ID DEBIAN_DSA-2522.NASL Type nessus Reporter This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2012-08-07T00:00:00
Description
Emilio Pinna discovered a cross site scripting vulnerability in the
spellchecker.php page of FCKeditor, a popular HTML/DHTML editor for
the web.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-2522. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(61438);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2012-4000");
script_bugtraq_id(54188);
script_xref(name:"DSA", value:"2522");
script_name(english:"Debian DSA-2522-1 : fckeditor - XSS");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Emilio Pinna discovered a cross site scripting vulnerability in the
spellchecker.php page of FCKeditor, a popular HTML/DHTML editor for
the web."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683418"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/squeeze/fckeditor"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2012/dsa-2522"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the fckeditor packages.
For the stable distribution (squeeze), this problem has been fixed in
version 1:2.6.6-1squeeze1."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:ND");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:fckeditor");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
script_set_attribute(attribute:"patch_publication_date", value:"2012/08/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/07");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"6.0", prefix:"fckeditor", reference:"1:2.6.6-1squeeze1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "DEBIAN_DSA-2522.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-2522-1 : fckeditor - XSS", "description": "Emilio Pinna discovered a cross site scripting vulnerability in the\nspellchecker.php page of FCKeditor, a popular HTML/DHTML editor for\nthe web.", "published": "2012-08-07T00:00:00", "modified": "2012-08-07T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://www.tenable.com/plugins/nessus/61438", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.debian.org/security/2012/dsa-2522", "https://packages.debian.org/source/squeeze/fckeditor", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683418"], "cvelist": ["CVE-2012-4000"], "type": "nessus", "lastseen": "2021-01-12T09:47:34", "edition": 15, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-4000"]}, {"type": "openvas", "idList": ["OPENVAS:71499", "OPENVAS:136141256231071499"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2522-1:47EAF"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28368", "SECURITYVULNS:VULN:12511", "SECURITYVULNS:DOC:30848"]}, {"type": "exploitdb", "idList": ["EDB-ID:37457"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:126902"]}, {"type": "fedora", "idList": ["FEDORA:B8A8E6087CFC"]}, {"type": "nessus", "idList": ["FEDORA_2015-A275FD68F2.NASL"]}], "modified": "2021-01-12T09:47:34", "rev": 2}, "score": {"value": 4.7, "vector": "NONE", "modified": "2021-01-12T09:47:34", "rev": 2}, "vulnersScore": 4.7}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2522. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61438);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-4000\");\n script_bugtraq_id(54188);\n script_xref(name:\"DSA\", value:\"2522\");\n\n script_name(english:\"Debian DSA-2522-1 : fckeditor - XSS\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Emilio Pinna discovered a cross site scripting vulnerability in the\nspellchecker.php page of FCKeditor, a popular HTML/DHTML editor for\nthe web.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683418\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/fckeditor\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2522\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the fckeditor packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:2.6.6-1squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fckeditor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"fckeditor\", reference:\"1:2.6.6-1squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "61438", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:fckeditor"], "scheme": null}
