Search...

Debian DSA-2044-1 : mplayer - integer overflow

2010-05-12T00:00:00

ID DEBIAN_DSA-2044.NASL
Type nessus
Reporter Tenable
Modified 2018-11-10T00:00:00

Description

tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie player. Missing data validation in mplayer's real data transport (RDT) implementation enable an integer underflow and consequently an unbounded buffer operation. A maliciously crafted stream could thus enable an attacker to execute arbitrary code.

No Common Vulnerabilities and Exposures project identifier is available for this issue.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2044. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include("compat.inc");

if (description)
{
  script_id(46315);
  script_version("1.8");
  script_cvs_date("Date: 2018/11/10 11:49:34");

  script_xref(name:"DSA", value:"2044");

  script_name(english:"Debian DSA-2044-1 : mplayer - integer overflow");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie
player. Missing data validation in mplayer's real data transport (RDT)
implementation enable an integer underflow and consequently an
unbounded buffer operation. A maliciously crafted stream could thus
enable an attacker to execute arbitrary code.

No Common Vulnerabilities and Exposures project identifier is
available for this issue."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2010/dsa-2044"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the mplayer packages.

For the stable distribution (lenny), this problem has been fixed in
version 1.0~rc2-17+lenny3.2."
  );
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mplayer");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/05/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/05/12");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"5.0", prefix:"mplayer", reference:"1.0~rc2-17+lenny3.2")) flag++;
if (deb_check(release:"5.0", prefix:"mplayer-dbg", reference:"1.0~rc2-17+lenny3.2")) flag++;
if (deb_check(release:"5.0", prefix:"mplayer-doc", reference:"1.0~rc2-17+lenny3.2")) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "DEBIAN_DSA-2044.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-2044-1 : mplayer - integer overflow", "description": "tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie player. Missing data validation in mplayer's real data transport (RDT) implementation enable an integer underflow and consequently an unbounded buffer operation. A maliciously crafted stream could thus enable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is available for this issue.", "published": "2010-05-12T00:00:00", "modified": "2018-11-10T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=46315", "reporter": "Tenable", "references": ["https://www.debian.org/security/2010/dsa-2044"], "cvelist": [], "type": "nessus", "lastseen": "2019-02-21T01:13:22", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:mplayer", "cpe:/o:debian:debian_linux:5.0"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie player. Missing data validation in mplayer's real data transport (RDT) implementation enable an integer underflow and consequently an unbounded buffer operation. A maliciously crafted stream could thus enable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is available for this issue.", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "6ae850a84c75f94e131533885fb863eec702fe1e897693b86e98ab46f09747fa", "hashmap": [{"hash": "c2d00300af3e3b44a5027cef42ab6241", "key": "description"}, {"hash": "67b65da2381717dac2a2bad9837ef831", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b43e2dca7acedf6ea6bb527877e3e75", "key": "href"}, {"hash": "74a9880a14a307e6fcc7ccca62ba311a", "key": "references"}, {"hash": "3276149f259ae13ba33080c384c5e9d8", "key": "title"}, {"hash": "49c25d88cd615a4e446001422115c16f", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "a03d359fb0b4e439f50091cee1f89df6", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "a577349580779b4a1d0146250bf13ed7", "key": "pluginID"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "8a00ba0e38fa9989bca8d69602eac8a9", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=46315", "id": "DEBIAN_DSA-2044.NASL", "lastseen": "2018-08-10T17:35:41", "modified": "2018-08-09T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "46315", "published": "2010-05-12T00:00:00", "references": ["http://www.debian.org/security/2010/dsa-2044"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2044. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46315);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/08/09 17:06:37\");\n\n script_xref(name:\"DSA\", value:\"2044\");\n\n script_name(english:\"Debian DSA-2044-1 : mplayer - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie\nplayer. Missing data validation in mplayer's real data transport (RDT)\nimplementation enable an integer underflow and consequently an\nunbounded buffer operation. A maliciously crafted stream could thus\nenable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is\navailable for this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2044\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mplayer packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0~rc2-17+lenny3.2.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"mplayer\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-dbg\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-doc\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-2044-1 : mplayer - integer overflow", "type": "nessus", "viewCount": 1}, "differentElements": ["sourceData"], "edition": 3, "lastseen": "2018-08-10T17:35:41"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie player. Missing data validation in mplayer's real data transport (RDT) implementation enable an integer underflow and consequently an unbounded buffer operation. A maliciously crafted stream could thus enable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is available for this issue.", "edition": 1, "enchantments": {}, "hash": "0685f0b7ab09e7a952bee11b236d050e94add2f7ae4ddafde7273fa907dfb90d", "hashmap": [{"hash": "7b438f5e51085f7305a0442f742ce0d0", "key": "sourceData"}, {"hash": "c2d00300af3e3b44a5027cef42ab6241", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b43e2dca7acedf6ea6bb527877e3e75", "key": "href"}, {"hash": "74a9880a14a307e6fcc7ccca62ba311a", "key": "references"}, {"hash": "3276149f259ae13ba33080c384c5e9d8", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "6754357a39a380a6245dfd44704e115e", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "a577349580779b4a1d0146250bf13ed7", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "8a00ba0e38fa9989bca8d69602eac8a9", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=46315", "id": "DEBIAN_DSA-2044.NASL", "lastseen": "2016-09-26T17:26:45", "modified": "2013-11-21T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.2", "pluginID": "46315", "published": "2010-05-12T00:00:00", "references": ["http://www.debian.org/security/2010/dsa-2044"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2044. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46315);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2013/11/21 11:45:12 $\");\n\n script_osvdb_id(56605);\n script_xref(name:\"DSA\", value:\"2044\");\n\n script_name(english:\"Debian DSA-2044-1 : mplayer - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie\nplayer. Missing data validation in mplayer's real data transport (RDT)\nimplementation enable an integer underflow and consequently an\nunbounded buffer operation. A maliciously crafted stream could thus\nenable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is\navailable for this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2044\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mplayer packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0~rc2-17+lenny3.2.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"mplayer\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-dbg\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-doc\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-2044-1 : mplayer - integer overflow", "type": "nessus", "viewCount": 1}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:45"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:mplayer", "cpe:/o:debian:debian_linux:5.0"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie player. Missing data validation in mplayer's real data transport (RDT) implementation enable an integer underflow and consequently an unbounded buffer operation. A maliciously crafted stream could thus enable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is available for this issue.", "edition": 5, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "2a52205f07de064d5bd22d5299eb1b05c075a472bda9fe39e704aca7a0e8d6f8", "hashmap": [{"hash": "c2d00300af3e3b44a5027cef42ab6241", "key": "description"}, {"hash": "67b65da2381717dac2a2bad9837ef831", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b43e2dca7acedf6ea6bb527877e3e75", "key": "href"}, {"hash": "3276149f259ae13ba33080c384c5e9d8", "key": "title"}, {"hash": "fdd801b8eaa8ea3549d79235ecaf9ab0", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3c764d4cf584f9ded7aa4dcca57c78ff", "key": "modified"}, {"hash": "a577349580779b4a1d0146250bf13ed7", "key": "pluginID"}, {"hash": "5e1a7170ae0ef4d92583e6685acf8461", "key": "references"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "8a00ba0e38fa9989bca8d69602eac8a9", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=46315", "id": "DEBIAN_DSA-2044.NASL", "lastseen": "2018-11-11T13:08:22", "modified": "2018-11-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "46315", "published": "2010-05-12T00:00:00", "references": ["https://www.debian.org/security/2010/dsa-2044"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2044. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46315);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_xref(name:\"DSA\", value:\"2044\");\n\n script_name(english:\"Debian DSA-2044-1 : mplayer - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie\nplayer. Missing data validation in mplayer's real data transport (RDT)\nimplementation enable an integer underflow and consequently an\nunbounded buffer operation. A maliciously crafted stream could thus\nenable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is\navailable for this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2044\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mplayer packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0~rc2-17+lenny3.2.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"mplayer\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-dbg\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-doc\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-2044-1 : mplayer - integer overflow", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-11-11T13:08:22"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:mplayer", "cpe:/o:debian:debian_linux:5.0"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie\nplayer. Missing data validation in mplayer's real data transport (RDT)\nimplementation enable an integer underflow and consequently an\nunbounded buffer operation. A maliciously crafted stream could thus\nenable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is\navailable for this issue.