(english:\"Debian DSA-2080-1 : ghostscript - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security issues have been discovered in Ghostscript, a GPL\nPostScript/PDF interpreter, which might lead to the execution of\narbitrary code if a user processes a malformed PDF or Postscript file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2080\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ghostscript packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 8.62.dfsg.1-3.2lenny4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"ghostscript\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"ghostscript-doc\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"ghostscript-x\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-aladdin\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-common\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-esp\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-gpl\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libgs-dev\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libgs8\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-11T12:39:15", "references": ["https://www.debian.org/security/2010/dsa-2058", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583908", "https://security-tracker.debian.org/tracker/CVE-2010-0830", "https://security-tracker.debian.org/tracker/CVE-2009-4881", "https://security-tracker.debian.org/tracker/CVE-2009-4880", "https://security-tracker.debian.org/tracker/CVE-2008-1391", "https://security-tracker.debian.org/tracker/CVE-2010-0296"], "pluginID": "46861", "description": "Several vulnerabilities have been discovered in the GNU C Library (aka glibc) and its derivatives. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-1391, CVE-2009-4880, CVE-2009-4881 Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon family of functions. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service.\n\n - CVE-2010-0296 Jeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges.\n\n - CVE-2010-0830 Dan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges.", "edition": 7, "reporter": "Tenable", "published": "2010-06-11T00:00:00", "title": "Debian DSA-2058-1 : glibc, eglibc - multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4881", "CVE-2010-0296", "CVE-2010-0830", "CVE-2009-4880", "CVE-2008-1391"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:eglibc", "cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:glibc"], "id": "DEBIAN_DSA-2058.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46861", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2058. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46861);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2008-1391\", \"CVE-2009-4880\", \"CVE-2009-4881\", \"CVE-2010-0296\", \"CVE-2010-0830\");\n script_bugtraq_id(36443, 40063);\n script_xref(name:\"DSA\", value:\"2058\");\n\n script_name(english:\"Debian DSA-2058-1 : glibc, eglibc - multiple vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the GNU C Library (aka\nglibc) and its derivatives. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2008-1391, CVE-2009-4880, CVE-2009-4881\n Maksymilian Arciemowicz discovered that the GNU C\n library did not correctly handle integer overflows in\n the strfmon family of functions. If a user or automated\n system were tricked into processing a specially crafted\n format string, a remote attacker could crash\n applications, leading to a denial of service.\n\n - CVE-2010-0296\n Jeff Layton and Dan Rosenberg discovered that the GNU C\n library did not correctly handle newlines in the mntent\n family of functions. If a local attacker were able to\n inject newlines into a mount entry through other\n vulnerable mount helpers, they could disrupt the system\n or possibly gain root privileges.\n\n - CVE-2010-0830\n Dan Rosenberg discovered that the GNU C library did not\n correctly validate certain ELF program headers. If a\n user or automated system were tricked into verifying a\n specially crafted ELF program, a remote attacker could\n execute arbitrary code with user privileges.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1391\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4881\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2058\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the glibc or eglibc packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.7-18lenny4 of the glibc package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:eglibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"glibc-doc\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"glibc-source\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-amd64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dbg\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-amd64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-i386\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-mips64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-mipsn32\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-ppc64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-s390x\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-sparc64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-i386\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-i686\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-mips64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-mipsn32\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-pic\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-ppc64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-prof\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-s390x\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-sparc64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-sparcv9b\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-xen\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1-alphaev67\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1-dbg\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1-dev\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1-pic\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1-prof\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"locales\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"locales-all\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"nscd\", reference:\"2.7-18lenny4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-11T12:46:06", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7252", "https://security-tracker.debian.org/tracker/CVE-2008-7251", "https://www.debian.org/security/2010/dsa-2034", "https://security-tracker.debian.org/tracker/CVE-2009-4605"], "pluginID": "45556", "description": "Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-7251 phpMyAdmin may create a temporary directory, if the configured directory does not exist yet, with insecure filesystem permissions.\n\n - CVE-2008-7252 phpMyAdmin uses predictable filenames for temporary files, which may lead to a local denial of service attack or privilege escalation.\n\n - CVE-2009-4605 The setup.php script shipped with phpMyAdmin may unserialize untrusted data, allowing for cross site request forgery.", "edition": 7, "reporter": "Tenable", "published": "2010-04-19T00:00:00", "title": "Debian DSA-2034-1 : phpmyadmin - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7252", "CVE-2009-4605", "CVE-2008-7251"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:phpmyadmin", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2034.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45556", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2034. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45556);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2008-7251\", \"CVE-2008-7252\", \"CVE-2009-4605\");\n script_bugtraq_id(37826);\n script_xref(name:\"DSA\", value:\"2034\");\n\n script_name(english:\"Debian DSA-2034-1 : phpmyadmin - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in phpMyAdmin, a tool to\nadminister MySQL over the web. