Search...

Debian DSA-2008-1 : typo3-src - several vulnerabilities

2010-03-09T00:00:00

ID DEBIAN_DSA-2008.NASL
Type nessus
Reporter Tenable
Modified 2013-05-17T00:00:00

Description

Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2008. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include("compat.inc");

if (description)
{
  script_id(45008);
  script_version("$Revision: 1.5 $");
  script_cvs_date("$Date: 2013/05/17 23:54:24 $");

  script_osvdb_id(62553, 62554, 62555, 62556);
  script_xref(name:"DSA", value:"2008");

  script_name(english:"Debian DSA-2008-1 : typo3-src - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several remote vulnerabilities have been discovered in the TYPO3 web
content management framework: Cross-site scripting vulnerabilities
have been discovered in both the frontend and the backend. Also, user
data could be leaked. More details can be found in the Typo3 security
advisory."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.debian.org/security/2010/dsa-2008"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the typo3-src package.

For the stable distribution (lenny), these problems have been fixed in
version 4.2.5-1+lenny3.

For the upcoming stable distribution (squeeze) and the unstable
distribution (sid), these problems have been fixed in version 4.3.2-1."
  );
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:typo3-src");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/03/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/09");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"5.0", prefix:"typo3", reference:"4.2.5-1+lenny3")) flag++;
if (deb_check(release:"5.0", prefix:"typo3-src-4.2", reference:"4.2.5-1+lenny3")) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"published": "2010-03-09T00:00:00", "id": "DEBIAN_DSA-2008.NASL", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [{"differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:25:40", "bulletin": {"enchantments": {}, "published": "2010-03-09T00:00:00", "id": "DEBIAN_DSA-2008.NASL", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "cpe": [], "hash": "7cd25b61f77c7c4d385adc5c960a4b953b15e407474e9a13ea40b2f78873a7a6", "description": "Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory.", "type": "nessus", "pluginID": "45008", "lastseen": "2016-09-26T17:25:40", "edition": 1, "title": "Debian DSA-2008-1 : typo3-src - several vulnerabilities", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45008", "modified": "2013-05-17T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": [], "references": ["http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/", "http://www.debian.org/security/2010/dsa-2008", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151"], "naslFamily": "Debian Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2008. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45008);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2013/05/17 23:54:24 $\");\n\n script_osvdb_id(62553, 62554, 62555, 62556);\n script_xref(name:\"DSA\", value:\"2008\");\n\n script_name(english:\"Debian DSA-2008-1 : typo3-src - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the TYPO3 web\ncontent management framework: Cross-site scripting vulnerabilities\nhave been discovered in both the frontend and the backend. Also, user\ndata could be leaked. More details can be found in the Typo3 security\nadvisory.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2008\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the typo3-src package.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4.2.5-1+lenny3.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version 4.3.2-1.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:typo3-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"typo3\", reference:\"4.2.5-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"typo3-src-4.2\", reference:\"4.2.5-1+lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "hashmap": [{"hash": "69282fd6ae1442c4101b6fe4d2f122af", "key": "title"}, {"hash": "36379b3d8f0b7301d78a61860825d375", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "668a78f14dc6e662fec0a67ac451bd78", "key": "published"}, {"hash": "b816130e1431fcf42ec895b272d975bd", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d4b24d71ad02b4c4e82b4c7f1f598b05", "key": "references"}, {"hash": "f796fc42d2f31cacb127271b6ffa5d4b", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "0c162ebcde94679e506b2b0ee3e72fd2", "key": "modified"}, {"hash": "407cd3fa222d8ff91f0d8d1fbebdbb41", "key": "description"}], "objectVersion": "1.2"}}], "description": "Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory.", "hash": "d29545c3992d4ce0c8141dad7d75aaa010239417466ab28e2904f0979c7f862b", "enchantments": {"vulnersScore": 4.3}, "type": "nessus", "pluginID": "45008", "lastseen": "2017-10-29T13:42:00", "edition": 2, "cpe": ["p-cpe:/a:debian:debian_linux:typo3-src", "cpe:/o:debian:debian_linux:5.0"], "title": "Debian DSA-2008-1 : typo3-src - several vulnerabilities", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45008", "modified": "2013-05-17T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": [], "references": ["http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/", "http://www.debian.org/security/2010/dsa-2008", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151"], "naslFamily": "Debian Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2008. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45008);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2013/05/17 23:54:24 $\");\n\n script_osvdb_id(62553, 62554, 62555, 62556);\n script_xref(name:\"DSA\", value:\"2008\");\n\n script_name(english:\"Debian DSA-2008-1 : typo3-src - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the TYPO3 web\ncontent management framework: Cross-site scripting vulnerabilities\nhave been discovered in both the frontend and the backend. Also, user\ndata could be leaked. More details can be found in the Typo3 security\nadvisory.