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-01-16T20:10:37", "references": [{"idList": ["5023F559-27E2-11E5-A4A5-002590263BF5"], "type": "freebsd"}, {"idList": ["SUSE_11_XEN-201503-150330.NASL", "OPENSUSE-2015-434.NASL", "FEDORA_2015-3721.NASL", "SUSE_SU-2015-0744-1.NASL", "DEBIAN_DSA-3181.NASL", "ORACLEVM_OVMSA-2015-0028.NASL", "ORACLEVM_OVMSA-2015-0068.NASL", "FEDORA_2015-3944.NASL", "SUSE_SU-2015-0745-1.NASL", "SUSE_SU-2015-0613-1.NASL"], "type": "nessus"}, {"idList": ["CVE-2012-2133", "CVE-2015-2044"], "type": "cve"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "971d7e8ae9dfc18614c94e870065ee44940d9739762a0a349994d71b554fc1de", "hashmap": [{"hash": "67b65da2381717dac2a2bad9837ef831", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b43e2dca7acedf6ea6bb527877e3e75", "key": "href"}, {"hash": "3276149f259ae13ba33080c384c5e9d8", "key": "title"}, {"hash": "fdd801b8eaa8ea3549d79235ecaf9ab0", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3c764d4cf584f9ded7aa4dcca57c78ff", "key": "modified"}, {"hash": "a577349580779b4a1d0146250bf13ed7", "key": "pluginID"}, {"hash": "5e1a7170ae0ef4d92583e6685acf8461", "key": "references"}, {"hash": "16563f5e402c62baa08bfb3cb010fe76", "key": "description"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "8a00ba0e38fa9989bca8d69602eac8a9", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=46315", "id": "DEBIAN_DSA-2044.NASL", "lastseen": "2019-01-16T20:10:37", "modified": "2018-11-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "46315", "published": "2010-05-12T00:00:00", "references": ["https://www.debian.org/security/2010/dsa-2044"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2044. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46315);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_xref(name:\"DSA\", value:\"2044\");\n\n script_name(english:\"Debian DSA-2044-1 : mplayer - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie\nplayer. Missing data validation in mplayer's real data transport (RDT)\nimplementation enable an integer underflow and consequently an\nunbounded buffer operation. A maliciously crafted stream could thus\nenable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is\navailable for this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2044\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mplayer packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0~rc2-17+lenny3.2.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"mplayer\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-dbg\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-doc\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-2044-1 : mplayer - integer overflow", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-16T20:10:37"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:mplayer", "cpe:/o:debian:debian_linux:5.0"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie player. Missing data validation in mplayer's real data transport (RDT) implementation enable an integer underflow and consequently an unbounded buffer operation. A maliciously crafted stream could thus enable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is available for this issue.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "77b766f8a4ee05ae91a55d7c4ffb53dfcf0568c1eba8fb396328900d9c90a339", "hashmap": [{"hash": "7b438f5e51085f7305a0442f742ce0d0", "key": "sourceData"}, {"hash": "c2d00300af3e3b44a5027cef42ab6241", "key": "description"}, {"hash": "67b65da2381717dac2a2bad9837ef831", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b43e2dca7acedf6ea6bb527877e3e75", "key": "href"}, {"hash": "74a9880a14a307e6fcc7ccca62ba311a", "key": "references"}, {"hash": "3276149f259ae13ba33080c384c5e9d8", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "6754357a39a380a6245dfd44704e115e", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "a577349580779b4a1d0146250bf13ed7", "key": "pluginID"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "8a00ba0e38fa9989bca8d69602eac8a9", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=46315", "id": "DEBIAN_DSA-2044.NASL", "lastseen": "2017-10-29T13:46:02", "modified": "2013-11-21T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "46315", "published": "2010-05-12T00:00:00", "references": ["http://www.debian.org/security/2010/dsa-2044"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2044. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46315);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2013/11/21 11:45:12 $\");\n\n script_osvdb_id(56605);\n script_xref(name:\"DSA\", value:\"2044\");\n\n script_name(english:\"Debian DSA-2044-1 : mplayer - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie\nplayer. Missing data validation in mplayer's real data transport (RDT)\nimplementation enable an integer underflow and consequently an\nunbounded buffer operation. A maliciously crafted stream could thus\nenable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is\navailable for this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2044\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mplayer packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0~rc2-17+lenny3.2.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"mplayer\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-dbg\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-doc\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-2044-1 : mplayer - integer overflow", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:46:02"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:mplayer", "cpe:/o:debian:debian_linux:5.0"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie player. Missing data validation in mplayer's real data transport (RDT) implementation enable an integer underflow and consequently an unbounded buffer operation. A maliciously crafted stream could thus enable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is available for this issue.", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "a3f6ed2c547ba6dd97bf14ed1cc6f359bbab06ceed7e4c4a69ff58376593bab9", "hashmap": [{"hash": "c2d00300af3e3b44a5027cef42ab6241", "key": "description"}, {"hash": "67b65da2381717dac2a2bad9837ef831", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b43e2dca7acedf6ea6bb527877e3e75", "key": "href"}, {"hash": "74a9880a14a307e6fcc7ccca62ba311a", "key": "references"}, {"hash": "3276149f259ae13ba33080c384c5e9d8", "key": "title"}, {"hash": "fdd801b8eaa8ea3549d79235ecaf9ab0", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "a03d359fb0b4e439f50091cee1f89df6", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "a577349580779b4a1d0146250bf13ed7", "key": "pluginID"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "8a00ba0e38fa9989bca8d69602eac8a9", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=46315", "id": "DEBIAN_DSA-2044.NASL", "lastseen": "2018-11-11T08:45:14", "modified": "2018-08-09T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "46315", "published": "2010-05-12T00:00:00", "references": ["http://www.debian.org/security/2010/dsa-2044"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2044. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46315);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_xref(name:\"DSA\", value:\"2044\");\n\n script_name(english:\"Debian DSA-2044-1 : mplayer - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie\nplayer. Missing data validation in mplayer's real data transport (RDT)\nimplementation enable an integer underflow and consequently an\nunbounded buffer operation. A maliciously crafted stream could thus\nenable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is\navailable for this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2044\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mplayer packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0~rc2-17+lenny3.2.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"mplayer\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-dbg\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-doc\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-2044-1 : mplayer - integer overflow", "type": "nessus", "viewCount": 1}, "differentElements": ["references", "modified"], "edition": 4, "lastseen": "2018-11-11T08:45:14"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "67b65da2381717dac2a2bad9837ef831"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "c2d00300af3e3b44a5027cef42ab6241"}, {"key": "href", "hash": "2b43e2dca7acedf6ea6bb527877e3e75"}, {"key": "modified", "hash": "3c764d4cf584f9ded7aa4dcca57c78ff"}, {"key": "naslFamily", "hash": "74562d71b087df9eabd0c21f99b132cc"}, {"key": "pluginID", "hash": "a577349580779b4a1d0146250bf13ed7"}, {"key": "published", "hash": "8a00ba0e38fa9989bca8d69602eac8a9"}, {"key": "references", "hash": "5e1a7170ae0ef4d92583e6685acf8461"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "fdd801b8eaa8ea3549d79235ecaf9ab0"}, {"key": "title", "hash": "3276149f259ae13ba33080c384c5e9d8"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "2a52205f07de064d5bd22d5299eb1b05c075a472bda9fe39e704aca7a0e8d6f8", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310131256", "OPENVAS:1361412562310850866", "OPENVAS:1361412562310121371", "OPENVAS:1361412562310850674", "OPENVAS:1361412562310869858", "OPENVAS:1361412562310869777", "OPENVAS:1361412562310869462", "OPENVAS:1361412562310869464", "OPENVAS:1361412562310869445", "OPENVAS:1361412562310869433"]}, {"type": "nessus", "idList": ["FEDORA_2016-E1FE01E96E.NASL", "FEDORA_2016-E55278763E.NASL", "FREEBSD_PKG_5023F55927E211E5A4A5002590263BF5.NASL", "OPENSUSE-2015-434.NASL", "ORACLEVM_OVMSA-2015-0068.NASL", "SUSE_SU-2015-0744-1.NASL", "SUSE_SU-2015-0747-1.NASL", "SUSE_SU-2015-0613-1.NASL"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:1092-1"]}], "modified": "2019-02-21T01:13:22"}, "score": {"value": 2.7, "vector": "NONE", "modified": "2019-02-21T01:13:22"}, "vulnersScore": 2.7}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2044. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46315);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_xref(name:\"DSA\", value:\"2044\");\n\n script_name(english:\"Debian DSA-2044-1 : mplayer - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"tixxDZ (DZCORE labs) discovered a vulnerability in the mplayer movie\nplayer. Missing data validation in mplayer's real data transport (RDT)\nimplementation enable an integer underflow and consequently an\nunbounded buffer operation. A maliciously crafted stream could thus\nenable an attacker to execute arbitrary code.\n\nNo Common Vulnerabilities and Exposures project identifier is\navailable for this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2044\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mplayer packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0~rc2-17+lenny3.2.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"mplayer\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-dbg\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mplayer-doc\", reference:\"1.0~rc2-17+lenny3.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "46315", "cpe": ["p-cpe:/a:debian:debian_linux:mplayer", "cpe:/o:debian:debian_linux:5.0"], "scheme": null}