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2008-7251\n phpMyAdmin may create a temporary directory, if the\n configured directory does not exist yet, with insecure\n filesystem permissions.\n\n - CVE-2008-7252\n phpMyAdmin uses predictable filenames for temporary\n files, which may lead to a local denial of service\n attack or privilege escalation.\n\n - CVE-2009-4605\n The setup.php script shipped with phpMyAdmin may\n unserialize untrusted data, allowing for cross site\n request forgery.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-7251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-7252\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4605\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2034\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the phpmyadmin package.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion phpmyadmin 2.11.8.1-5+lenny4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"phpmyadmin\", reference:\"2.11.8.1-5+lenny4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-11T12:51:44", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528543", "https://www.debian.org/security/2010/dsa-2036", "https://security-tracker.debian.org/tracker/CVE-2008-3521"], "pluginID": "45558", "description": "It was discovered that the JasPer JPEG-2000 runtime library allowed an attacker to create a crafted input file that could lead to denial of service and heap corruption.\n\nBesides addressing this vulnerability, this updates also addresses a regression introduced in the security fix for CVE-2008-3521, applied before Debian Lenny's release, that could cause errors when reading some JPEG input files.", "edition": 7, "reporter": "Tenable", "published": "2010-04-19T00:00:00", "title": "Debian DSA-2036-1 : jasper - programming error", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2721"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:jasper"], "id": "DEBIAN_DSA-2036.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45558", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2036. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45558);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2007-2721\");\n script_xref(name:\"DSA\", value:\"2036\");\n\n script_name(english:\"Debian DSA-2036-1 : jasper - programming error\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the JasPer JPEG-2000 runtime library allowed an\nattacker to create a crafted input file that could lead to denial of\nservice and heap corruption.\n\nBesides addressing this vulnerability, this updates also addresses a\nregression introduced in the security fix for CVE-2008-3521, applied\nbefore Debian Lenny's release, that could cause errors when reading\nsome JPEG input files.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2036\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the jasper package.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.900.1-5.1+lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libjasper-dev\", reference:\"1.900.1-5.1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libjasper-runtime\", reference:\"1.900.1-5.1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libjasper1\", reference:\"1.900.1-5.1+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-11T12:56:26", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469", "https://www.debian.org/security/2010/dsa-2029"], "pluginID": "45428", "description": "It was discovered that imlib2, a library to load and process several image formats, did not properly process various image file types.\n\nSeveral heap and stack based buffer overflows - partly due to integer overflows - in the ARGB, BMP, JPEG, LBM, PNM, TGA and XPM loaders can lead to the execution of arbitrary code via crafted image files.", "edition": 6, "reporter": "Tenable", "published": "2010-04-06T00:00:00", "title": "Debian DSA-2029-1 : imlib2 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6079"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:imlib2", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2029.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45428", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2029. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45428);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2008-6079\");\n script_xref(name:\"DSA\", value:\"2029\");\n\n script_name(english:\"Debian DSA-2029-1 : imlib2 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that imlib2, a library to load and process several\nimage formats, did not properly process various image file types.\n\nSeveral heap and stack based buffer overflows - partly due to integer\noverflows - in the ARGB, BMP, JPEG, LBM, PNM, TGA and XPM loaders can\nlead to the execution of arbitrary code via crafted image files.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2029\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (lenny), this problem has been fixed in\nversion 1.4.0-1.2+lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:imlib2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libimlib2\", reference:\"1.4.0-1.2+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libimlib2-dev\", reference:\"1.4.0-1.2+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-11T13:00:20", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529810", "https://security-tracker.debian.org/tracker/CVE-2009-1669", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504328", "https://security-tracker.debian.org/tracker/CVE-2008-4810", "https://www.debian.org/security/2009/dsa-1919"], "pluginID": "44784", "description": "Several remote vulnerabilities have been discovered in Smarty, a PHP templating engine. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-4810 The _expand_quoted_text function allows for certain restrictions in templates, like function calling and PHP execution, to be bypassed.\n\n - CVE-2009-1669 The smarty_function_math function allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function.", "edition": 8, "reporter": "Tenable", "published": "2010-02-24T00:00:00", "title": "Debian DSA-1919-1 : smarty - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4810", "CVE-2009-1669"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:smarty"], "id": "DEBIAN_DSA-1919.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=44784", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1919. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44784);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2008-4810\", \"CVE-2009-1669\");\n script_bugtraq_id(31862, 34918);\n script_xref(name:\"DSA\", value:\"1919\");\n\n script_name(english:\"Debian DSA-1919-1 : smarty - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in Smarty, a PHP\ntemplating engine. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2008-4810\n The _expand_quoted_text function allows for certain\n restrictions in templates, like function calling and PHP\n execution, to be bypassed.\n\n - CVE-2009-1669\n The smarty_function_math function allows\n context-dependent attackers to execute arbitrary\n commands via shell metacharacters in the equation\n attribute of the math function.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504328\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529810\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4810\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1919\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the smarty package.\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 2.6.14-1etch2.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.6.20-1.2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:smarty\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"smarty\", reference:\"2.6.14-1etch2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"smarty\", reference:\"2.6.20-1.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}