EulerOS Virtualization 3.0.1.0 : sqlite (EulerOS-SA-2019-1425)

2019-05-14T00:00:00

Description

According to the versions of the sqlite packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3415) - A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3414) - A NULL pointer dereference vulnerability was found in SQLite. Loading a database whose schema was corrupted using a CREATE TABLE AS statement would result in a SQLite crash.(CVE-2018-8740) - It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3416) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

{"id": "EULEROS_SA-2019-1425.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "EulerOS Virtualization 3.0.1.0 : sqlite (EulerOS-SA-2019-1425)", "description": "According to the versions of the sqlite packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3415)\n\n - A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3414)\n\n - A NULL pointer dereference vulnerability was found in SQLite. Loading a database whose schema was corrupted using a CREATE TABLE AS statement would result in a SQLite crash.(CVE-2018-8740)\n\n - It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3416)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2019-05-14T00:00:00", "modified": "2021-02-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/124928", "reporter": "This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?d8337062", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8740"], "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2018-8740"], "immutableFields": [], "lastseen": "2021-12-23T02:29:28", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2015-561", "ALAS-2015-562", "ALAS-2015-563", "ALAS-2015-591"]}, {"type": "apple", "idList": ["APPLE:198F1AB81F91F2CEB090B4B4D49C57AD", "APPLE:9A0B3B0DFCDD94CAF1819BEC271E3754", "APPLE:HT207598", "APPLE:HT207599"]}, {"type": "centos", "idList": ["CESA-2015:1634", "CESA-2015:1635"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:7CFA05FF63DADFE32E3B6B3CFD30F896", "CFOUNDRY:FAA30968EB5FC787D7DD15251E2F2C77"]}, {"type": "cve", "idList": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2018-8740"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1633-1:7A683", "DEBIAN:DLA-1633-1:A3283", "DEBIAN:DLA-2340-1:34DF9", "DEBIAN:DSA-3252-1:580AD", "DEBIAN:DSA-3252-2:F9016"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-3414", "DEBIANCVE:CVE-2015-3415", "DEBIANCVE:CVE-2015-3416", "DEBIANCVE:CVE-2018-8740"]}, {"type": "f5", "idList": ["F5:K16950", "F5:K37236006", "SOL16950", "SOL37236006"]}, {"type": "fedora", "idList": ["FEDORA:0C470643A821", "FEDORA:370A6606D24C", "FEDORA:4924F60A8F8A", "FEDORA:5911860BBCB1", "FEDORA:E975C60779A0"]}, {"type": "freebsd", "idList": ["6D52BDA1-2E54-11E8-A68F-485B3931C969", "C1630AA3-7970-11E8-8634-DCFE074BD614", "DEC3164F-3121-45EF-AF18-BB113AC5082F"]}, {"type": "gentoo", "idList": ["GLSA-201507-05"]}, {"type": "ibm", "idList": ["1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "60F9C5A6A14BE367913B58DF580EE50C6C7E3396500C99E5420F6C7942C1CCBD", "7D92EA39738FB691442570FEC4FBE1F096F12A2079E72470B6CD1701077981A1", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "FA57CDF4BCAE98CCC902592DBB4477489D30E3D19A0CC4F562C86AA81658E38D", "FAFCEEB5E7F282B7B50A41E1E44AFB4EF2A67906EA3B347157464BC9FF982A1C"]}, {"type": "kaspersky", "idList": ["KLA10565"]}, {"type": "mageia", "idList": ["MGASA-2015-0234", "MGASA-2018-0181"]}, {"type": "nessus", "idList": ["8787.PRM", "8979.PRM", "8982.PRM", "ALA_ALAS-2015-561.NASL", "ALA_ALAS-2015-562.NASL", "ALA_ALAS-2015-563.NASL", "ALA_ALAS-2015-591.NASL", "CENTOS_RHSA-2015-1634.NASL", "CENTOS_RHSA-2015-1635.NASL", "DEBIAN_DLA-1633.NASL", "DEBIAN_DSA-3252.NASL", "EULEROS_SA-2018-1136.NASL", "EULEROS_SA-2018-1137.NASL", "EULEROS_SA-2018-1138.NASL", "EULEROS_SA-2018-1180.NASL", "EULEROS_SA-2018-1341.NASL", "F5_BIGIP_SOL16950.NASL", "FEDORA_2018-07E15AD5A5.NASL", "FEDORA_2018-AACE372C3F.NASL", "FEDORA_2018-BB66329DEE.NASL", "FREEBSD_PKG_6D52BDA12E5411E8A68F485B3931C969.NASL", "FREEBSD_PKG_C1630AA3797011E88634DCFE074BD614.NASL", "FREEBSD_PKG_DEC3164F312145EFAF18BB113AC5082F.NASL", "GENTOO_GLSA-201507-05.NASL", "ITUNES_12_6.NASL", "ITUNES_12_6_BANNER.NASL", "MACOSX_10_11.NASL", "MACOS_ITUNES_12_6.NASL", "MANDRIVA_MDVSA-2015-217.NASL", "OPENSUSE-2019-1426.NASL", "OPENSUSE-2021-1058.NASL", "OPENSUSE-2021-2320.NASL", "ORACLELINUX_ELSA-2015-1634.NASL", "ORACLELINUX_ELSA-2015-1635.NASL", "ORACLEVM_OVMSA-2015-0115.NASL", "PFSENSE_SA-15_06.NASL", "PHOTONOS_PHSA-2018-1_0-0126.NASL", "PHOTONOS_PHSA-2018-1_0-0126_SQLITE.NASL", "PHOTONOS_PHSA-2018-2_0-0037.NASL", "PHP_5_4_42.NASL", "PHP_5_5_26.NASL", "PHP_5_6_10.NASL", "REDHAT-RHSA-2015-1634.NASL", "REDHAT-RHSA-2015-1635.NASL", "SLACKWARE_SSA_2015-198-02.NASL", "SL_20150817_SQLITE_ON_SL6_X.NASL", "SL_20150817_SQLITE_ON_SL7_X.NASL", "SUSE_SU-2019-1208-1.NASL", "SUSE_SU-2019-1522-1.NASL", "SUSE_SU-2021-2320-1.NASL", "SUSE_SU-2021-3215-1.NASL", "UBUNTU_USN-2698-1.NASL", "UBUNTU_USN-4205-1.NASL", "UBUNTU_USN-4394-1.NASL", "WEB_APPLICATION_SCANNING_98802"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120091", "OPENVAS:1361412562310120105", "OPENVAS:1361412562310120107", "OPENVAS:1361412562310120108", "OPENVAS:1361412562310121386", "OPENVAS:1361412562310123027", "OPENVAS:1361412562310123029", "OPENVAS:1361412562310703252", "OPENVAS:1361412562310810724", "OPENVAS:1361412562310810725", "OPENVAS:1361412562310842395", "OPENVAS:1361412562310844254", "OPENVAS:1361412562310844467", "OPENVAS:1361412562310852510", "OPENVAS:1361412562310871430", "OPENVAS:1361412562310871431", "OPENVAS:1361412562310874287", "OPENVAS:1361412562310874298", "OPENVAS:1361412562310874663", "OPENVAS:1361412562310876673", "OPENVAS:1361412562310882248", "OPENVAS:1361412562310882251", "OPENVAS:1361412562310891633", "OPENVAS:1361412562311220181136", "OPENVAS:1361412562311220181137", "OPENVAS:1361412562311220181138", "OPENVAS:1361412562311220181180", "OPENVAS:1361412562311220181341", "OPENVAS:1361412562311220191425", "OPENVAS:703252"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-000002"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2018", "ORACLE:CPUJUL2018-4258247", "ORACLE:CPUOCT2020"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