{"openvas": [{"lastseen": "2019-05-29T18:35:43", "bulletinFamily": "scanner", "description": "Mageia Linux Local Security Checks mgasa-2016-0098", "modified": "2019-03-14T00:00:00", "published": "2016-03-08T00:00:00", "id": "OPENVAS:1361412562310131256", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131256", "title": "Mageia Linux Local Check: mgasa-2016-0098", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0098.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131256\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-08 07:15:19 +0200 (Tue, 08 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0098\");\n script_tag(name:\"insight\", value:\"This xen update is based on upstream 4.5.2 maintenance release, and fixes various security issues.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0098.html\");\n script_cve_id(\"CVE-2015-0268\", \"CVE-2015-1563\", \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-2150\", \"CVE-2015-2151\", \"CVE-2015-2152\", \"CVE-2015-2751\", \"CVE-2015-2752\", \"CVE-2015-2756\", \"CVE-2015-3209\", \"CVE-2015-3259\", \"CVE-2015-3340\", \"CVE-2015-3456\", \"CVE-2015-4103\", \"CVE-2015-4104\", \"CVE-2015-4105\", \"CVE-2015-4106\", \"CVE-2015-4163\", \"CVE-2015-4164\", \"CVE-2015-5154\", \"CVE-2015-5165\", \"CVE-2015-5166\", \"CVE-2015-5307\", \"CVE-2015-6654\", \"CVE-2015-7311\", \"CVE-2015-7504\", \"CVE-2015-7812\", \"CVE-2015-7813\", \"CVE-2015-7814\", \"CVE-2015-7835\", \"CVE-2015-7969\", \"CVE-2015-7970\", \"CVE-2015-7971\", \"CVE-2015-7972\", \"CVE-2015-8104\", \"CVE-2015-8338\", \"CVE-2015-8339\", \"CVE-2015-8340\", \"CVE-2015-8550\", \"CVE-2015-8555\", \"CVE-2016-1570\", \"CVE-2016-1571\", \"CVE-2016-2270\", \"CVE-2016-2271\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0098\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.5.2~1.5.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:02", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2015-10-16T00:00:00", "id": "OPENVAS:1361412562310850866", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850866", "title": "SuSE Update for Xen SUSE-SU-2015:0613-1 (Xen)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2015_0613_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for Xen SUSE-SU-2015:0613-1 (Xen)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850866\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 13:15:39 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2014-3615\", \"CVE-2014-9065\", \"CVE-2014-9066\", \"CVE-2015-0361\", \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-2151\", \"CVE-2015-2152\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for Xen SUSE-SU-2015:0613-1 (Xen)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The XEN hypervisor received updates to fix various security issues and\n bugs.\n\n The following security issues were fixed:\n\n - CVE-2015-2151: XSA-123: A hypervisor memory corruption due to x86\n emulator flaw.\n\n - CVE-2015-2045: XSA-122: Information leak through version information\n hypercall.\n\n - CVE-2015-2044: XSA-121: Information leak via internal x86 system device\n emulation.\n\n - CVE-2015-2152: XSA-119: HVM qemu was unexpectedly enabling emulated VGA\n graphics backends.\n\n - CVE-2014-3615: Information leakage when guest sets high graphics\n resolution.\n\n - CVE-2015-0361: XSA-116: A xen crash due to use after free on hvm guest\n teardown.\n\n - CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock starvation.\n\n Also the following bugs were fixed:\n\n - bnc#919098 - XEN blktap device intermittently fails to connect\n\n - bnc#882089 - Windows 2012 R2 fails to boot up with greater than 60 vcpus\n\n - bnc#903680 - Problems with detecting free loop devices on Xen guest\n startup\n\n - bnc#861318 - xentop reports 'Found interface vif101.0 but domain 101\n does not exist.'\n\n - Update seabios to rel-1.7.3.1 which is the correct version for Xen 4.4\n\n - Enhancement to virsh/libvirtd 'send-key' command The xen side small fix.\n (FATE#317240)\n\n - bnc#901488 - Intel ixgbe driver assigns rx/tx queues per core resulting\n in irq problems on servers with a large amount of CPU cores\n\n - bnc#910254 - SLES11 SP3 Xen VT-d igb NIC doesn't work\n\n - Add domain_migrate_constraints_set API to Xend's http interface\n (FATE#317239)\n\n - Restore missing fixes from block-dmmd script\n\n - bnc#904255 - XEN boot hangs in early boot on UEFI system\n\n - bsc#912011 - high ping latency after upgrade to latest SLES11SP3 on xen\n Dom0\n\n - Fix missing banner by restoring the figlet program.\");\n script_tag(name:\"affected\", value:\"Xen on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"SUSE-SU\", value:\"2015:0613_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLED12\\.0SP0|SLES12\\.0SP0)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"SLED12.0SP0\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.4.1_10~9.1\", rls:\"SLED12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-debugsource\", rpm:\"xen-debugsource~4.4.1_10~9.1\", rls:\"SLED12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.4.1_10_k3.12.36_38~9.1\", rls:\"SLED12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-default-debuginfo\", rpm:\"xen-kmp-default-debuginfo~4.4.1_10_k3.12.36_38~9.1\", rls:\"SLED12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs-32bit\", rpm:\"xen-libs-32bit~4.4.1_10~9.1\", rls:\"SLED12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~4.4.1_10~9.1\", rls:\"SLED12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs-debuginfo-32bit\", rpm:\"xen-libs-debuginfo-32bit~4.4.1_10~9.1\", rls:\"SLED12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs-debuginfo\", rpm:\"xen-libs-debuginfo~4.4.1_10~9.1\", rls:\"SLED12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"SLES12.0SP0\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-debugsource\", rpm:\"xen-debugsource~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.4.1_10_k3.12.36_38~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-default-debuginfo\", rpm:\"xen-kmp-default-debuginfo~4.4.1_10_k3.12.36_38~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs-32bit\", rpm:\"xen-libs-32bit~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs-debuginfo-32bit\", rpm:\"xen-libs-debuginfo-32bit~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs-debuginfo\", rpm:\"xen-libs-debuginfo~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-tools-debuginfo\", rpm:\"xen-tools-debuginfo~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-tools-domU-debuginfo\", rpm:\"xen-tools-domU-debuginfo~4.4.1_10~9.1\", rls:\"SLES12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:02", "bulletinFamily": "scanner", "description": "Gentoo Linux Local Security Checks GLSA 201504-04", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121371", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121371", "title": "Gentoo Security Advisory GLSA 201504-04", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201504-04.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121371\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:46 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201504-04\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201504-04\");\n script_cve_id(\"CVE-2013-2212\", \"CVE-2013-3495\", \"CVE-2014-3967\", \"CVE-2014-3968\", \"CVE-2014-5146\", \"CVE-2014-5149\", \"CVE-2014-8594\", \"CVE-2014-8595\", \"CVE-2014-8866\", \"CVE-2014-8867\", \"CVE-2014-9030\", \"CVE-2014-9065\", \"CVE-2014-9066\", \"CVE-2015-0361\", \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-2152\", \"CVE-2015-2751\", \"CVE-2015-2752\", \"CVE-2015-2756\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201504-04\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"app-emulation/xen\", unaffected: make_list(\"ge 4.4.2-r1\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-emulation/xen\", unaffected: make_list(\"ge 4.2.5-r8\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-emulation/xen\", unaffected: make_list(), vulnerable: make_list(\"lt 4.4.2-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:29", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2015-09-18T00:00:00", "id": "OPENVAS:1361412562310850674", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850674", "title": "SuSE Update for xen openSUSE-SU-2015:1092-1 (xen)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2015_1092_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for xen openSUSE-SU-2015:1092-1 (xen)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850674\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-18 10:29:15 +0200 (Fri, 18 Sep 2015)\");\n script_cve_id(\"CVE-2014-3615\", \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-2151\", \"CVE-2015-2152\", \"CVE-2015-2751\", \"CVE-2015-2752\", \"CVE-2015-2756\", \"CVE-2015-3209\", \"CVE-2015-3340\", \"CVE-2015-3456\", \"CVE-2015-4103\", \"CVE-2015-4104\", \"CVE-2015-4105\", \"CVE-2015-4106\", \"CVE-2015-4163\", \"CVE-2015-4164\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for xen openSUSE-SU-2015:1092-1 (xen)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Xen was updated to 4.4.2 to fix multiple vulnerabilities and non-security\n bugs.\n\n The following vulnerabilities were fixed:\n\n * CVE-2015-4103: Potential unintended writes to host MSI message data\n field via qemu (XSA-128) (boo#931625)\n\n * CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests\n (XSA-129) (boo#931626)\n\n * CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages\n (XSA-130) (boo#931627)\n\n * CVE-2015-4106: Unmediated PCI register access in qemu (XSA-131)\n (boo#931628)\n\n * CVE-2015-4164: DoS through iret hypercall handler (XSA-136) (boo#932996)\n\n * CVE-2015-4163: GNTTABOP_swap_grant_ref operation misbehavior (XSA-134)\n (boo#932790)\n\n * CVE-2015-3209: heap overflow in qemu pcnet controller allowing guest to\n host escape (XSA-135) (boo#932770)\n\n * CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation,\n which could be used to denial of service attacks or potential code\n execution against the host. ()\n\n * CVE-2015-3340: Xen did not initialize certain fields, which allowed\n certain remote service domains to obtain sensitive information from\n memory via a (1) XEN_DOMCTL_gettscinfo or (2)\n XEN_SYSCTL_getdomaininfolist request. ()\n\n * CVE-2015-2752: Long latency MMIO mapping operations are not preemptible\n (XSA-125 boo#922705)\n\n * CVE-2015-2756: Unmediated PCI command register access in qemu (XSA-126\n boo#922706)\n\n * CVE-2015-2751: Certain domctl operations may be abused to lock up the\n host (XSA-127 boo#922709)\n\n * CVE-2015-2151: Hypervisor memory corruption due to x86 emulator flaw\n (boo#919464 XSA-123)\n\n * CVE-2015-2045: Information leak through version information hypercall\n (boo#918998 XSA-122)\n\n * CVE-2015-2044: Information leak via internal x86 system device emulation\n (boo#918995 (XSA-121)\n\n * CVE-2015-2152: HVM qemu unexpectedly enabling emulated VGA graphics\n backends (boo#919663 XSA-119)\n\n * CVE-2014-3615: information leakage when guest sets high resolution\n (boo#895528)\n\n The following non-security bugs were fixed:\n\n * xentop: Fix memory leak on read failure\n\n * boo#923758: xen dmesg contains bogus output in early boot\n\n * boo#921842: Xentop doesn't display disk statistics for VMs using qdisks\n\n * boo#919098: L3: XEN blktap device intermittently fails to connect\n\n * boo#882089: Windows 2012 R2 fails to boot up with greater than 60 vcpus\n\n * boo#903680: Problems with detecting free loop devices on Xen guest\n startup\n\n * boo#861318: xentop reports 'Found interface vif101.0 but domain 101 does\n not exist.'