{"cve": [{"lastseen": "2020-12-09T19:47:23", "description": "Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and earlier allows remote attackers to inject arbitrary web script or HTML via textinputs array parameters.", "edition": 5, "cvss3": {}, "published": "2012-07-12T21:55:00", "title": "CVE-2012-4000", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4000"], "modified": "2017-08-29T01:32:00", "cpe": ["cpe:/a:ckeditor:fckeditor:2.2", "cpe:/a:ckeditor:fckeditor:1.3.1", "cpe:/a:ckeditor:fckeditor:1.4", "cpe:/a:ckeditor:fckeditor:1.5", "cpe:/a:ckeditor:fckeditor:0.9.2", "cpe:/a:ckeditor:fckeditor:2.5.1", "cpe:/a:ckeditor:fckeditor:2.6", "cpe:/a:ckeditor:fckeditor:2.4.1", "cpe:/a:ckeditor:fckeditor:0.9.5", "cpe:/a:ckeditor:fckeditor:2.0", "cpe:/a:ckeditor:fckeditor:2.6.7", "cpe:/a:ckeditor:fckeditor:2.6.4.1", "cpe:/a:ckeditor:fckeditor:1.2.2", "cpe:/a:ckeditor:fckeditor:2.3.2", "cpe:/a:ckeditor:fckeditor:2.1.1", "cpe:/a:ckeditor:fckeditor:2.6.1", "cpe:/a:ckeditor:fckeditor:0.9.4", "cpe:/a:ckeditor:fckeditor:0.9.1", "cpe:/a:ckeditor:fckeditor:2.6.2", "cpe:/a:ckeditor:fckeditor:1.3", "cpe:/a:ckeditor:fckeditor:1.6", "cpe:/a:ckeditor:fckeditor:2.6.5", "cpe:/a:ckeditor:fckeditor:0.8", "cpe:/a:ckeditor:fckeditor:2.3", "cpe:/a:ckeditor:fckeditor:2.6.4", "cpe:/a:ckeditor:fckeditor:0.9.0", "cpe:/a:ckeditor:fckeditor:1.2", "cpe:/a:ckeditor:fckeditor:0.8.5", "cpe:/a:ckeditor:fckeditor:2.6.3", "cpe:/a:ckeditor:fckeditor:2.1", "cpe:/a:ckeditor:fckeditor:2.4.3", "cpe:/a:ckeditor:fckeditor:2.3.1", "cpe:/a:ckeditor:fckeditor:1.2.4", "cpe:/a:ckeditor:fckeditor:1.0", "cpe:/a:ckeditor:fckeditor:1.1", "cpe:/a:ckeditor:fckeditor:2.5", "cpe:/a:ckeditor:fckeditor:2.4.2", "cpe:/a:ckeditor:fckeditor:2.4", "cpe:/a:ckeditor:fckeditor:2.3.3", "cpe:/a:ckeditor:fckeditor:0.9.3"], "id": "CVE-2012-4000", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4000", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:ckeditor:fckeditor:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6:rc:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:0.9.2:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:0.8.5:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6.3:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.3:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:0.9.0:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:0.9.5:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:0.9.4:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.6:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:0.9.1:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.5:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:0.8:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.0:fc:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:0.9.3:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6.4:beta:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.0:fc:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:1.4:*:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:ckeditor:fckeditor:2.6.4.1:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-24T12:51:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4000"], "description": "The remote host is missing an update to fckeditor\nannounced via advisory DSA 2522-1.", "modified": "2017-07-07T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:71499", "href": "http://plugins.openvas.org/nasl.php?oid=71499", "type": "openvas", "title": "Debian Security Advisory DSA 2522-1 (fckeditor)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2522_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2522-1 (fckeditor)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Emilio Pinna discovered a cross site scripting vulnerability in the\nspellchecker.php page of FCKeditor, a popular html/text editor for the web.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:2.6.6-1squeeze1.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 1:2.6.6-3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:2.6.6-3.\n\nWe recommend that you upgrade your fckeditor packages.\";\ntag_summary = \"The remote host is missing an update to fckeditor\nannounced via advisory DSA 2522-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202522-1\";\n\nif(description)\n{\n script_id(71499);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2012-4000\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:20:46 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2522-1 (fckeditor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"fckeditor\", ver:\"1:2.6.6-1squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"fckeditor\", ver:\"1:2.6.6-3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4000"], "description": "The remote host is missing an update to fckeditor\nannounced via advisory DSA 2522-1.", "modified": "2019-03-18T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:136141256231071499", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071499", "type": "openvas", "title": "Debian Security Advisory DSA 2522-1 (fckeditor)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2522_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2522-1 (fckeditor)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71499\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2012-4000\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:20:46 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2522-1 (fckeditor)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202522-1\");\n script_tag(name:\"insight\", value:\"Emilio Pinna discovered a cross site scripting vulnerability in the\nspellchecker.php page of FCKeditor, a popular html/text editor for the web.