1634", "ELSA-2015-1635"]}, {"type": "osv", "idList": ["OSV:DLA-1633-1", "OSV:DLA-2340-1", "OSV:DLA-2340-2", "OSV:DSA-3252-1", "OSV:DSA-3252-2"]}, {"type": "photon", "idList": ["PHSA-2018-0037", "PHSA-2018-0126", "PHSA-2018-1.0-0126", "PHSA-2018-2.0-0037"]}, {"type": "redhat", "idList": ["RHSA-2015:1634", "RHSA-2015:1635"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-8740"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31989", "SECURITYVULNS:DOC:32522", "SECURITYVULNS:VULN:14389", "SECURITYVULNS:VULN:14702"]}, {"type": "slackware", "idList": ["SSA-2015-198-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1426-1", "OPENSUSE-SU-2021:1058-1", "OPENSUSE-SU-2021:2320-1"]}, {"type": "ubuntu", "idList": ["USN-2698-1", "USN-4205-1", "USN-4394-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-3414", "UB:CVE-2015-3415", "UB:CVE-2015-3416", "UB:CVE-2015-6607", "UB:CVE-2018-8740"]}, {"type": "veracode", "idList": ["VERACODE:25306", "VERACODE:26914"]}]}, "score": {"value": 0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2015-561"]}, {"type": "apple", "idList": ["APPLE:9A0B3B0DFCDD94CAF1819BEC271E3754"]}, {"type": "centos", "idList": ["CESA-2015:1634", "CESA-2015:1635"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:7CFA05FF63DADFE32E3B6B3CFD30F896"]}, {"type": "cve", "idList": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1633-1:7A683"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-3414", "DEBIANCVE:CVE-2015-3415", "DEBIANCVE:CVE-2015-3416", "DEBIANCVE:CVE-2018-8740"]}, {"type": "f5", "idList": ["F5:K37236006"]}, {"type": "fedora", "idList": ["FEDORA:0C470643A821", "FEDORA:4924F60A8F8A", "FEDORA:5911860BBCB1", "FEDORA:E975C60779A0"]}, {"type": "freebsd", "idList": ["6D52BDA1-2E54-11E8-A68F-485B3931C969"]}, {"type": "ibm", "idList": ["60F9C5A6A14BE367913B58DF580EE50C6C7E3396500C99E5420F6C7942C1CCBD"]}, {"type": "kaspersky", "idList": ["KLA10565"]}, {"type": "nessus", "idList": ["ALA_ALAS-2015-591.NASL", "DEBIAN_DLA-1633.NASL", "FEDORA_2018-07E15AD5A5.NASL", "FEDORA_2018-AACE372C3F.NASL", "FEDORA_2018-BB66329DEE.NASL", "FREEBSD_PKG_6D52BDA12E5411E8A68F485B3931C969.NASL", "UBUNTU_USN-4205-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121386", "OPENVAS:1361412562310844254", "OPENVAS:1361412562310852510", "OPENVAS:1361412562310874287", "OPENVAS:1361412562310874298", "OPENVAS:1361412562310882251", "OPENVAS:1361412562310891633"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-000002"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2018-4258247"]}, {"type": "photon", "idList": ["PHSA-2018-1.0-0126", "PHSA-2018-2.0-0037"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-8740"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31989"]}, {"type": "slackware", "idList": ["SSA-2015-198-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1426-1"]}, {"type": "ubuntu", "idList": ["USN-4205-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-8740"]}]}, "exploitation": null, "vulnersScore": 0.0}, "pluginID": "124928", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124928);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/08\");\n\n script_cve_id(\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2018-8740\"\n );\n script_bugtraq_id(\n 74228\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : sqlite (EulerOS-SA-2019-1425)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the sqlite packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - It was found that SQLite's sqlite3VdbeExec() function\n did not properly implement comparison operators. A\n local attacker could submit a specially crafted CHECK\n statement that would crash the SQLite process, or have\n other unspecified impacts.(CVE-2015-3415)\n\n - A flaw was found in the way SQLite handled dequoting of\n collation-sequence names. A local attacker could submit\n a specially crafted COLLATE statement that would crash\n the SQLite process, or have other unspecified\n impacts.(CVE-2015-3414)\n\n - A NULL pointer dereference vulnerability was found in\n SQLite. Loading a database whose schema was corrupted\n using a CREATE TABLE AS statement would result in a\n SQLite crash.(CVE-2018-8740)\n\n - It was found that SQLite's sqlite3VXPrintf() function\n did not properly handle precision and width values\n during floating-point conversions. A local attacker\n could submit a specially crafted SELECT statement that\n would crash the SQLite process, or have other\n unspecified impacts.(CVE-2015-3416)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1425\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d8337062\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected sqlite packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"sqlite-3.7.17-8.h2.eulerosv2r7\",\n \"sqlite-devel-3.7.17-8.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "naslFamily": "Huawei Local Security Checks", "cpe": ["p-cpe:/a:huawei:euleros:sqlite", "p-cpe:/a:huawei:euleros:sqlite-devel", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "solution": "Update the affected sqlite packages.", "nessusSeverity": "High", "cvssScoreSource": "", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2019-05-08T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_state": {"dependencies": 1660004461, "score": 1659871106}, "_internal": {"score_hash": "e1a1e0550e0f2acffcd89f2de67ac3fb"}, "vendor_cvss2": {}, "vendor_cvss3": {}}