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2008\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the typo3-src package.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4.2.5-1+lenny3.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version 4.3.2-1.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:typo3-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"typo3\", reference:\"4.2.5-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"typo3-src-4.2\", reference:\"4.2.5-1+lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "59d7cae33110e27013fc3d1ed9641897", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "407cd3fa222d8ff91f0d8d1fbebdbb41", "key": "description"}, {"hash": "36379b3d8f0b7301d78a61860825d375", "key": "href"}, {"hash": "0c162ebcde94679e506b2b0ee3e72fd2", "key": "modified"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "b816130e1431fcf42ec895b272d975bd", "key": "pluginID"}, {"hash": "668a78f14dc6e662fec0a67ac451bd78", "key": "published"}, {"hash": "d4b24d71ad02b4c4e82b4c7f1f598b05", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "f796fc42d2f31cacb127271b6ffa5d4b", "key": "sourceData"}, {"hash": "69282fd6ae1442c4101b6fe4d2f122af", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "objectVersion": "1.3"}

{"result": {"nessus": [{"lastseen": "2017-10-29T13:39:54", "references": ["https://security-tracker.debian.org/tracker/CVE-2014-9035", "https://security-tracker.debian.org/tracker/CVE-2014-9033", "https://security-tracker.debian.org/tracker/CVE-2014-9037", "https://security-tracker.debian.org/tracker/CVE-2014-9036", "https://security-tracker.debian.org/tracker/CVE-2014-9031", "https://packages.debian.org/source/wheezy/wordpress", "https://security-tracker.debian.org/tracker/CVE-2014-9034", "http://www.debian.org/security/2014/dsa-3085", "https://security-tracker.debian.org/tracker/CVE-2014-9038", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770425", "https://security-tracker.debian.org/tracker/CVE-2014-9039"], "pluginID": "79696", "description": "Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information can be found in the upstream advisory at\n\n - CVE-2014-9031 Jouko Pynnonen discovered an unauthenticated cross site scripting vulnerability (XSS) in wptexturize(), exploitable via comments or posts.\n\n - CVE-2014-9033 Cross site request forgery (CSRF) vulnerability in the password changing process, which could be used by an attacker to trick an user into changing her password.\n\n - CVE-2014-9034 Javier Nieto Arevalo and Andres Rojas Guerrero reported a potential denial of service in the way the phpass library is used to handle passwords, since no maximum password length was set.\n\n - CVE-2014-9035 John Blackbourn reported an XSS in the 'Press This' function (used for quick publishing using a browser 'bookmarklet').\n\n - CVE-2014-9036 Robert Chapin reported an XSS in the HTML filtering of CSS in posts.\n\n - CVE-2014-9037 David Anderson reported a hash comparison vulnerability for passwords stored using the old-style MD5 scheme.\n While unlikely, this could be exploited to compromise an account, if the user had not logged in after a Wordpress 2.5 update (uploaded to Debian on 2 Apr, 2008) and the password MD5 hash could be collided with due to PHP dynamic comparison.\n\n - CVE-2014-9038 Ben Bidner reported a server side request forgery (SSRF) in the core HTTP layer which unsufficiently blocked the loopback IP address space.\n\n - CVE-2014-9039 Momen Bassel, Tanoy Bose, and Bojan Slavkovic reported a vulnerability in the password reset process: an email address change would not invalidate a previous password reset email.", "edition": 2, "reporter": "Tenable", "published": "2014-12-04T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "type": "nessus", "title": "Debian DSA-3085-1 : wordpress - security update", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9031", "CVE-2014-9039", "CVE-2014-9035", "CVE-2014-9033", "CVE-2014-9036", "CVE-2014-9037", "CVE-2014-9034", "CVE-2014-9038"], "cpe": ["p-cpe:/a:debian:debian_linux:wordpress", "cpe:/o:debian:debian_linux:7.0"], "modified": "2016-04-28T00:00:00", "id": "DEBIAN_DSA-3085.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79696", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3085. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79696);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/04/28 18:23:48 $\");\n\n script_cve_id(\"CVE-2014-9031\", \"CVE-2014-9033\", \"CVE-2014-9034\", \"CVE-2014-9035\", \"CVE-2014-9036\", \"CVE-2014-9037\", \"CVE-2014-9038\", \"CVE-2014-9039\");\n script_bugtraq_id(71231, 71232, 71233, 71234, 71236, 71237, 71238);\n script_osvdb_id(114861);\n script_xref(name:\"DSA\", value:\"3085\");\n\n script_name(english:\"Debian DSA-3085-1 : wordpress - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been discovered in Wordpress, a web\nblogging tool, resulting in denial of service or information\ndisclosure. More information can be found in the upstream advisory at\n\n - CVE-2014-9031\n Jouko Pynnonen discovered an unauthenticated cross site\n scripting vulnerability (XSS) in wptexturize(),\n exploitable via comments or posts.\n\n - CVE-2014-9033\n Cross site request forgery (CSRF) vulnerability in the\n password changing process, which could be used by an\n attacker to trick an user into changing her password.\n\n - CVE-2014-9034\n Javier Nieto Arevalo and Andres Rojas Guerrero reported\n a potential denial of service in the way the phpass\n library is used to handle passwords, since no maximum\n password length was set.\n\n - CVE-2014-9035\n John Blackbourn reported an XSS in the 'Press This'\n function (used for quick publishing using a browser\n 'bookmarklet').\n\n - CVE-2014-9036\n Robert Chapin reported an XSS in the HTML filtering of\n CSS in posts.