\n\n * boo#901488: Intel ixgbe driver assigns rx/tx queues per core resulting\n in irq problems on servers with a ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"xen on openSUSE 13.2\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1092_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen-debugsource\", rpm:\"xen-debugsource~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs-debuginfo\", rpm:\"xen-libs-debuginfo~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-tools-domU-debuginfo\", rpm:\"xen-tools-domU-debuginfo~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.4.2_06_k3.16.7_21~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-default-debuginfo\", rpm:\"xen-kmp-default-debuginfo~4.4.2_06_k3.16.7_21~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-desktop\", rpm:\"xen-kmp-desktop~4.4.2_06_k3.16.7_21~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-desktop-debuginfo\", rpm:\"xen-kmp-desktop-debuginfo~4.4.2_06_k3.16.7_21~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs-32bit\", rpm:\"xen-libs-32bit~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs-debuginfo-32bit\", rpm:\"xen-libs-debuginfo-32bit~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-tools-debuginfo\", rpm:\"xen-tools-debuginfo~4.4.2_06~23.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:30", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-08-13T00:00:00", "id": "OPENVAS:1361412562310869858", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869858", "title": "Fedora Update for xen FEDORA-2015-12714", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2015-12714\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869858\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-13 06:37:06 +0200 (Thu, 13 Aug 2015)\");\n script_cve_id(\"CVE-2015-5154\", \"CVE-2015-3259\", \"CVE-2015-3209\", \"CVE-2015-4163\",\n \"CVE-2015-4164\", \"CVE-2015-4103\", \"CVE-2015-4104\", \"CVE-2015-4105\",\n \"CVE-2015-4106\", \"CVE-2015-3456\", \"CVE-2015-3340\", \"CVE-2015-2752\",\n \"CVE-2015-2756\", \"CVE-2015-2751\", \"CVE-2015-2152\", \"CVE-2015-2151\",\n \"CVE-2015-1563\", \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-0361\",\n \"CVE-2014-9065\", \"CVE-2014-8866\", \"CVE-2014-8867\", \"CVE-2014-9030\",\n \"CVE-2014-8594\", \"CVE-2014-8595\", \"CVE-2014-0150\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2015-12714\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-12714\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-August/163681.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.4.2~9.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:01", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-07-19T00:00:00", "id": "OPENVAS:1361412562310869777", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869777", "title": "Fedora Update for xen FEDORA-2015-11247", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2015-11247\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869777\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-19 06:37:48 +0200 (Sun, 19 Jul 2015)\");\n script_cve_id(\"CVE-2015-3259\", \"CVE-2015-3209\", \"CVE-2015-4163\", \"CVE-2015-4164\",\n \"CVE-2015-4103\", \"CVE-2015-4104\", \"CVE-2015-4105\", \"CVE-2015-4106\",\n \"CVE-2015-3456\", \"CVE-2015-3340\", \"CVE-2015-2752\", \"CVE-2015-2756\",\n \"CVE-2015-2751\", \"CVE-2015-2152\", \"CVE-2015-2151\", \"CVE-2015-1563\",\n \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-0361\", \"CVE-2014-9065\",\n \"CVE-2014-8866\", \"CVE-2014-8867\", \"CVE-2014-9030\", \"CVE-2014-8594\",\n \"CVE-2014-8595\", \"CVE-2014-0150\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2015-11247\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-11247\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/162192.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.4.2~7.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:54", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-06-25T00:00:00", "id": "OPENVAS:1361412562310869462", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869462", "title": "Fedora Update for xen FEDORA-2015-9978", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2015-9978\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869462\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-25 06:29:54 +0200 (Thu, 25 Jun 2015)\");\n script_cve_id(\"CVE-2015-3209\", \"CVE-2015-4163\", \"CVE-2015-4164\", \"CVE-2015-4103\",\n \"CVE-2015-4104\", \"CVE-2015-4105\", \"CVE-2015-4106\", \"CVE-2015-3456\",\n \"CVE-2015-3340\", \"CVE-2015-2752\", \"CVE-2015-2756\", \"CVE-2015-2751\",\n \"CVE-2015-2152\", \"CVE-2015-2151\", \"CVE-2015-1563\", \"CVE-2015-2044\",\n \"CVE-2015-2045\", \"CVE-2015-0361\", \"CVE-2014-9065\", \"CVE-2014-8866\",\n \"CVE-2014-8867\", \"CVE-2014-9030\", \"CVE-2014-8594\", \"CVE-2014-8595\",\n \"CVE-2014-0150\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2015-9978\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9978\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160677.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.4.2~6.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:16", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-06-25T00:00:00", "id": "OPENVAS:1361412562310869464", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869464", "title": "Fedora Update for xen FEDORA-2015-9965", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2015-9965\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869464\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-25 06:31:41 +0200 (Thu, 25 Jun 2015)\");\n script_cve_id(\"CVE-2015-3209\", \"CVE-2015-4163\", \"CVE-2015-4164\", \"CVE-2015-4103\",\n \"CVE-2015-4104\", \"CVE-2015-4105\", \"CVE-2015-4106\", \"CVE-2015-3456\",\n \"CVE-2015-3340\", \"CVE-2015-2752\", \"CVE-2015-2756\", \"CVE-2015-2751\",\n \"CVE-2015-2152\", \"CVE-2015-2151\", \"CVE-2015-2044\", \"CVE-2015-2045\",\n \"CVE-2015-0361\", \"CVE-2014-9065\", \"CVE-2014-8866\", \"CVE-2014-8867\",\n \"CVE-2014-9030\", \"CVE-2014-8594\", \"CVE-2014-8595\", \"CVE-2014-0150\",\n \"CVE-2014-7188\", \"CVE-2014-7154\", \"CVE-2014-7155\", \"CVE-2014-7156\",\n \"CVE-2014-5146\", \"CVE-2014-4021\", \"CVE-2014-3967\", \"CVE-2014-3968\",\n \"CVE-2014-3124\", \"CVE-2014-2599\", \"CVE-2013-2212\", \"CVE-2014-1950\",\n \"CVE-2014-1891\", \"CVE-2014-1892\", \"CVE-2014-1893\", \"CVE-2014-1894\",\n \"CVE-2014-1895\", \"CVE-2014-1896\", \"CVE-2014-1666\", \"CVE-2014-1642\",\n \"CVE-2013-6400\", \"CVE-2013-6885\", \"CVE-2013-4553\", \"CVE-2013-4554\",\n \"CVE-2013-6375\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2015-9965\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9965\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.3.4~6.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:05", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-06-15T00:00:00", "id": "OPENVAS:1361412562310869445", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869445", "title": "Fedora Update for xen FEDORA-2015-9466", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2015-9466\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869445\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-15 06:11:02 +0200 (Mon, 15 Jun 2015)\");\n script_cve_id(\"CVE-2015-4103\", \"CVE-2015-4104\", \"CVE-2015-4105\", \"CVE-2015-4106\",\n \"CVE-2015-3456\", \"CVE-2015-3340\", \"CVE-2015-2752\", \"CVE-2015-2756\",\n \"CVE-2015-2751\", \"CVE-2015-2152\", \"CVE-2015-2151\", \"CVE-2015-1563\",\n \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-0361\", \"CVE-2014-9065\",\n \"CVE-2014-8866\", \"CVE-2014-8867\", \"CVE-2014-9030\", \"CVE-2014-8594\",\n \"CVE-2014-8595\", \"CVE-2014-0150\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2015-9466\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9466\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.4.2~5.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:59", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-06-09T00:00:00", "id": "OPENVAS:1361412562310869433", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869433", "title": "Fedora Update for xen FEDORA-2015-8252", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2015-8252\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869433\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 10:57:49 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-3456\", \"CVE-2015-3340\", \"CVE-2015-2752\", \"CVE-2015-2756\",\n \"CVE-2015-2751\", \"CVE-2015-2152\", \"CVE-2015-2151\", \"CVE-2015-2044\",\n \"CVE-2015-2045\", \"CVE-2015-0361\", \"CVE-2014-9065\", \"CVE-2014-8866\",\n \"CVE-2014-8867\", \"CVE-2014-9030\", \"CVE-2014-8594\", \"CVE-2014-8595\",\n \"CVE-2014-0150\", \"CVE-2014-7188\", \"CVE-2014-7154\", \"CVE-2014-7155\",\n \"CVE-2014-7156\", \"CVE-2014-5146\", \"CVE-2014-4021\", \"CVE-2014-3967\",\n \"CVE-2014-3968\", \"CVE-2014-3124\", \"CVE-2014-2599\", \"CVE-2013-2212\",\n \"CVE-2014-1950\", \"CVE-2014-1891\", \"CVE-2014-1892\", \"CVE-2014-1893\",\n \"CVE-2014-1894\", \"CVE-2014-1895\", \"CVE-2014-1896\", \"CVE-2014-1666\",\n \"CVE-2014-1642\", \"CVE-2013-6400\", \"CVE-2013-6885\", \"CVE-2013-4553\",\n \"CVE-2013-4554\", \"CVE-2013-6375\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2015-8252\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-8252\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-May/158562.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.3.4~4.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2019-02-21T01:26:18", "bulletinFamily": "scanner", "description": "phpMyAdmin 4.5.4 (2016-01-28) ============================= - live data edit of big sets is not working - Table list not saved in db QBE bookmarked search - While 'changing a column', query fails with a syntax error after the 'CHARSET=' keyword - Avoid syntax error in JavaScript messages on invalid PHP setting for max_input_vars - Properly handle errors in upacking zip archive - Set PHP's internal encoding to UTF-8 - Fixed Kanji encoding in some specific cases - Check whether iconv works before using it - Avoid conversion of MySQL error messages - Undefined index: parameters - Undefined index:\nfield_name_orig - Undefined index: host - 'Add to central columns' (per column button) does nothing - SQL duplicate entry error trying to INSERT in designer_settings table - Fix handling of databases with dot in a name - Fix hiding of page content behind menu - FROM clause not generated after loading search bookmark - Fix creating/editing VIEW with DEFINER containing special chars - Do not invoke FLUSH PRIVILEGES when server in --skip-grant-tables - Misleading message for configuration storage - Table pagination does nothing when session expired - Index comments not working properly - Better handle local storage errors - Improve detection of privileges for privilege adjusting - Undefined property: stdClass::$releases at version check when disabled in config - SQL comment and variable stripped from bookmark on save - Gracefully handle errors in regex based JavaScript search - [Security] Multiple full path disclosure vulnerabilities, see PMASA-2016-1 - [Security] Unsafe generation of CSRF token, see PMASA-2016-2 - [Security] Multiple XSS vulnerabilities, see PMASA-2016-3 - [Security] Insecure password generation in JavaScript, see PMASA-2016-4 - [Security] Unsafe comparison of CSRF token, see PMASA-2016-5 - [Security] Multiple full path disclosure vulnerabilities, see PMASA-2016-6 - [Security] XSS vulnerability in normalization page, see PMASA-2016-7 - [Security] Full path disclosure vulnerability in SQL parser, see PMASA-2016-8 - [Security] XSS vulnerability in SQL editor, see PMASA-2016-9\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2016-10-18T00:00:00", "id": "FEDORA_2016-E1FE01E96E.