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:2.6.6-1squeeze1.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 1:2.6.6-3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:2.6.6-3.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your fckeditor packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to fckeditor\nannounced via advisory DSA 2522-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"fckeditor\", ver:\"1:2.6.6-1squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"fckeditor\", ver:\"1:2.6.6-3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2020-08-12T01:07:41", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4000"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2522-1 security@debian.org\nhttp://www.debian.org/security/ Yves-Alexis Perez\nAugust 05, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : fckeditor\nVulnerability : cross site scripting\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-4000\nDebian Bug : 683418\n\nEmilio Pinna discovered a cross site scripting vulnerability in the\nspellchecker.php page of FCKeditor, a popular html/text editor for the web.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:2.6.6-1squeeze1.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 1:2.6.6-3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:2.6.6-3.\n\nWe recommend that you upgrade your fckeditor packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 6, "modified": "2012-08-06T08:23:17", "published": "2012-08-06T08:23:17", "id": "DEBIAN:DSA-2522-1:47EAF", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00163.html", "title": "[SECURITY] [DSA 2522-1] fckeditor security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:52", "bulletinFamily": "software", "cvelist": ["CVE-2012-4000"], "description": "\r\n\r\nClass\t\tCross-Site Scripting\r\nRemote\tYes\r\nPublished\t2nd June 2014\r\nCredit\t\tRobin Bailey of Dionach (vulns@dionach.com)\r\nVulnerable\tFCKeditor <= 2.6.10\r\n\r\nFCKeditor is prone to a reflected cross-site scripting (XSS) vulnerability due to inadequately sanitised user input. An attacker may leverage this issue to run JavaScript in the context of a victim's browser.\r\n\r\nFCKeditor 2.6.10 is known to be vulnerable; older versions may also be vulnerable. \r\n\r\nNote that this issue is related to CVE-2012-4000, which was a cross-site scripting vulnerability in the values of the textinputs[] array passed to the spellchecker.php page. To resolve this issue the values of this array were encoded with htmlspecialchars() before being output to the page; however the array keys were still echoed unencoded.\r\n\r\nPoC:\r\n\r\nPOST http://[target]/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php\r\ntextinputs[1</script><script>alert(document.cookie);//</script>]=zz\r\n\r\nThe vendor was notified of this issue, and FCKeditor 2.6.11 was released to address this vulnerability. See the following vendor announcement:\r\n\r\nhttp://ckeditor.com/blog/FCKeditor-2.6.11-Released\r\n\r\nTimeline:\r\n\r\n28/05/2014\tVulnerability identified\r\n28/05/2014\tInitial vendor contact\r\n28/05/2014\tVendor response to contact\r\n28/05/2014\tVulnerability disclosed to vendor\r\n29/05/2014\tVendor confirms vulnerability\r\n02/06/2014\tVendor releases patch\r\n02/06/2014\tPublic disclosure of vulnerability\r\n\r\n______________________________________________________________________\r\n\r\nDisclaimer: This e-mail and any attachments are confidential.\r\n\r\nIt may contain privileged information and is intended for the named\r\naddressee(s) only. It must not be distributed without Dionach Ltd consent.\r\nIf you are not the intended recipient, please notify the sender immediately and destroy this e-mail. \r\n\r\nAny unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Unless expressly stated, opinions in this e-mail are those of the individual sender, and not of Dionach Ltd.\r\n\r\nDionach Ltd, Greenford House, London Road, Wheatley, Oxford OX33 1JH Company Registration No. 03908168, VAT No. GB750661242\r\n\r\n______________________________________________________________________\r\n\r\n", "edition": 1, "modified": "2014-06-14T00:00:00", "published": "2014-06-14T00:00:00", "id": "SECURITYVULNS:DOC:30848", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30848", "title": "FCKedtior 2.6.10 Reflected Cross-Site Scripting (XSS)", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "cvelist": ["CVE-2012-4000"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2522-1 security@debian.org\r\nhttp://www.debian.org/security/ Yves-Alexis Perez\r\nAugust 05, 2012 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : fckeditor\r\nVulnerability : cross site scripting\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2012-4000\r\nDebian Bug : 683418\r\n\r\nEmilio Pinna discovered a cross site scripting vulnerability in the\r\nspellchecker.php page of FCKeditor, a popular html/text editor for the web.