\n\n - CVE-2014-9037\n David Anderson reported a hash comparison vulnerability\n for passwords stored using the old-style MD5 scheme.\n While unlikely, this could be exploited to compromise an\n account, if the user had not logged in after a Wordpress\n 2.5 update (uploaded to Debian on 2 Apr, 2008) and the\n password MD5 hash could be collided with due to PHP\n dynamic comparison.\n\n - CVE-2014-9038\n Ben Bidner reported a server side request forgery (SSRF)\n in the core HTTP layer which unsufficiently blocked the\n loopback IP address space.\n\n - CVE-2014-9039\n Momen Bassel, Tanoy Bose, and Bojan Slavkovic reported a\n vulnerability in the password reset process: an email\n address change would not invalidate a previous password\n reset email.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770425\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9035\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9036\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/wordpress\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2014/dsa-3085\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wordpress packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 3.6.1+dfsg-1~deb7u5.\n\nFor the upcoming stable distribution (jessie), these problems have\nbeen fixed in version 4.0.1+dfsg-1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"wordpress\", reference:\"3.6.1+dfsg-1~deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wordpress-l10n\", reference:\"3.6.1+dfsg-1~deb7u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-29T13:40:59", "references": ["http://www.debian.org/security/2011/dsa-2207", "http://tomcat.apache.org/security-5.html"], "pluginID": "53212", "description": "Various vulnerabilities have been discovered in the Tomcat Servlet and JSP engine, resulting in denial of service, cross-site scripting, information disclosure and WAR file traversal. Further details on the individual security issues can be found on the Apache Tomcat 5 vulnerabilities page.", "edition": 4, "reporter": "Tenable", "published": "2011-03-30T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "type": "nessus", "title": "Debian DSA-2207-1 : tomcat5.5 - several vulnerabilities", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0033", "CVE-2009-2693", "CVE-2009-0580", "CVE-2009-0781", "CVE-2008-5515", "CVE-2010-1157", "CVE-2010-2227", "CVE-2009-0783", "CVE-2009-2902"], "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:tomcat5.5"], "modified": "2016-12-06T00:00:00", "id": "DEBIAN_DSA-2207.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=53212", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2207. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53212);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/12/06 20:25:07 $\");\n\n script_cve_id(\"CVE-2008-5515\", \"CVE-2009-0033\", \"CVE-2009-0580\", \"CVE-2009-0781\", \"CVE-2009-0783\", \"CVE-2009-2693\", \"CVE-2009-2902\", \"CVE-2010-1157\", \"CVE-2010-2227\");\n script_bugtraq_id(35193, 35196, 35263, 35416, 37944, 37945, 39635, 41544);\n script_osvdb_id(52899, 55053, 55054, 55055, 55056, 62052, 62054, 64023, 66319);\n script_xref(name:\"DSA\", value:\"2207\");\n\n script_name(english:\"Debian DSA-2207-1 : tomcat5.5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various vulnerabilities have been discovered in the Tomcat Servlet and\nJSP engine, resulting in denial of service, cross-site scripting,\ninformation disclosure and WAR file traversal. Further details on the\nindividual security issues can be found on the Apache Tomcat 5\nvulnerabilities page.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2011/dsa-2207\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tomcat5.5 packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 5.5.26-5lenny2.\n\nThe stable distribution (squeeze) no longer contains tomcat5.5.\ntomcat6 is already fixed.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:X\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat5.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"tomcat5.5\", reference:\"5.5.26-5lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-29T13:35:59", "references": ["https://security-tracker.debian.org/tracker/CVE-2010-4562", "https://security-tracker.debian.org/tracker/CVE-2010-3867", "http://www.debian.org/security/2011/dsa-2191", "https://security-tracker.debian.org/tracker/CVE-2008-7265"], "pluginID": "52660", "edition": 2, "description": "Several vulnerabilities have been discovered in ProFTPD, a versatile, virtual-hosting FTP daemon :\n\n - CVE-2008-7265 Incorrect handling of the ABOR command could lead to denial of service through elevated CPU consumption.\n\n - CVE-2010-3867 Several directory traversal vulnerabilities have been discovered in the mod_site_misc module.\n\n - CVE-2010-4562 A SQL injection vulnerability was discovered in the mod_sql module.", "reporter": "Tenable", "published": "2011-03-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "nessus", "title": "Debian DSA-2191-1 : proftpd-dfsg - several vulnerabilities", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7265", "CVE-2010-4652", "CVE-2010-3867"], "cpe": ["p-cpe:/a:debian:debian_linux:proftpd-dfsg", "cpe:/o:debian:debian_linux:5.0"], "modified": "2016-05-05T00:00:00", "id": "DEBIAN_DSA-2191.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52660", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2191. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52660);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2016/05/05 14:58:41 $\");\n\n script_cve_id(\"CVE-2008-7265\", \"CVE-2010-3867\", \"CVE-2010-4652\");\n script_bugtraq_id(44562, 44933);\n script_osvdb_id(68988, 69200, 70782);\n script_xref(name:\"DSA\", value:\"2191\");\n\n script_name(english:\"Debian DSA-2191-1 : proftpd-dfsg - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in ProFTPD, a versatile,\nvirtual-hosting FTP daemon :\n\n - CVE-2008-7265\n Incorrect handling of the ABOR command could lead to\n denial of service through elevated CPU consumption.