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=89625", "published": "2016-03-04T00:00:00", "title": "Fedora 22 : phpMyAdmin-4.5.4-1.fc22 (2016-e1fe01e96e)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-e1fe01e96e.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89625);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/10/18 17:03:07 $\");\n\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2038\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\", \"CVE-2016-2042\", \"CVE-2016-2043\", \"CVE-2016-2044\", \"CVE-2016-2045\");\n script_xref(name:\"FEDORA\", value:\"2016-e1fe01e96e\");\n\n script_name(english:\"Fedora 22 : phpMyAdmin-4.5.4-1.fc22 (2016-e1fe01e96e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"phpMyAdmin 4.5.4 (2016-01-28) ============================= - live\ndata edit of big sets is not working - Table list not saved in db QBE\nbookmarked search - While 'changing a column', query fails with a\nsyntax error after the 'CHARSET=' keyword - Avoid syntax error in\nJavaScript messages on invalid PHP setting for max_input_vars -\nProperly handle errors in upacking zip archive - Set PHP's internal\nencoding to UTF-8 - Fixed Kanji encoding in some specific cases -\nCheck whether iconv works before using it - Avoid conversion of MySQL\nerror messages - Undefined index: parameters - Undefined index:\nfield_name_orig - Undefined index: host - 'Add to central columns'\n(per column button) does nothing - SQL duplicate entry error trying to\nINSERT in designer_settings table - Fix handling of databases with dot\nin a name - Fix hiding of page content behind menu - FROM clause not\ngenerated after loading search bookmark - Fix creating/editing VIEW\nwith DEFINER containing special chars - Do not invoke FLUSH PRIVILEGES\nwhen server in --skip-grant-tables - Misleading message for\nconfiguration storage - Table pagination does nothing when session\nexpired - Index comments not working properly - Better handle local\nstorage errors - Improve detection of privileges for privilege\nadjusting - Undefined property: stdClass::$releases at version check\nwhen disabled in config - SQL comment and variable stripped from\nbookmark on save - Gracefully handle errors in regex based JavaScript\nsearch - [Security] Multiple full path disclosure vulnerabilities, see\nPMASA-2016-1 - [Security] Unsafe generation of CSRF token, see\nPMASA-2016-2 - [Security] Multiple XSS vulnerabilities, see\nPMASA-2016-3 - [Security] Insecure password generation in JavaScript,\nsee PMASA-2016-4 - [Security] Unsafe comparison of CSRF token, see\nPMASA-2016-5 - [Security] Multiple full path disclosure\nvulnerabilities, see PMASA-2016-6 - [Security] XSS vulnerability in\nnormalization page, see PMASA-2016-7 - [Security] Full path disclosure\nvulnerability in SQL parser, see PMASA-2016-8 - [Security] XSS\nvulnerability in SQL editor, see PMASA-2016-9\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302686\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f479b586\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"phpMyAdmin-4.5.4-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-02-21T01:26:18", "bulletinFamily": "scanner", "description": "phpMyAdmin 4.5.4.1 (2016-01-28) =============================== - Error with PMA 4.4.15.3 - Remove hard dependency on phpseclib phpMyAdmin 4.5.4 (2016-01-28) ============================= - live data edit of big sets is not working - Table list not saved in db QBE bookmarked search - While 'changing a column', query fails with a syntax error after the 'CHARSET=' keyword - Avoid syntax error in JavaScript messages on invalid PHP setting for max_input_vars - Properly handle errors in upacking zip archive - Set PHP's internal encoding to UTF-8 - Fixed Kanji encoding in some specific cases - Check whether iconv works before using it - Avoid conversion of MySQL error messages - Undefined index: parameters - Undefined index:\nfield_name_orig - Undefined index: host - 'Add to central columns' (per column button) does nothing - SQL duplicate entry error trying to INSERT in designer_settings table - Fix handling of databases with dot in a name - Fix hiding of page content behind menu - FROM clause not generated after loading search bookmark - Fix creating/editing VIEW with DEFINER containing special chars - Do not invoke FLUSH PRIVILEGES when server in --skip- grant-tables - Misleading message for configuration storage - Table pagination does nothing when session expired - Index comments not working properly - Better handle local storage errors - Improve detection of privileges for privilege adjusting - Undefined property: stdClass::$releases at version check when disabled in config - SQL comment and variable stripped from bookmark on save - Gracefully handle errors in regex based JavaScript search - [Security] Multiple full path disclosure vulnerabilities, see PMASA-2016-1 - [Security] Unsafe generation of CSRF token, see PMASA-2016-2 - [Security] Multiple XSS vulnerabilities, see PMASA-2016-3 - [Security] Insecure password generation in JavaScript, see PMASA-2016-4 - [Security] Unsafe comparison of CSRF token, see PMASA-2016-5 - [Security] Multiple full path disclosure vulnerabilities, see PMASA-2016-6 - [Security] XSS vulnerability in normalization page, see PMASA-2016-7 - [Security] Full path disclosure vulnerability in SQL parser, see PMASA-2016-8 - [Security] XSS vulnerability in SQL editor, see PMASA-2016-9\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2016-10-18T00:00:00", "id": "FEDORA_2016-E55278763E.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=89630", "published": "2016-03-04T00:00:00", "title": "Fedora 23 : phpMyAdmin-4.5.4.1-1.fc23 (2016-e55278763e)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-e55278763e.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89630);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/10/18 17:03:08 $\");\n\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2038\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\", \"CVE-2016-2042\", \"CVE-2016-2043\", \"CVE-2016-2044\", \"CVE-2016-2045\");\n script_xref(name:\"FEDORA\", value:\"2016-e55278763e\");\n\n script_name(english:\"Fedora 23 : phpMyAdmin-4.5.4.1-1.fc23 (2016-e55278763e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"phpMyAdmin 4.5.4.1 (2016-01-28) =============================== -\nError with PMA 4.4.15.3 - Remove hard dependency on phpseclib\nphpMyAdmin 4.5.4 (2016-01-28) ============================= - live\ndata edit of big sets is not working - Table list not saved in db QBE\nbookmarked search - While 'changing a column', query fails with a\nsyntax error after the 'CHARSET=' keyword - Avoid syntax error in\nJavaScript messages on invalid PHP setting for max_input_vars -\nProperly handle errors in upacking zip archive - Set PHP's internal\nencoding to UTF-8 - Fixed Kanji encoding in some specific cases -\nCheck whether iconv works before using it - Avoid conversion of MySQL\nerror messages - Undefined index: parameters - Undefined index:\nfield_name_orig - Undefined index: host - 'Add to central columns'\n(per column button) does nothing - SQL duplicate entry error trying to\nINSERT in designer_settings table - Fix handling of databases with dot\nin a name - Fix hiding of page content behind menu - FROM clause not\ngenerated after loading search bookmark - Fix creating/editing VIEW\nwith DEFINER containing special chars - Do not invoke FLUSH PRIVILEGES\nwhen server in --skip- grant-tables - Misleading message for\nconfiguration storage - Table pagination does nothing when session\nexpired - Index comments not working properly - Better handle local\nstorage errors - Improve detection of privileges for privilege\nadjusting - Undefined property: stdClass::$releases at version check\nwhen disabled in config - SQL comment and variable stripped from\nbookmark on save - Gracefully handle errors in regex based JavaScript\nsearch - [Security] Multiple full path disclosure vulnerabilities, see\nPMASA-2016-1 - [Security] Unsafe generation of CSRF token, see\nPMASA-2016-2 - [Security] Multiple XSS vulnerabilities, see\nPMASA-2016-3 - [Security] Insecure password generation in JavaScript,\nsee PMASA-2016-4 - [Security] Unsafe comparison of CSRF token, see\nPMASA-2016-5 - [Security] Multiple full path disclosure\nvulnerabilities, see PMASA-2016-6 - [Security] XSS vulnerability in\nnormalization page, see PMASA-2016-7 - [Security] Full path disclosure\nvulnerability in SQL parser, see PMASA-2016-8 - [Security] XSS\nvulnerability in SQL editor, see PMASA-2016-9\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302686\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?849850b3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"phpMyAdmin-4.5.4.1-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-02-21T01:24:33", "bulletinFamily": "scanner", "description": "The Xen Project reports :\n\nEmulation routines in the hypervisor dealing with certain system devices check whether the access size by the guest is a supported one.\nWhen the access size is unsupported these routines failed to set the data to be returned to the guest for read accesses, so that hypervisor stack contents are copied into the destination of the operation, thus becoming visible to the guest.\n\nA malicious HVM guest might be able to read sensitive data relating to other guests.", "modified": "2018-11-10T00:00:00", "id": "FREEBSD_PKG_5023F55927E211E5A4A5002590263BF5.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84701", "published": "2015-07-14T00:00:00", "title": "FreeBSD : xen-kernel -- Information leak via internal x86 system device emulation (5023f559-27e2-11e5-a4a5-002590263bf5)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84701);\n script_version(\"2.2\");\n script_cvs_date(\"Date: 2018/11/10 11:49:44\");\n\n script_cve_id(\"CVE-2015-2044\");\n\n script_name(english:\"FreeBSD : xen-kernel -- Information leak via internal x86 system device emulation (5023f559-27e2-11e5-a4a5-002590263bf5)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Xen Project reports :\n\nEmulation routines in the hypervisor dealing with certain system\ndevices check whether the access size by the guest is a supported one.\nWhen the access size is unsupported these routines failed to set the\ndata to be returned to the guest for read accesses, so that hypervisor\nstack contents are copied into the destination of the operation, thus\nbecoming visible to the guest.\n\nA malicious HVM guest might be able to read sensitive data relating to\nother guests.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://xenbits.xen.org/xsa/advisory-121.html\"\n );\n # https://vuxml.freebsd.org/freebsd/5023f559-27e2-11e5-a4a5-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a1d5ded1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:xen-kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"xen-kernel<4.5.0_3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-02-21T01:24:23", "bulletinFamily": "scanner", "description": "Xen was updated to 4.4.2 to fix multiple vulnerabilities and non-security bugs.