{"openvas": [{"lastseen": "2020-01-27T18:37:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2019-1425)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2018-8740", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191425", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191425", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1425\");\n script_version(\"2020-01-23T11:44:52+0000\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\", \"CVE-2018-8740\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:44:52 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:44:52 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2019-1425)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1425\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1425\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'sqlite' package(s) announced via the EulerOS-SA-2019-1425 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3415)\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3414)\n\nA NULL pointer dereference vulnerability was found in SQLite. Loading a database whose schema was corrupted using a CREATE TABLE AS statement would result in a SQLite crash.(CVE-2018-8740)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3416)\");\n\n script_tag(name:\"affected\", value:\"'sqlite' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~8.h2.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~8.h2.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:08", "description": "Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2015-05-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3252-1 (sqlite3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703252", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703252", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3252.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3252-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703252\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_name(\"Debian Security Advisory DSA 3252-1 (sqlite3 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-05-06 00:00:00 +0200 (Wed, 06 May 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3252.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"sqlite3 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these problems have been fixed in\nversion 3.8.7.1-1+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 3.8.9-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.8.9-1.\n\nWe recommend that you upgrade your sqlite3 packages.\");\n script_tag(name:\"summary\", value:\"Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"lemon\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-0-dbg\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-dev\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-tcl\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"sqlite3-doc\", ver:\"3.8.9-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lemon\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-0-dbg\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-dev\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsqlite3-tcl\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"sqlite3-doc\", ver:\"3.8.7.1-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:53:07", "description": "Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2015-05-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3252-1 (sqlite3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703252", "href": "http://plugins.openvas.org/nasl.php?oid=703252", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3252.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3252-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703252);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_name(\"Debian Security Advisory DSA 3252-1 (sqlite3 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-05-06 00:00:00 +0200 (Wed, 06 May 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3252.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"sqlite3 on Debian Linux\");\n script_tag(name: \"insight\", value: \"SQLite is a C library that implements an SQL database engine.\nPrograms that link with the SQLite library can have SQL database\naccess without running a separate RDBMS process.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 3.8.7.1-1+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 3.8.9-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.8.9-1.\n\nWe recommend that you upgrade your sqlite3 packages.\");\n script_tag(name: \"summary\", value: \"Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"lemon\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-0-dbg\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-dev\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-tcl\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sqlite3-doc\", ver:\"3.8.9-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lemon\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-0-dbg\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-dev\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsqlite3-tcl\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sqlite3-doc\", ver:\"3.8.7.1-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:36", "description": "Oracle Linux Local Security Checks ELSA-2015-1635", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1635", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123027", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123027", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1635.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123027\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 09:46:49 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1635\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1635 - sqlite security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1635\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1635.html\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.17~6.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite-doc\", rpm:\"sqlite-doc~3.7.17~6.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite-tcl\", rpm:\"sqlite-tcl~3.7.17~6.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:03", "description": "Check the version of lemon", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "openvas", "title": "CentOS Update for lemon CESA-2015:1635 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882248", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882248", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for lemon CESA-2015:1635 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882248\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 06:49:45 +0200 (Tue, 18 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for lemon CESA-2015:1635 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of lemon\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"lemon on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1635\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-August/021337.