\n\n - CVE-2010-3867\n Several directory traversal vulnerabilities have been\n discovered in the mod_site_misc module.\n\n - CVE-2010-4562\n A SQL injection vulnerability was discovered in the\n mod_sql module.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-7265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3867\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2011/dsa-2191\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the proftpd-dfsg packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.3.1-17lenny6.\n\nThe stable distribution (squeeze) and the unstable distribution (sid)\nare not affected, these vulnerabilities have been fixed prior to the\nrelease of Debian 6.0 (squeeze).\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (Linux)');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:proftpd-dfsg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"proftpd-dfsg\", reference:\"1.3.1-17lenny6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:44:22", "references": ["https://security-tracker.debian.org/tracker/CVE-2010-1748", "https://security-tracker.debian.org/tracker/CVE-2010-2432", "https://security-tracker.debian.org/tracker/CVE-2010-0540", "https://security-tracker.debian.org/tracker/CVE-2008-5183", "https://security-tracker.debian.org/tracker/CVE-2010-2431", "https://security-tracker.debian.org/tracker/CVE-2009-3553", "https://security-tracker.debian.org/tracker/CVE-2010-2941", "http://www.debian.org/security/2011/dsa-2176", "https://security-tracker.debian.org/tracker/CVE-2010-0542"], "pluginID": "52484", "edition": 2, "description": "Several vulnerabilities have been discovered in the Common UNIX Printing System :\n\n - CVE-2008-5183 A NULL pointer dereference in RSS job completion notifications could lead to denial of service.\n\n - CVE-2009-3553 It was discovered that incorrect file descriptor handling could lead to denial of service.\n\n - CVE-2010-0540 A cross-site request forgery vulnerability was discovered in the web interface.\n\n - CVE-2010-0542 Incorrect memory management in the filter subsystem could lead to denial of service.\n\n - CVE-2010-1748 Information disclosure in the web interface.\n\n - CVE-2010-2431 Emmanuel Bouillon discovered a symlink vulnerability in handling of cache files.\n\n - CVE-2010-2432 Denial of service in the authentication code.\n\n - CVE-2010-2941 Incorrect memory management in the IPP code could lead to denial of service or the execution of arbitrary code.", "reporter": "Tenable", "published": "2011-03-02T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "nessus", "title": "Debian DSA-2176-1 : cups - several vulnerabilities", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2941", "CVE-2010-2432", "CVE-2008-5183", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2009-3553", "CVE-2010-2431"], "cpe": ["p-cpe:/a:debian:debian_linux:cups", "cpe:/o:debian:debian_linux:5.0"], "modified": "2014-08-20T00:00:00", "id": "DEBIAN_DSA-2176.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52484", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2176. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52484);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/08/20 15:05:35 $\");\n\n script_cve_id(\"CVE-2008-5183\", \"CVE-2009-3553\", \"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-2431\", \"CVE-2010-2432\", \"CVE-2010-2941\");\n script_bugtraq_id(32419, 37048, 40889, 40897, 40943, 41126, 41131, 44530);\n script_osvdb_id(50351, 60204, 65555, 65569, 65692, 65698, 65699, 68951);\n script_xref(name:\"DSA\", value:\"2176\");\n\n script_name(english:\"Debian DSA-2176-1 : cups - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Common UNIX\nPrinting System :\n\n - CVE-2008-5183\n A NULL pointer dereference in RSS job completion\n notifications could lead to denial of service.\n\n - CVE-2009-3553\n It was discovered that incorrect file descriptor\n handling could lead to denial of service.\n\n - CVE-2010-0540\n A cross-site request forgery vulnerability was\n discovered in the web interface.\n\n - CVE-2010-0542\n Incorrect memory management in the filter subsystem\n could lead to denial of service.\n\n - CVE-2010-1748\n Information disclosure in the web interface.\n\n - CVE-2010-2431\n Emmanuel Bouillon discovered a symlink vulnerability in\n handling of cache files.\n\n - CVE-2010-2432\n Denial of service in the authentication code.\n\n - CVE-2010-2941\n Incorrect memory management in the IPP code could lead\n to denial of service or the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-1748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-2431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-2432\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-2941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2011/dsa-2176\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the cups packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.3.8-1+lenny9.\n\nThe stable distribution (squeeze) and the unstable distribution (sid)\nhad already been fixed prior to the initial Squeeze release.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"cups\", reference:\"1.3.8-1+lenny9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:41:22", "references": ["http://www.debian.org/security/2010/dsa-2080"], "pluginID": "48223", "edition": 3, "description": "Several security issues have been discovered in Ghostscript, a GPL PostScript/PDF interpreter, which might lead to the execution of arbitrary code if a user processes a malformed PDF or Postscript file.", "reporter": "Tenable", "published": "2010-08-03T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "nessus", "title": "Debian DSA-2080-1 : ghostscript - several vulnerabilities", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0196", "CVE-2009-4270", "CVE-2009-0792", "CVE-2008-3522", "CVE-2007-6725", "CVE-2008-6679", "CVE-2010-1869"], "cpe": ["p-cpe:/a:debian:debian_linux:ghostscript", "cpe:/o:debian:debian_linux:5.0"], "modified": "2016-12-06T00:00:00", "id": "DEBIAN_DSA-2080.