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu (XSA-128) (boo#931625)\n\n - CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests (XSA-129) (boo#931626)\n\n - CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages (XSA-130) (boo#931627)\n\n - CVE-2015-4106: Unmediated PCI register access in qemu (XSA-131) (boo#931628)\n\n - CVE-2015-4164: DoS through iret hypercall handler (XSA-136) (boo#932996)\n\n - CVE-2015-4163: GNTTABOP_swap_grant_ref operation misbehavior (XSA-134) (boo#932790)\n\n - CVE-2015-3209: heap overflow in qemu pcnet controller allowing guest to host escape (XSA-135) (boo#932770)\n\n - CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation, which could be used to denial of service attacks or potential code execution against the host. ()\n\n - CVE-2015-3340: Xen did not initialize certain fields, which allowed certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. ()\n\n - CVE-2015-2752: Long latency MMIO mapping operations are not preemptible (XSA-125 boo#922705)\n\n - CVE-2015-2756: Unmediated PCI command register access in qemu (XSA-126 boo#922706)\n\n - CVE-2015-2751: Certain domctl operations may be abused to lock up the host (XSA-127 boo#922709)\n\n - CVE-2015-2151: Hypervisor memory corruption due to x86 emulator flaw (boo#919464 XSA-123)\n\n - CVE-2015-2045: Information leak through version information hypercall (boo#918998 XSA-122)\n\n - CVE-2015-2044: Information leak via internal x86 system device emulation (boo#918995 (XSA-121)\n\n - CVE-2015-2152: HVM qemu unexpectedly enabling emulated VGA graphics backends (boo#919663 XSA-119)\n\n - CVE-2014-3615: information leakage when guest sets high resolution (boo#895528)\n\nThe following non-security bugs were fixed :\n\n - xentop: Fix memory leak on read failure \n\n - boo#923758: xen dmesg contains bogus output in early boot\n\n - boo#921842: Xentop doesn't display disk statistics for VMs using qdisks\n\n - boo#919098: L3: XEN blktap device intermittently fails to connect \n\n - boo#882089: Windows 2012 R2 fails to boot up with greater than 60 vcpus\n\n - boo#903680: Problems with detecting free loop devices on Xen guest startup\n\n - boo#861318: xentop reports 'Found interface vif101.0 but domain 101 does not exist.'\n\n - boo#901488: Intel ixgbe driver assigns rx/tx queues per core resulting in irq problems on servers with a large amount of CPU cores\n\n - boo#910254: SLES11 SP3 Xen VT-d igb NIC doesn't work\n\n - boo#912011: high ping latency after upgrade to latest SLES11SP3 on xen Dom0\n\n - boo#906689: let systemd schedule xencommons after network-online.target and remote-fs.target so that xendomains has access to remote shares\n\nThe following functionality was enabled or enhanced :\n\n - Enable spice support in qemu for x86_64\n\n - Add Qxl vga support\n\n - Enhancement to virsh/libvirtd 'send-key' command (FATE#317240)\n\n - Add domain_migrate_constraints_set API to Xend's http interface (FATE#317239)", "modified": "2015-10-22T00:00:00", "id": "OPENSUSE-2015-434.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84333", "published": "2015-06-23T00:00:00", "title": "openSUSE Security Update : xen (openSUSE-2015-434) (Venom)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-434.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84333);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2015/10/22 14:14:59 $\");\n\n script_cve_id(\"CVE-2014-3615\", \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-2151\", \"CVE-2015-2152\", \"CVE-2015-2751\", \"CVE-2015-2752\", \"CVE-2015-2756\", \"CVE-2015-3209\", \"CVE-2015-3340\", \"CVE-2015-3456\", \"CVE-2015-4103\", \"CVE-2015-4104\", \"CVE-2015-4105\", \"CVE-2015-4106\", \"CVE-2015-4163\", \"CVE-2015-4164\");\n\n script_name(english:\"openSUSE Security Update : xen (openSUSE-2015-434) (Venom)\");\n script_summary(english:\"Check for the openSUSE-2015-434 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Xen was updated to 4.4.2 to fix multiple vulnerabilities and\nnon-security bugs.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-4103: Potential unintended writes to host MSI\n message data field via qemu (XSA-128) (boo#931625)\n\n - CVE-2015-4104: PCI MSI mask bits inadvertently exposed\n to guests (XSA-129) (boo#931626)\n\n - CVE-2015-4105: Guest triggerable qemu MSI-X pass-through\n error messages (XSA-130) (boo#931627)\n\n - CVE-2015-4106: Unmediated PCI register access in qemu\n (XSA-131) (boo#931628)\n\n - CVE-2015-4164: DoS through iret hypercall handler\n (XSA-136) (boo#932996)\n\n - CVE-2015-4163: GNTTABOP_swap_grant_ref operation\n misbehavior (XSA-134) (boo#932790)\n\n - CVE-2015-3209: heap overflow in qemu pcnet controller\n allowing guest to host escape (XSA-135) (boo#932770)\n\n - CVE-2015-3456: Fixed a buffer overflow in the floppy\n drive emulation, which could be used to denial of\n service attacks or potential code execution against the\n host. ()\n\n - CVE-2015-3340: Xen did not initialize certain fields,\n which allowed certain remote service domains to obtain\n sensitive information from memory via a (1)\n XEN_DOMCTL_gettscinfo or (2)\n XEN_SYSCTL_getdomaininfolist request. ()\n\n - CVE-2015-2752: Long latency MMIO mapping operations are\n not preemptible (XSA-125 boo#922705)\n\n - CVE-2015-2756: Unmediated PCI command register access in\n qemu (XSA-126 boo#922706)\n\n - CVE-2015-2751: Certain domctl operations may be abused\n to lock up the host (XSA-127 boo#922709)\n\n - CVE-2015-2151: Hypervisor memory corruption due to x86\n emulator flaw (boo#919464 XSA-123)\n\n - CVE-2015-2045: Information leak through version\n information hypercall (boo#918998 XSA-122)\n\n - CVE-2015-2044: Information leak via internal x86 system\n device emulation (boo#918995 (XSA-121)\n\n - CVE-2015-2152: HVM qemu unexpectedly enabling emulated\n VGA graphics backends (boo#919663 XSA-119)\n\n - CVE-2014-3615: information leakage when guest sets high\n resolution (boo#895528)\n\nThe following non-security bugs were fixed :\n\n - xentop: Fix memory leak on read failure \n\n - boo#923758: xen dmesg contains bogus output in early\n boot\n\n - boo#921842: Xentop doesn't display disk statistics for\n VMs using qdisks\n\n - boo#919098: L3: XEN blktap device intermittently fails\n to connect \n\n - boo#882089: Windows 2012 R2 fails to boot up with\n greater than 60 vcpus\n\n - boo#903680: Problems with detecting free loop devices on\n Xen guest startup\n\n - boo#861318: xentop reports 'Found interface vif101.0 but\n domain 101 does not exist.'\n\n - boo#901488: Intel ixgbe driver assigns rx/tx queues per\n core resulting in irq problems on servers with a large\n amount of CPU cores\n\n - boo#910254: SLES11 SP3 Xen VT-d igb NIC doesn't work\n\n - boo#912011: high ping latency after upgrade to latest\n SLES11SP3 on xen Dom0\n\n - boo#906689: let systemd schedule xencommons after\n network-online.target and remote-fs.target so that\n xendomains has access to remote shares\n\nThe following functionality was enabled or enhanced :\n\n - Enable spice support in qemu for x86_64\n\n - Add Qxl vga support\n\n - Enhancement to virsh/libvirtd 'send-key' command\n (FATE#317240)\n\n - Add domain_migrate_constraints_set API to Xend's http\n interface (FATE#317239)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=861318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=882089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=895528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=901488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=903680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=906689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=910254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=912011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=918995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=918998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=919098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=919464\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=919663\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=921842\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=923758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=927967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=929339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=931625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=931626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=931627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=931628\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=932770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=932790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=932996\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/14\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-debugsource-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-devel-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-libs-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-libs-debuginfo-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-tools-domU-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-tools-domU-debuginfo-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-doc-html-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.2_06_k3.16.7_21-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-default-debuginfo-4.4.2_06_k3.16.7_21-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-desktop-4.4.2_06_k3.16.7_21-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-desktop-debuginfo-4.4.2_06_k3.16.7_21-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-tools-4.4.2_06-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.4.2_06-23.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen-debugsource / xen-devel / xen-libs-32bit / xen-libs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:24:20", "bulletinFamily": "scanner", "description": "The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0068 for details.", "modified": "2018-09-05T00:00:00", "id": "ORACLEVM_OVMSA-2015-0068.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84140", "published": "2015-06-12T00:00:00", "title": "OracleVM 3.2 : xen (OVMSA-2015-0068) (POODLE) (Venom)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0068.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84140);\n script_version(\"2.16\");\n script_cvs_date(\"Date: 2018/09/05 15:02:26\");\n\n script_cve_id(\"CVE-2006-1056\", \"CVE-2007-0998\", \"CVE-2012-0029\", \"CVE-2012-2625\", \"CVE-2012-2934\", \"CVE-2012-3433\", \"CVE-2012-3494\", \"CVE-2012-3495\", \"CVE-2012-3496\", \"CVE-2012-3497\", \"CVE-2012-3498\", \"CVE-2012-3515\", \"CVE-2012-4535\", \"CVE-2012-4536\", \"CVE-2012-4537\", \"CVE-2012-4538\", \"CVE-2012-4544\", \"CVE-2012-5510\", \"CVE-2012-5511\", \"CVE-2012-5512\", \"CVE-2012-5513\", \"CVE-2012-5514\", \"CVE-2012-5515\", \"CVE-2012-5634\", \"CVE-2013-0153\", \"CVE-2013-0215\", \"CVE-2013-1432\", \"CVE-2013-1442\", \"CVE-2013-1917\", \"CVE-2013-1918\", \"CVE-2013-1919\", \"CVE-2013-1920\", \"CVE-2013-1952\", \"CVE-2013-1964\", \"CVE-2013-2072\", \"CVE-2013-2076\", \"CVE-2013-2077\", \"CVE-2013-2078\", \"CVE-2013-2194\", \"CVE-2013-2195\", \"CVE-2013-2196\", \"CVE-2013-2211\", \"CVE-2013-4329\", \"CVE-2013-4355\", \"CVE-2013-4361\", \"CVE-2013-4368\", \"CVE-2013-4494\", \"CVE-2013-4553\", \"CVE-2013-4554\", \"CVE-2013-6400\", \"CVE-2013-6885\", \"CVE-2014-1892\", \"CVE-2014-1893\", \"CVE-2014-1950\", \"CVE-2014-3566\", \"CVE-2014-5146\", \"CVE-2014-7155\", \"CVE-2014-7156\", \"CVE-2014-7188\", \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-2151\", \"CVE-2015-2752\", \"CVE-2015-2756\", \"CVE-2015-3209\", \"CVE-2015-3456\", \"CVE-2015-4164\");\n script_bugtraq_id(17600, 22967, 51642, 53650, 53961, 54942, 55400, 55406, 55410, 55412, 55413, 55414, 56289, 56498, 56794, 56796, 56797, 56798, 56799, 56803, 57223, 57742, 57745, 58880, 59291, 59292, 59293, 59615, 59617, 59982, 60277, 60278, 60282, 60701, 60702, 60703, 60721, 60799, 62307, 62630, 62708, 62710, 62935, 63494, 63931, 63933, 63983, 64195, 65419, 65529, 69198, 70057, 70062, 70198, 70574, 72577, 72954, 72955, 73015, 73448, 74640, 75123, 75149);\n\n script_name(english:\"OracleVM 3.2 : xen (OVMSA-2015-0068) (POODLE) (Venom)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates : please see Oracle VM Security Advisory\nOVMSA-2015-0068 for details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2015-June/000317.