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-doc\", rpm:\"sqlite-doc~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-tcl\", rpm:\"sqlite-tcl~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:58:54", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-591)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120091", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120091", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120091\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:11 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-591)\");\n script_tag(name:\"insight\", value:\"A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414 )It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415 )It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3416 )\");\n script_tag(name:\"solution\", value:\"Run yum update sqlite to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-591.html\");\n script_cve_id(\"CVE-2015-3415\", \"CVE-2015-3414\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-tcl\", rpm:\"sqlite-tcl~3.7.17~6.13.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.13.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.13.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.17~6.13.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-doc\", rpm:\"sqlite-doc~3.7.17~6.13.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:00", "description": "Gentoo Linux Local Security Checks GLSA 201507-05", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201507-05", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121386", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201507-05.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121386\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:53 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201507-05\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201507-05\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201507-05\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-db/sqlite\", unaffected: make_list(\"ge 3.8.9\"), vulnerable: make_list(\"lt 3.8.9\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "openvas", "title": "RedHat Update for sqlite RHSA-2015:1635-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871431", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871431", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for sqlite RHSA-2015:1635-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871431\");\n script_version(\"$Revision: 12497 $\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 06:48:59 +0200 (Tue, 18 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for sqlite RHSA-2015:1635-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"sqlite on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1635-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-August/msg00028.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.el7_1.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-debuginfo\", rpm:\"sqlite-debuginfo~3.7.17~6.el7_1.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.el7_1.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-31T00:00:00", "type": "openvas", "title": "Ubuntu Update for sqlite3 USN-2698-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414", "CVE-2013-7443"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842395", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842395", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for sqlite3 USN-2698-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842395\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-31 07:21:45 +0200 (Fri, 31 Jul 2015)\");\n script_cve_id(\"CVE-2013-7443\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for sqlite3 USN-2698-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that SQLite incorrectly handled skip-scan optimization.\nAn attacker could use this issue to cause applications using SQLite to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 14.04 LTS. (CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting of\ncollation-sequence names. An attacker could use this issue to cause\napplications using SQLite to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS\nand Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented comparison\noperators. An attacker could use this issue to cause applications using\nSQLite to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf precision\nand width values during floating-point conversions. An attacker could use\nthis issue to cause applications using SQLite to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2015-3416)\");\n script_tag(name:\"affected\", value:\"sqlite3 on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2698-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2698-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.2-1ubuntu2.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.7.9-2ubuntu1.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:58:47", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-561)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-4644", "CVE-2014-3416", "CVE-2015-4642", "CVE-2015-3416", "CVE-2015-3414", "CVE-2015-4643"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120105", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120105", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120105\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:32 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-561)\");\n script_tag(name:\"insight\", value:\"Upstream reports that six security-related issues in PHP were fixed in this release, as well as several security issues in bundled sqlite library (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416 ). All PHP 5.4 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.