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=48223", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2080. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(48223);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/06 20:25:07 $\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-3522\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-4270\", \"CVE-2010-1869\");\n script_bugtraq_id(31470, 34184, 34337, 34340, 34445, 37410, 40103);\n script_osvdb_id(49890, 53492, 53586, 53618, 56412, 61140, 64543);\n script_xref(name:\"DSA\", value:\"2080\");\n\n script_name(english:\"Debian DSA-2080-1 : ghostscript - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security issues have been discovered in Ghostscript, a GPL\nPostScript/PDF interpreter, which might lead to the execution of\narbitrary code if a user processes a malformed PDF or Postscript file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2080\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ghostscript packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 8.62.dfsg.1-3.2lenny4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"ghostscript\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"ghostscript-doc\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"ghostscript-x\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-aladdin\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-common\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-esp\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-gpl\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libgs-dev\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libgs8\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:33:11", "references": ["http://www.debian.org/security/2010/dsa-2058", "https://security-tracker.debian.org/tracker/CVE-2010-0830", "https://security-tracker.debian.org/tracker/CVE-2009-4881", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583908", "https://security-tracker.debian.org/tracker/CVE-2009-4880", "https://security-tracker.debian.org/tracker/CVE-2008-1391", "https://security-tracker.debian.org/tracker/CVE-2010-0296"], "pluginID": "46861", "description": "Several vulnerabilities have been discovered in the GNU C Library (aka glibc) and its derivatives. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-1391, CVE-2009-4880, CVE-2009-4881 Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon family of functions. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service.\n\n - CVE-2010-0296 Jeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges.\n\n - CVE-2010-0830 Dan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges.", "edition": 2, "reporter": "Tenable", "published": "2010-06-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "nessus", "title": "Debian DSA-2058-1 : glibc, eglibc - multiple vulnerabilities", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4881", "CVE-2010-0296", "CVE-2010-0830", "CVE-2009-4880", "CVE-2008-1391"], "cpe": ["p-cpe:/a:debian:debian_linux:eglibc", "cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:glibc"], "modified": "2014-05-03T00:00:00", "id": "DEBIAN_DSA-2058.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46861", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2058. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46861);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2014/05/03 11:20:11 $\");\n\n script_cve_id(\"CVE-2008-1391\", \"CVE-2009-4880\", \"CVE-2009-4881\", \"CVE-2010-0296\", \"CVE-2010-0830\");\n script_bugtraq_id(36443, 40063);\n script_osvdb_id(65078);\n script_xref(name:\"DSA\", value:\"2058\");\n\n script_name(english:\"Debian DSA-2058-1 : glibc, eglibc - multiple vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the GNU C Library (aka\nglibc) and its derivatives. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2008-1391, CVE-2009-4880, CVE-2009-4881\n Maksymilian Arciemowicz discovered that the GNU C\n library did not correctly handle integer overflows in\n the strfmon family of functions. If a user or automated\n system were tricked into processing a specially crafted\n format string, a remote attacker could crash\n applications, leading to a denial of service.\n\n - CVE-2010-0296\n Jeff Layton and Dan Rosenberg discovered that the GNU C\n library did not correctly handle newlines in the mntent\n family of functions. If a local attacker were able to\n inject newlines into a mount entry through other\n vulnerable mount helpers, they could disrupt the system\n or possibly gain root privileges.\n\n - CVE-2010-0830\n Dan Rosenberg discovered that the GNU C library did not\n correctly validate certain ELF program headers. If a\n user or automated system were tricked into verifying a\n specially crafted ELF program, a remote attacker could\n execute arbitrary code with user privileges.