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen / xen-devel / xen-tools packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.2\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.2\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.2\", reference:\"xen-4.1.3-25.el5.127.52\")) flag++;\nif (rpm_check(release:\"OVS3.2\", reference:\"xen-devel-4.1.3-25.el5.127.52\")) flag++;\nif (rpm_check(release:\"OVS3.2\", reference:\"xen-tools-4.1.3-25.el5.127.52\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-devel / xen-tools\");\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:24:15", "bulletinFamily": "scanner", "description": "The Virtualization service XEN was updated to fix various bugs and security issues.\n\nThe following security issues have been fixed :\n\nXSA-125: Long latency MMIO mapping operations were not preemptible.\n\nCVE-2015-2151: XSA-123: Instructions with register operands ignored eventual segment overrides encoded for them. Due to an insufficiently conditional assignment such a bogus segment override could have, however, corrupted a pointer used subsequently to store the result of the instruction.\n\nCVE-2015-2045: XSA-122: The code handling certain sub-operations of the HYPERVISOR_xen_version hypercall failed to fully initialize all fields of structures subsequently copied back to guest memory. Due to this hypervisor stack contents were copied into the destination of the operation, thus becoming visible to the guest.\n\nCVE-2015-2044: XSA-121: Emulation routines in the hypervisor dealing with certain system devices checked whether the access size by the guest is a supported one. When the access size is unsupported these routines failed to set the data to be returned to the guest for read accesses, so that hypervisor stack contents were copied into the destination of the operation, thus becoming visible to the guest.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-31T00:00:00", "id": "SUSE_SU-2015-0744-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83717", "published": "2015-05-20T00:00:00", "title": "SUSE SLES10 Security Update : Xen (SUSE-SU-2015:0744-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0744-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83717);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/07/31 17:27:54\");\n\n script_cve_id(\"CVE-2013-3495\", \"CVE-2014-3615\", \"CVE-2014-5146\", \"CVE-2014-5149\", \"CVE-2014-9065\", \"CVE-2014-9066\", \"CVE-2015-0361\", \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-2151\");\n script_bugtraq_id(61854, 69198, 69199, 69654, 71544, 71546, 71882, 72954, 72955, 73015);\n\n script_name(english:\"SUSE SLES10 Security Update : Xen (SUSE-SU-2015:0744-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Virtualization service XEN was updated to fix various bugs and\nsecurity issues.\n\nThe following security issues have been fixed :\n\nXSA-125: Long latency MMIO mapping operations were not preemptible.\n\nCVE-2015-2151: XSA-123: Instructions with register operands ignored\neventual segment overrides encoded for them. Due to an insufficiently\nconditional assignment such a bogus segment override could have,\nhowever, corrupted a pointer used subsequently to store the result of\nthe instruction.\n\nCVE-2015-2045: XSA-122: The code handling certain sub-operations of\nthe HYPERVISOR_xen_version hypercall failed to fully initialize all\nfields of structures subsequently copied back to guest memory. Due to\nthis hypervisor stack contents were copied into the destination of the\noperation, thus becoming visible to the guest.\n\nCVE-2015-2044: XSA-121: Emulation routines in the hypervisor dealing\nwith certain system devices checked whether the access size by the\nguest is a supported one. When the access size is unsupported these\nroutines failed to set the data to be returned to the guest for read\naccesses, so that hypervisor stack contents were copied into the\ndestination of the operation, thus becoming visible to the guest.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150744-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c1ee6152\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected Xen packages\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-kdumppae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-vmipae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-ioemu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES10\" && (! ereg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-devel-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-doc-html-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-doc-pdf-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-doc-ps-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-debug-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-default-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-kdump-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-smp-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-domU-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-ioemu-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-32bit-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-bigsmp-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-kdumppae-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-vmi-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-vmipae-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-devel-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-doc-html-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-doc-pdf-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-doc-ps-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-debug-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-default-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-kdump-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-smp-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-libs-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-tools-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-tools-domU-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-tools-ioemu-3.2.3_17040_46-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-bigsmp-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-kdumppae-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-vmi-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-vmipae-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Xen\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:24:15", "bulletinFamily": "scanner", "description": "The Virtualization service XEN was updated to fix various bugs and security issues.\n\nThe following security issues have been fixed :\n\nCVE-2015-2756: XSA-126: Unmediated PCI command register access in qemu could have lead to denial of service attacks against the host, if PCI cards are passed through to guests.\n\nXSA-125: Long latency MMIO mapping operations were not preemptible.\n\nCVE-2015-2151: XSA-123: Instructions with register operands ignored eventual segment overrides encoded for them. Due to an insufficiently conditional assignment such a bogus segment override could have, however, corrupted a pointer used subsequently to store the result of the instruction.\n\nCVE-2015-2045: XSA-122: The code handling certain sub-operations of the HYPERVISOR_xen_version hypercall failed to fully initialize all fields of structures subsequently copied back to guest memory. Due to this hypervisor stack contents were copied into the destination of the operation, thus becoming visible to the guest.\n\nCVE-2015-2044: XSA-121: Emulation routines in the hypervisor dealing with certain system devices checked whether the access size by the guest is a supported one. When the access size is unsupported these routines failed to set the data to be returned to the guest for read accesses, so that hypervisor stack contents were copied into the destination of the operation, thus becoming visible to the guest.\n\nAlso fixed :\n\nFully virtualized guest install from network source failed with 'cannot find guest domain' in XEN. (bsc#919341)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-31T00:00:00", "id": "SUSE_SU-2015-0747-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83720", "published": "2015-05-20T00:00:00", "title": "SUSE SLED11 / SLES11 Security Update : Xen (SUSE-SU-2015:0747-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0747-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83720);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/07/31 17:27:54\");\n\n script_cve_id(\"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-2151\", \"CVE-2015-2756\");\n script_bugtraq_id(72577, 72954, 72955, 73015);\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : Xen (SUSE-SU-2015:0747-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Virtualization service XEN was updated to fix various bugs and\nsecurity issues.\n\nThe following security issues have been fixed :\n\nCVE-2015-2756: XSA-126: Unmediated PCI command register access in qemu\ncould have lead to denial of service attacks against the host, if PCI\ncards are passed through to guests.\n\nXSA-125: Long latency MMIO mapping operations were not preemptible.\n\nCVE-2015-2151: XSA-123: Instructions with register operands ignored\neventual segment overrides encoded for them. Due to an insufficiently\nconditional assignment such a bogus segment override could have,\nhowever, corrupted a pointer used subsequently to store the result of\nthe instruction.\n\nCVE-2015-2045: XSA-122: The code handling certain sub-operations of\nthe HYPERVISOR_xen_version hypercall failed to fully initialize all\nfields of structures subsequently copied back to guest memory. Due to\nthis hypervisor stack contents were copied into the destination of the\noperation, thus becoming visible to the guest.\n\nCVE-2015-2044: XSA-121: Emulation routines in the hypervisor dealing\nwith certain system devices checked whether the access size by the\nguest is a supported one. When the access size is unsupported these\nroutines failed to set the data to be returned to the guest for read\naccesses, so that hypervisor stack contents were copied into the\ndestination of the operation, thus becoming visible to the guest.