\");\n script_tag(name:\"solution\", value:\"Run yum update php54 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-561.html\");\n script_cve_id(\"CVE-2015-4644\", \"CVE-2015-3415\", \"CVE-2015-3414\", \"CVE-2015-4643\", \"CVE-2015-4642\", \"CVE-2014-3416\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php54-mssql\", rpm:\"php54-mssql~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-devel\", rpm:\"php54-devel~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-xml\", rpm:\"php54-xml~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-imap\", rpm:\"php54-imap~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-odbc\", rpm:\"php54-odbc~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-debuginfo\", rpm:\"php54-debuginfo~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pdo\", rpm:\"php54-pdo~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-snmp\", rpm:\"php54-snmp~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysql\", rpm:\"php54-mysql~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54\", rpm:\"php54~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-tidy\", rpm:\"php54-tidy~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-dba\", rpm:\"php54-dba~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pspell\", rpm:\"php54-pspell~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-ldap\", rpm:\"php54-ldap~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-xmlrpc\", rpm:\"php54-xmlrpc~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pgsql\", rpm:\"php54-pgsql~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-common\", rpm:\"php54-common~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-intl\", rpm:\"php54-intl~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-enchant\", rpm:\"php54-enchant~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysqlnd\", rpm:\"php54-mysqlnd~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-soap\", rpm:\"php54-soap~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-fpm\", rpm:\"php54-fpm~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-recode\", rpm:\"php54-recode~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mbstring\", rpm:\"php54-mbstring~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-process\", rpm:\"php54-process~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mcrypt\", rpm:\"php54-mcrypt~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-bcmath\", rpm:\"php54-bcmath~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-gd\", rpm:\"php54-gd~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-embedded\", rpm:\"php54-embedded~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-cli\", rpm:\"php54-cli~5.4.42~1.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T22:58:40", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-562)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-2325", "CVE-2015-4644", "CVE-2014-3416", "CVE-2015-4642", "CVE-2015-3416", "CVE-2015-3414", "CVE-2015-4643", "CVE-2015-2326"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120108", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120108", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120108\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:40 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-562)\");\n script_tag(name:\"insight\", value:\"Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326 ). All PHP 5.5 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.\");\n script_tag(name:\"solution\", value:\"Run yum update php55 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-562.html\");\n script_cve_id(\"CVE-2015-3415\", \"CVE-2015-3414\", \"CVE-2014-3416\", \"CVE-2015-4644\", \"CVE-2015-4643\", \"CVE-2015-4642\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php55-cli\", rpm:\"php55-cli~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-odbc\", rpm:\"php55-odbc~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-dba\", rpm:\"php55-dba~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55\", rpm:\"php55~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-bcmath\", rpm:\"php55-bcmath~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-common\", rpm:\"php55-common~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mysqlnd\", rpm:\"php55-mysqlnd~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xml\", rpm:\"php55-xml~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-recode\", rpm:\"php55-recode~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-intl\", rpm:\"php55-intl~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-devel\", rpm:\"php55-devel~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-opcache\", rpm:\"php55-opcache~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gd\", rpm:\"php55-gd~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gmp\", rpm:\"php55-gmp~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-soap\", rpm:\"php55-soap~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-ldap\", rpm:\"php55-ldap~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-imap\", rpm:\"php55-imap~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-debuginfo\", rpm:\"php55-debuginfo~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mbstring\", rpm:\"php55-mbstring~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xmlrpc\", rpm:\"php55-xmlrpc~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mcrypt\", rpm:\"php55-mcrypt~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mssql\", rpm:\"php55-mssql~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-embedded\", rpm:\"php55-embedded~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pdo\", rpm:\"php55-pdo~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-process\", rpm:\"php55-process~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pspell\", rpm:\"php55-pspell~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-enchant\", rpm:\"php55-enchant~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-fpm\", rpm:\"php55-fpm~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pgsql\", rpm:\"php55-pgsql~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-tidy\", rpm:\"php55-tidy~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-snmp\", rpm:\"php55-snmp~5.5.26~1.103.