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1391\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4881\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2058\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the glibc or eglibc packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.7-18lenny4 of the glibc package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:eglibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"glibc-doc\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"glibc-source\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-amd64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dbg\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-amd64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-i386\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-mips64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-mipsn32\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-ppc64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-s390x\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-dev-sparc64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-i386\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-i686\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-mips64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-mipsn32\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-pic\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-ppc64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-prof\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-s390x\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-sparc64\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-sparcv9b\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6-xen\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1-alphaev67\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1-dbg\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1-dev\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1-pic\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libc6.1-prof\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"locales\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"locales-all\", reference:\"2.7-18lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"nscd\", reference:\"2.7-18lenny4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-29T13:36:24", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7252", "https://security-tracker.debian.org/tracker/CVE-2008-7251", "https://security-tracker.debian.org/tracker/CVE-2009-4605", "http://www.debian.org/security/2010/dsa-2034"], "pluginID": "45556", "description": "Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-7251 phpMyAdmin may create a temporary directory, if the configured directory does not exist yet, with insecure filesystem permissions.\n\n - CVE-2008-7252 phpMyAdmin uses predictable filenames for temporary files, which may lead to a local denial of service attack or privilege escalation.\n\n - CVE-2009-4605 The setup.php script shipped with phpMyAdmin may unserialize untrusted data, allowing for cross site request forgery.", "edition": 2, "reporter": "Tenable", "published": "2010-04-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "nessus", "title": "Debian DSA-2034-1 : phpmyadmin - several vulnerabilities", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7252", "CVE-2009-4605", "CVE-2008-7251"], "cpe": ["p-cpe:/a:debian:debian_linux:phpmyadmin", "cpe:/o:debian:debian_linux:5.0"], "modified": "2014-05-03T00:00:00", "id": "DEBIAN_DSA-2034.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45556", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2034. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45556);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2014/05/03 11:20:11 $\");\n\n script_cve_id(\"CVE-2008-7251\", \"CVE-2008-7252\", \"CVE-2009-4605\");\n script_bugtraq_id(37826);\n script_osvdb_id(61859, 61860, 61861);\n script_xref(name:\"DSA\", value:\"2034\");\n\n script_name(english:\"Debian DSA-2034-1 : phpmyadmin - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in phpMyAdmin, a tool to\nadminister MySQL over the web. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2008-7251\n phpMyAdmin may create a temporary directory, if the\n configured directory does not exist yet, with insecure\n filesystem permissions.\n\n - CVE-2008-7252\n phpMyAdmin uses predictable filenames for temporary\n files, which may lead to a local denial of service\n attack or privilege escalation.\n\n - CVE-2009-4605\n The setup.php script shipped with phpMyAdmin may\n unserialize untrusted data, allowing for cross site\n request forgery.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-7251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-7252\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4605\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2034\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the phpmyadmin package.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion phpmyadmin 2.11.8.1-5+lenny4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"phpmyadmin\", reference:\"2.11.8.1-5+lenny4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:38:51", "references": ["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528543", "http://www.debian.org/security/2010/dsa-2036", "https://security-tracker.debian.org/tracker/CVE-2008-3521"], "pluginID": "45558", "description": "It was discovered that the JasPer JPEG-2000 runtime library allowed an attacker to create a crafted input file that could lead to denial of service and heap corruption.\n\nBesides addressing this vulnerability, this updates also addresses a regression introduced in the security fix for CVE-2008-3521, applied before Debian Lenny's release, that could cause errors when reading some JPEG input files.", "edition": 2, "reporter": "Tenable", "published": "2010-04-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "nessus", "title": "Debian DSA-2036-1 : jasper - programming error", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2721"], "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:jasper"], "modified": "2014-05-03T00:00:00", "id": "DEBIAN_DSA-2036.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45558", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2036. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45558);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2014/05/03 11:20:11 $\");\n\n script_cve_id(\"CVE-2007-2721\");\n script_osvdb_id(36137);\n script_xref(name:\"DSA\", value:\"2036\");\n\n script_name(english:\"Debian DSA-2036-1 : jasper - programming error\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the JasPer JPEG-2000 runtime library allowed an\nattacker to create a crafted input file that could lead to denial of\nservice and heap corruption.