\n\nAlso fixed :\n\nFully virtualized guest install from network source failed with\n'cannot find guest domain' in XEN. (bsc#919341)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150747-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f70b5c93\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11 SP3 :\n\nzypper in -t patch sdksp3-xen-201503=10560\n\nSUSE Linux Enterprise Server 11 SP3 :\n\nzypper in -t patch slessp3-xen-201503=10560\n\nSUSE Linux Enterprise Desktop 11 SP3 :\n\nzypper in -t patch sledsp3-xen-201503=10560\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! ereg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.5_04_3.0.101_0.47.52-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-doc-html-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-doc-pdf-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-kmp-pae-4.2.5_04_3.0.101_0.47.52-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"xen-kmp-default-4.2.5_04_3.0.101_0.47.52-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"xen-libs-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"xen-tools-domU-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"xen-kmp-pae-4.2.5_04_3.0.101_0.47.52-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.5_04_3.0.101_0.47.52-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-doc-html-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-doc-pdf-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-kmp-pae-4.2.5_04_3.0.101_0.47.52-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"xen-kmp-default-4.2.5_04_3.0.101_0.47.52-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"xen-libs-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"xen-tools-domU-4.2.5_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"xen-kmp-pae-4.2.5_04_3.0.101_0.47.52-0.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Xen\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:24:14", "bulletinFamily": "scanner", "description": "The XEN hypervisor received updates to fix various security issues and bugs.\n\nThe following security issues were fixed :\n\n - CVE-2015-2151: XSA-123: A hypervisor memory corruption due to x86 emulator flaw.\n\n - CVE-2015-2045: XSA-122: Information leak through version information hypercall.\n\n - CVE-2015-2044: XSA-121: Information leak via internal x86 system device emulation.\n\n - CVE-2015-2152: XSA-119: HVM qemu was unexpectedly enabling emulated VGA graphics backends.\n\n - CVE-2014-3615: Information leakage when guest sets high graphics resolution.\n\n - CVE-2015-0361: XSA-116: A xen crash due to use after free on hvm guest teardown.\n\n - CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock starvation.\n\nAlso the following bugs were fixed :\n\n - bnc#919098 - XEN blktap device intermittently fails to connect\n\n - bnc#882089 - Windows 2012 R2 fails to boot up with greater than 60 vcpus\n\n - bnc#903680 - Problems with detecting free loop devices on Xen guest startup\n\n - bnc#861318 - xentop reports 'Found interface vif101.0 but domain 101 does not exist.'\n\n - Update seabios to rel-1.7.3.1 which is the correct version for Xen 4.4\n\n - Enhancement to virsh/libvirtd 'send-key' command The xen side small fix. (FATE#317240)\n\n - bnc#901488 - Intel ixgbe driver assigns rx/tx queues per core resulting in irq problems on servers with a large amount of CPU cores\n\n - bnc#910254 - SLES11 SP3 Xen VT-d igb NIC doesn't work\n\n - Add domain_migrate_constraints_set API to Xend's http interface (FATE#317239)\n\n - Restore missing fixes from block-dmmd script\n\n - bnc#904255 - XEN boot hangs in early boot on UEFI system\n\n - bsc#912011 - high ping latency after upgrade to latest SLES11SP3 on xen Dom0\n\n - Fix missing banner by restoring the figlet program.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-29T00:00:00", "id": "SUSE_SU-2015-0613-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83707", "published": "2015-05-20T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : Xen (SUSE-SU-2015:0613-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0613-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83707);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/11/29 12:03:38\");\n\n script_cve_id(\"CVE-2014-3615\", \"CVE-2014-9065\", \"CVE-2014-9066\", \"CVE-2015-0361\", \"CVE-2015-2044\", \"CVE-2015-2045\", \"CVE-2015-2151\", \"CVE-2015-2152\");\n script_bugtraq_id(69654, 71544, 71546, 71882, 72954, 72955, 73015, 73068);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : Xen (SUSE-SU-2015:0613-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The XEN hypervisor received updates to fix various security issues and\nbugs.\n\nThe following security issues were fixed :\n\n - CVE-2015-2151: XSA-123: A hypervisor memory corruption\n due to x86 emulator flaw.\n\n - CVE-2015-2045: XSA-122: Information leak through version\n information hypercall.\n\n - CVE-2015-2044: XSA-121: Information leak via internal\n x86 system device emulation.\n\n - CVE-2015-2152: XSA-119: HVM qemu was unexpectedly\n enabling emulated VGA graphics backends.\n\n - CVE-2014-3615: Information leakage when guest sets high\n graphics resolution.\n\n - CVE-2015-0361: XSA-116: A xen crash due to use after\n free on hvm guest teardown.\n\n - CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock\n starvation.\n\nAlso the following bugs were fixed :\n\n - bnc#919098 - XEN blktap device intermittently fails to\n connect\n\n - bnc#882089 - Windows 2012 R2 fails to boot up with\n greater than 60 vcpus\n\n - bnc#903680 - Problems with detecting free loop devices\n on Xen guest startup\n\n - bnc#861318 - xentop reports 'Found interface vif101.0\n but domain 101 does not exist.'\n\n - Update seabios to rel-1.7.3.1 which is the correct\n version for Xen 4.4\n\n - Enhancement to virsh/libvirtd 'send-key' command The xen\n side small fix. (FATE#317240)\n\n - bnc#901488 - Intel ixgbe driver assigns rx/tx queues per\n core resulting in irq problems on servers with a large\n amount of CPU cores\n\n - bnc#910254 - SLES11 SP3 Xen VT-d igb NIC doesn't work\n\n - Add domain_migrate_constraints_set API to Xend's http\n interface (FATE#317239)\n\n - Restore missing fixes from block-dmmd script\n\n - bnc#904255 - XEN boot hangs in early boot on UEFI system\n\n - bsc#912011 - high ping latency after upgrade to latest\n SLES11SP3 on xen Dom0\n\n - Fix missing banner by restoring the figlet program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=861318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=882089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=901488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=903680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=906996\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=910254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=910681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=912011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=918995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=918998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=919098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=919464\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=919663\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3615/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9065/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9066/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0361/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2044/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2045/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2151/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2152/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150613-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4eac41b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-147=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-147=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-147=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-debugsource-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-doc-html-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.1_10_k3.12.36_38-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-kmp-default-debuginfo-4.4.1_10_k3.12.36_38-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-debugsource-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.1_10_k3.12.36_38-9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-kmp-default-debuginfo-4.4.1_10_k3.12.36_38-9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.4.1_10-9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.4.1_10-9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Xen\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:57:45", "bulletinFamily": "unix", "description": "Xen was updated to 4.4.2 to fix multiple vulnerabilities and non-security\n bugs.\n\n The following vulnerabilities were fixed:\n\n * CVE-2015-4103: Potential unintended writes to host MSI message data\n field via qemu (XSA-128) (boo#931625)\n * CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests\n (XSA-129) (boo#931626)\n * CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages\n (XSA-130) (boo#931627)\n * CVE-2015-4106: Unmediated PCI register access in qemu (XSA-131)\n (boo#931628)\n * CVE-2015-4164: DoS through iret hypercall handler (XSA-136) (boo#932996)\n * CVE-2015-4163: GNTTABOP_swap_grant_ref operation misbehavior (XSA-134)\n (boo#932790)\n * CVE-2015-3209: heap overflow in qemu pcnet controller allowing guest to\n host escape (XSA-135) (boo#932770)\n * CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation,\n which could be used to denial of service attacks or potential code\n execution against the host. ()\n * CVE-2015-3340: Xen did not initialize certain fields, which allowed\n certain remote service domains to obtain sensitive information from\n memory via a (1) XEN_DOMCTL_gettscinfo or (2)\n XEN_SYSCTL_getdomaininfolist request. ()\n * CVE-2015-2752: Long latency MMIO mapping operations are not preemptible\n (XSA-125 boo#922705)\n * CVE-2015-2756: Unmediated PCI command register access in qemu (XSA-126\n boo#922706)\n * CVE-2015-2751: Certain domctl operations may be abused to lock up the\n host (XSA-127 boo#922709)\n * CVE-2015-2151: Hypervisor memory corruption due to x86 emulator flaw\n (boo#919464 XSA-123)\n * CVE-2015-2045: Information leak through version information hypercall\n (boo#918998 XSA-122)\n * CVE-2015-2044: Information leak via internal x86 system device emulation\n (boo#918995 (XSA-121)\n * CVE-2015-2152: HVM qemu unexpectedly enabling emulated VGA graphics\n backends (boo#919663 XSA-119)\n * CVE-2014-3615: information leakage when guest sets high resolution\n (boo#895528)\n\n The following non-security bugs were fixed:\n\n * xentop: Fix memory leak on read failure\n * boo#923758: xen dmesg contains bogus output in early boot\n * boo#921842: Xentop doesn't display disk statistics for VMs using qdisks\n * boo#919098: L3: XEN blktap device intermittently fails to connect\n * boo#882089: Windows 2012 R2 fails to boot up with greater than 60 vcpus\n * boo#903680: Problems with detecting free loop devices on Xen guest\n startup\n * boo#861318: xentop reports "Found interface vif101.0 but domain 101 does\n not exist."\n * boo#901488: Intel ixgbe driver assigns rx/tx queues per core resulting\n in irq problems on servers with a large amount of CPU cores\n * boo#910254: SLES11 SP3 Xen VT-d igb NIC doesn't work\n * boo#912011: high ping latency after upgrade to latest SLES11SP3 on xen\n Dom0\n * boo#906689: let systemd schedule xencommons after network-online.target\n and remote-fs.target so that xendomains has access to remote shares\n\n The following functionality was enabled or enhanced:\n\n * Enable spice support in qemu for x86_64\n * Add Qxl vga support\n * Enhancement to virsh/libvirtd "send-key" command (FATE#317240)\n * Add domain_migrate_constraints_set API to Xend's http interface\n (FATE#317239)\n\n", "modified": "2015-06-22T12:04:52", "published": "2015-06-22T12:04:52", "id": "OPENSUSE-SU-2015:1092-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00016.html", "type": "suse", "title": "Security update for xen (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}