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T22:59:59", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-563)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3415", "CVE-2015-2325", "CVE-2015-4644", "CVE-2014-3416", "CVE-2015-4642", "CVE-2015-3416", "CVE-2015-3414", "CVE-2015-4643", "CVE-2015-2326"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120107", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120107", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120107\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:36 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-563)\");\n script_tag(name:\"insight\", value:\"Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326 ). All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.\");\n script_tag(name:\"solution\", value:\"Run yum update php56 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-563.html\");\n script_cve_id(\"CVE-2015-3415\", \"CVE-2015-3414\", \"CVE-2014-3416\", \"CVE-2015-4644\", \"CVE-2015-4643\", \"CVE-2015-4642\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php56-intl\", rpm:\"php56-intl~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-enchant\", rpm:\"php56-enchant~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-snmp\", rpm:\"php56-snmp~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-fpm\", rpm:\"php56-fpm~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pgsql\", rpm:\"php56-pgsql~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mssql\", rpm:\"php56-mssql~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-dba\", rpm:\"php56-dba~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-odbc\", rpm:\"php56-odbc~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mysqlnd\", rpm:\"php56-mysqlnd~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mbstring\", rpm:\"php56-mbstring~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56\", rpm:\"php56~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-tidy\", rpm:\"php56-tidy~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pdo\", rpm:\"php56-pdo~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-gd\", rpm:\"php56-gd~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pspell\", rpm:\"php56-pspell~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-recode\", rpm:\"php56-recode~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-opcache\", rpm:\"php56-opcache~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-embedded\", rpm:\"php56-embedded~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-dbg\", rpm:\"php56-dbg~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-gmp\", rpm:\"php56-gmp~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-debuginfo\", rpm:\"php56-debuginfo~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-common\", rpm:\"php56-common~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-ldap\", rpm:\"php56-ldap~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-bcmath\", rpm:\"php56-bcmath~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-soap\", rpm:\"php56-soap~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-devel\", rpm:\"php56-devel~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mcrypt\", rpm:\"php56-mcrypt~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-imap\", rpm:\"php56-imap~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-xml\", rpm:\"php56-xml~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-cli\", rpm:\"php56-cli~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-process\", rpm:\"php56-process~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-xmlrpc\", rpm:\"php56-xmlrpc~5.6.10~1.115.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "openvas", "title": "RedHat Update for sqlite RHSA-2015:1634-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3416"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871430", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871430", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for sqlite RHSA-2015:1634-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871430\");\n script_version(\"$Revision: 12497 $\");\n script_cve_id(\"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 06:48:57 +0200 (Tue, 18 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for sqlite RHSA-2015:1634-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\");\n script_tag(name:\"affected\", value:\"sqlite on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1634-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-August/msg00027.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.6.20~1.el6_7.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-debuginfo\", rpm:\"sqlite-debuginfo~3.6.20~1.el6_7.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.6.20~1.el6_7.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:23", "description": "Oracle Linux Local Security Checks ELSA-2015-1634", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1634", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3416"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123029", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123029", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1634.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123029\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 09:46:50 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1634\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1634 - sqlite security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1634\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1634.html\");\n script_cve_id(\"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.6.20~1.el6_7.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.6.20~1.el6_7.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.6.20~1.el6_7.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite-doc\", rpm:\"sqlite-doc~3.6.20~1.el6_7.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"sqlite-tcl\", rpm:\"sqlite-tcl~3.6.20~1.el6_7.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:47", "description": "Check the version of lemon", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "openvas", "title": "CentOS Update for lemon CESA-2015:1634 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3416"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882251", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for lemon CESA-2015:1634 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882251\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 06:50:42 +0200 (Tue, 18 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for lemon CESA-2015:1634 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of lemon\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\");\n script_tag(name:\"affected\", value:\"lemon on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1634\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-August/021332.