\n\nBesides addressing this vulnerability, this updates also addresses a\nregression introduced in the security fix for CVE-2008-3521, applied\nbefore Debian Lenny's release, that could cause errors when reading\nsome JPEG input files.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2036\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the jasper package.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.900.1-5.1+lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/19\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libjasper-dev\", reference:\"1.900.1-5.1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libjasper-runtime\", reference:\"1.900.1-5.1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libjasper1\", reference:\"1.900.1-5.1+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-29T13:40:54", "references": ["http://www.debian.org/security/2010/dsa-2029", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469"], "pluginID": "45428", "edition": 2, "description": "It was discovered that imlib2, a library to load and process several image formats, did not properly process various image file types.\n\nSeveral heap and stack based buffer overflows - partly due to integer overflows - in the ARGB, BMP, JPEG, LBM, PNM, TGA and XPM loaders can lead to the execution of arbitrary code via crafted image files.", "reporter": "Tenable", "published": "2010-04-06T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "nessus", "title": "Debian DSA-2029-1 : imlib2 - several vulnerabilities", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6079"], "cpe": ["p-cpe:/a:debian:debian_linux:imlib2", "cpe:/o:debian:debian_linux:5.0"], "modified": "2013-05-17T00:00:00", "id": "DEBIAN_DSA-2029.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45428", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2029. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45428);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2013/05/17 23:54:24 $\");\n\n script_cve_id(\"CVE-2008-6079\");\n script_xref(name:\"DSA\", value:\"2029\");\n\n script_name(english:\"Debian DSA-2029-1 : imlib2 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that imlib2, a library to load and process several\nimage formats, did not properly process various image file types.\n\nSeveral heap and stack based buffer overflows - partly due to integer\noverflows - in the ARGB, BMP, JPEG, LBM, PNM, TGA and XPM loaders can\nlead to the execution of arbitrary code via crafted image files.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2029\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (lenny), this problem has been fixed in\nversion 1.4.0-1.2+lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:imlib2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libimlib2\", reference:\"1.4.0-1.2+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libimlib2-dev\", reference:\"1.4.0-1.2+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:44:16", "references": ["http://www.debian.org/security/2009/dsa-1858", "https://security-tracker.debian.org/tracker/CVE-2008-1097", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=412945", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530838", "https://security-tracker.debian.org/tracker/CVE-2007-4987", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444267", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418057", "https://security-tracker.debian.org/tracker/CVE-2007-4985", "https://security-tracker.debian.org/tracker/CVE-2009-1882", "https://security-tracker.debian.org/tracker/CVE-2007-4986", "https://security-tracker.debian.org/tracker/CVE-2007-1797", "https://security-tracker.debian.org/tracker/CVE-2007-1667", "https://security-tracker.debian.org/tracker/CVE-2007-4988", "https://security-tracker.debian.org/tracker/CVE-2008-1096"], "pluginID": "44723", "description": "Several vulnerabilities have been discovered in the imagemagick image manipulation programs which can lead to the execution of arbitrary code, exposure of sensitive information or cause DoS. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2007-1667 Multiple integer overflows in XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. It only affects the oldstable distribution (etch).\n\n - CVE-2007-1797 Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted DCM image, or the colors or comments field in a crafted XWD image. It only affects the oldstable distribution (etch).\n\n - CVE-2007-4985 A crafted image file can trigger an infinite loop in the ReadDCMImage function or in the ReadXCFImage function.\n It only affects the oldstable distribution (etch).\n\n - CVE-2007-4986 Multiple integer overflows allow context-dependent attackers to execute arbitrary code via a crafted .dcm, .dib, .xbm, .xcf, or .xwd image file, which triggers a heap-based buffer overflow. It only affects the oldstable distribution (etch).\n\n - CVE-2007-4987 Off-by-one error allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\\0' character to an out-of-bounds address. It affects only the oldstable distribution (etch).\n\n - CVE-2007-4988 A sign extension error allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. It affects only the oldstable distribution (etch).\n\n - CVE-2008-1096 The load_tile function in the XCF coder allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write. It affects only to oldstable (etch).\n\n - CVE-2008-1097 Heap-based buffer overflow in the PCX coder allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption. It affects only to oldstable (etch).