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 1:2.6.6-1squeeze1.\r\n\r\nFor the testing distribution (wheezy), this problem has been fixed in\r\nversion 1:2.6.6-3.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 1:2.6.6-3.\r\n\r\nWe recommend that you upgrade your fckeditor packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niQIcBAEBCgAGBQJQH37dAAoJEDBVD3hx7wuovjQP/0aoCME4eFFseyirINsdsaqV\r\nBinmmhsl5sY2G48EiMyEq3RH0eSg2Pip3MA6JJCErdhYvAA4FGEIM3jiSymEIyxE\r\navnKrbVxR1xH8cFJXVyMdu7za6dBFydW6ZUAT7P5+hPVoaGwQ3R4EwSVBlNV5PHr\r\nCQCr6pG/mICUiYyAWC23VeL6PHO7hIS5Evi33DW6wOQg/NB8ERsACt8NIirFSAAB\r\ngbPg6ny7x+mioxxGrUzh7XZe7aRYjjk0CFdmgmcpMjEB7h++6qwGlbWLhPt3ddeC\r\nIwmui85FHIgINTqRIuPszpub5IBkn7A3qUiMl6yzd/Igdjlb5oJt40C6mQ2nrXMj\r\nDBo5AGxq/Xv3QXyFrpuIXcS7G1hlpef7c0ofFAkNCKKMQllYhqdLUp6kTB+6yWCx\r\naPjtRnnvn3co6zkNpmWnCh2DQ65taY3CDxdymfEOTeAZEvFv5R9Ge+Q0jQO+6xLV\r\nteGnZIHf1znOFj3nfUKTOyI+s6FWXFsaYaYnsXuQnZzBlc8opM2IILYd/MQqIiH+\r\nzMaosJraYlP8Om8XGd2NUFmigYzi6x3klwWsbRHaowgC9OxL1AlAZDs9maLu+Q2C\r\naSqhUd3xd5dikc1Eu23kdetKotjpyj4LzMP3gAdcIUtqd/N1vrMT8Cj3tSdueJwO\r\n1kY5sLaI9j1nsx8QPftT\r\n=rOo8\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-08-13T00:00:00", "published": "2012-08-13T00:00:00", "id": "SECURITYVULNS:DOC:28368", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28368", "title": "[SECURITY] [DSA 2522-1] fckeditor security update", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2012-4000", "CVE-2012-4036", "CVE-2012-4034", "CVE-2012-3952", "CVE-2012-4035", "CVE-2012-3869", "CVE-2012-4069", "CVE-2012-3953", "CVE-2012-4070"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2012-08-13T00:00:00", "published": "2012-08-13T00:00:00", "id": "SECURITYVULNS:VULN:12511", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12511", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-04T05:52:52", "description": "FCKEditor 'spellchecker.php' Cross Site Scripting Vulnerability. CVE-2012-4000. Webapps exploit for php platform", "published": "2012-06-25T00:00:00", "type": "exploitdb", "title": "FCKEditor Core - Editor - 'spellchecker.php' Cross Site Scripting Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-4000"], "modified": "2012-06-25T00:00:00", "id": "EDB-ID:37457", "href": "https://www.exploit-db.com/exploits/37457/", "sourceData": "source: http://www.securityfocus.com/bid/54188/info\r\n\r\nFCKEditor is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input.\r\n\r\nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.\r\n\r\nFCKEditor 2.6.7 is vulnerable; prior versions may also be affected. \r\n\r\n<html> <body> <iframe style=\"width: 1px; height: 1px; visibility: hidden\" name=\"hidden\"></iframe> <form method=\"post\" name=\"sender\" action=\"http://www.example.com/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php\"; target=\"hidden\"> <input type=\"hidden\" name=\"textinputs[]\" value='\");alert(\"THIS SITE IS XSS VULNERABLE!\");</script><!--' /> </form> </body> <script>document.sender.submit(); </script> </html>\r\n\r\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/37457/"}], "packetstorm": [{"lastseen": "2016-12-05T22:13:57", "description": "", "published": "2014-06-03T00:00:00", "type": "packetstorm", "title": "FCKeditor 2.6.10 Cross Site Scripting", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-4000"], "modified": "2014-06-03T00:00:00", "id": "PACKETSTORM:126902", "href": "https://packetstormsecurity.com/files/126902/FCKeditor-2.6.10-Cross-Site-Scripting.html", "sourceData": "`Class Cross-Site Scripting \nRemote Yes \nPublished 2nd June 2014 \nCredit Robin Bailey of Dionach (vulns@dionach.com) \nVulnerable FCKeditor <= 2.6.10 \n \nFCKeditor is prone to a reflected cross-site scripting (XSS) vulnerability due to inadequately sanitised user input. An attacker may leverage this issue to run JavaScript in the context of a victim's browser. \n \nFCKeditor 2.6.10 is known to be vulnerable; older versions may also be vulnerable. \n \nNote that this issue is related to CVE-2012-4000, which was a cross-site scripting vulnerability in the values of the textinputs[] array passed to the spellchecker.php page. To resolve this issue the values of this array were encoded with htmlspecialchars() before being output to the page; however the array keys were still echoed unencoded. \n \nPoC: \n \nPOST http://[target]/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php \ntextinputs[1</script><script>alert(document.cookie);//</script>]=zz \n \nThe vendor was notified of this issue, and FCKeditor 2.6.11 was released to