\n\n - CVE-2009-1882 Integer overflow allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow.", "edition": 3, "reporter": "Tenable", "published": "2010-02-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "nessus", "title": "Debian DSA-1858-1 : imagemagick - multiple vulnerabilities", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4985", "CVE-2007-4986", "CVE-2007-1667", "CVE-2007-4988", "CVE-2007-4987", "CVE-2008-1096", "CVE-2008-1097", "CVE-2007-1797", "CVE-2009-1882"], "cpe": ["cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:imagemagick"], "modified": "2016-12-06T00:00:00", "id": "DEBIAN_DSA-1858.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=44723", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1858. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44723);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2016/12/06 20:12:52 $\");\n\n script_cve_id(\"CVE-2007-1667\", \"CVE-2007-1797\", \"CVE-2007-4985\", \"CVE-2007-4986\", \"CVE-2007-4987\", \"CVE-2007-4988\", \"CVE-2008-1096\", \"CVE-2008-1097\", \"CVE-2009-1882\");\n script_bugtraq_id(23300, 23347, 25763, 25764, 25765, 25766, 28821, 28822, 35111);\n script_osvdb_id(43213);\n script_xref(name:\"DSA\", value:\"1858\");\n\n script_name(english:\"Debian DSA-1858-1 : imagemagick - multiple vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the imagemagick image\nmanipulation programs which can lead to the execution of arbitrary\ncode, exposure of sensitive information or cause DoS. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2007-1667\n Multiple integer overflows in XInitImage function in\n xwd.c for ImageMagick, allow user-assisted remote\n attackers to cause a denial of service (crash) or obtain\n sensitive information via crafted images with large or\n negative values that trigger a buffer overflow. It only\n affects the oldstable distribution (etch).\n\n - CVE-2007-1797\n Multiple integer overflows allow remote attackers to\n execute arbitrary code via a crafted DCM image, or the\n colors or comments field in a crafted XWD image. It only\n affects the oldstable distribution (etch).\n\n - CVE-2007-4985\n A crafted image file can trigger an infinite loop in the\n ReadDCMImage function or in the ReadXCFImage function.\n It only affects the oldstable distribution (etch).\n\n - CVE-2007-4986\n Multiple integer overflows allow context-dependent\n attackers to execute arbitrary code via a crafted .dcm,\n .dib, .xbm, .xcf, or .xwd image file, which triggers a\n heap-based buffer overflow. It only affects the\n oldstable distribution (etch).\n\n - CVE-2007-4987\n Off-by-one error allows context-dependent attackers to\n execute arbitrary code via a crafted image file, which\n triggers the writing of a '\\0' character to an\n out-of-bounds address. It affects only the oldstable\n distribution (etch).\n\n - CVE-2007-4988\n A sign extension error allows context-dependent\n attackers to execute arbitrary code via a crafted width\n value in an image file, which triggers an integer\n overflow and a heap-based buffer overflow. It affects\n only the oldstable distribution (etch).\n\n - CVE-2008-1096\n The load_tile function in the XCF coder allows\n user-assisted remote attackers to cause a denial of\n service or possibly execute arbitrary code via a crafted\n .xcf file that triggers an out-of-bounds heap write. It\n affects only to oldstable (etch).\n\n - CVE-2008-1097\n Heap-based buffer overflow in the PCX coder allows\n user-assisted remote attackers to cause a denial of\n service or possibly execute arbitrary code via a crafted\n .pcx file that triggers incorrect memory allocation for\n the scanline array, leading to memory corruption. It\n affects only to oldstable (etch).\n\n - CVE-2009-1882\n Integer overflow allows remote attackers to cause a\n denial of service (crash) and possibly execute arbitrary\n code via a crafted TIFF file, which triggers a buffer\n overflow.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=412945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444267\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-1667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-1797\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-4985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-4986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-4987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-4988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1096\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1882\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2009/dsa-1858\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the imagemagick packages.\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 7:6.2.4.5.dfsg1-0.15+etch1.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 7:6.3.7.9.dfsg2-1~lenny3.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version\n7:6.5.1.0-1.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"imagemagick\", reference:\"7:6.2.4.5.dfsg1-0.15+etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libmagick++9-dev\", reference:\"7:6.2.4.5.dfsg1-0.15+etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libmagick++9c2a\", reference:\"7:6.2.4.5.dfsg1-0.15+etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libmagick9\", reference:\"7:6.2.4.5.dfsg1-0.15+etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libmagick9-dev\", reference:\"7:6.2.4.5.dfsg1-0.15+etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"perlmagick\", reference:\"7:6.2.4.5.dfsg1-0.15+etch1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"imagemagick\", reference:\"7:6.3.7.9.dfsg2-1~lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libmagick++10\", reference:\"7:6.3.7.9.dfsg2-1~lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libmagick++9-dev\", reference:\"7:6.3.7.9.dfsg2-1~lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libmagick10\", reference:\"7:6.3.7.9.dfsg2-1~lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libmagick9-dev\", reference:\"7:6.3.7.9.dfsg2-1~lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"perlmagick\", reference:\"7:6.3.7.9.dfsg2-1~lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}}