address this vulnerability. See the following vendor announcement: \n \nhttp://ckeditor.com/blog/FCKeditor-2.6.11-Released \n \nTimeline: \n \n28/05/2014 Vulnerability identified \n28/05/2014 Initial vendor contact \n28/05/2014 Vendor response to contact \n28/05/2014 Vulnerability disclosed to vendor \n29/05/2014 Vendor confirms vulnerability \n02/06/2014 Vendor releases patch \n02/06/2014 Public disclosure of vulnerability \n \n______________________________________________________________________ \n \nDisclaimer: This e-mail and any attachments are confidential. \n \nIt may contain privileged information and is intended for the named \naddressee(s) only. It must not be distributed without Dionach Ltd consent. \nIf you are not the intended recipient, please notify the sender immediately and destroy this e-mail. \n \nAny unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Unless expressly stated, opinions in this e-mail are those of the individual sender, and not of Dionach Ltd. \n \nDionach Ltd, Greenford House, London Road, Wheatley, Oxford OX33 1JH Company Registration No. 03908168, VAT No. GB750661242 \n \n______________________________________________________________________ \n`\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/126902/fckeditor2610-xss.txt"}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4000", "CVE-2015-6566"], "description": "The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The Open Source Collaboration provides an integration with your existing Linux mail server, native mobile phone support by ActiveSync compatibility and a webaccess with 'Look & Feel' similar to Outlook using Ajax. Including an IMAP and a POP3 gateway as well as an iCal/CalDAV gateway, the Zarafa Open Source Collaboration can combine the usability with the stability and the flexibility of a Linux server. The proven Zarafa groupware solution is using MAPI objects, provides a MAPI client library as well as programming interfaces for C++, PHP and Python. The other Zarafa related packages need to be installed to gain all features and benefits of the Zarafa Collaboration Platform (ZCP). ", "modified": "2015-11-23T23:21:38", "published": "2015-11-23T23:21:38", "id": "FEDORA:B8A8E6087CFC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: zarafa-7.1.14-1.fc21", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-12T10:13:52", "description": "Zarafa Collaboration Platform 7.1.14 final [51822]\n================================================== - ZCP-13581: update\nfck- editor (for webaccess) to solve CVE-2012-4000 - ZCP-13572:\nCVE-2015-6566 - zarafa-autorespond suffers from a potential local\nprivilege escalation - ZCP-13087: Meeting requests are not being sent\nwith Thunderbird Lightning due to new functionality - ZCP-13608:\nAttachments are missing in the Sent items folder when using a cache\nprofile - ZCP-13243: ser_safe_mode falsely reports that it would\ndelete users\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 8.4, "vector": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-04T00:00:00", "title": "Fedora 21 : zarafa-7.1.14-1.fc21 (2015-a275fd68f2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4000", "CVE-2015-6566"], "modified": "2016-03-04T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:21", "p-cpe:/a:fedoraproject:fedora:zarafa"], "id": "FEDORA_2015-A275FD68F2.NASL", "href": "https://www.tenable.com/plugins/nessus/89347", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-a275fd68f2.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89347);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-6566\");\n script_xref(name:\"FEDORA\", value:\"2015-a275fd68f2\");\n\n script_name(english:\"Fedora 21 : zarafa-7.1.14-1.fc21 (2015-a275fd68f2)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Zarafa Collaboration Platform 7.1.14 final [51822]\n================================================== - ZCP-13581: update\nfck- editor (for webaccess) to solve CVE-2012-4000 - ZCP-13572:\nCVE-2015-6566 - zarafa-autorespond suffers from a potential local\nprivilege escalation - ZCP-13087: Meeting requests are not being sent\nwith Thunderbird Lightning due to new functionality - ZCP-13608:\nAttachments are missing in the Sent items folder when using a cache\nprofile - ZCP-13243: ser_safe_mode falsely reports that it would\ndelete users\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1263006\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172605.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eb9d58dc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected zarafa package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:zarafa\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"zarafa-7.1.14-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zarafa\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}