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.6.20~1.el6_7.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.6.20~1.el6_7.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.6.20~1.el6_7.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-doc\", rpm:\"sqlite-doc~3.6.20~1.el6_7.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-tcl\", rpm:\"sqlite-tcl~3.6.20~1.el6_7.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:33:38", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2018-1180)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8740"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181180", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181180", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1180\");\n script_version(\"2020-01-23T11:16:02+0000\");\n script_cve_id(\"CVE-2018-8740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:16:02 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:16:02 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2018-1180)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1180\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1180\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'sqlite' package(s) announced via the EulerOS-SA-2018-1180 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.(CVE-2018-8740)\");\n\n script_tag(name:\"affected\", value:\"'sqlite' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~8.h1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~8.h1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-28T00:00:00", "type": "openvas", "title": "Fedora Update for sqlite FEDORA-2018-07e15ad5a5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8740"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874298", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874298", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_07e15ad5a5_sqlite_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for sqlite FEDORA-2018-07e15ad5a5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874298\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-28 09:00:09 +0200 (Wed, 28 Mar 2018)\");\n script_cve_id(\"CVE-2018-8740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for sqlite FEDORA-2018-07e15ad5a5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"sqlite on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-07e15ad5a5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJEP7PZJLNA2RAQS24C4C4TUC5V3AG6X\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.20.1~2.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:35:26", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2018-1341)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8740"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181341", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181341", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1341\");\n script_version(\"2020-01-23T11:22:31+0000\");\n script_cve_id(\"CVE-2018-8740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:22:31 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:22:31 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2018-1341)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1341\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1341\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'sqlite' package(s) announced via the EulerOS-SA-2018-1341 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.(CVE-2018-8740)\");\n\n script_tag(name:\"affected\", value:\"'sqlite' package(s) on Huawei EulerOS Virtualization 2.5.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.1.h1\", rls:\"EULEROSVIRT-2.5.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-28T00:00:00", "type": "openvas", "title": "Fedora Update for sqlite FEDORA-2018-aace372c3f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8740"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874287", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874287", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_aace372c3f_sqlite_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for sqlite FEDORA-2018-aace372c3f\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874287\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-28 08:58:29 +0200 (Wed, 28 Mar 2018)\");\n script_cve_id(\"CVE-2018-8740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for sqlite FEDORA-2018-aace372c3f\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"sqlite on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-aace372c3f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AOBWHML3I2EAMAQAQP4DABAHQQWCPNDD\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.20.1~2.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:37:18", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2018-1136)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8740"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181136", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181136", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1136\");\n script_version(\"2020-01-23T11:14:59+0000\");\n script_cve_id(\"CVE-2018-8740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:14:59 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:14:59 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2018-1136)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1136\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1136\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'sqlite' package(s) announced via the EulerOS-SA-2018-1136 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.(CVE-2018-8740)\");\n\n script_tag(name:\"affected\", value:\"'sqlite' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.1.h1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.1.h1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:35:32", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2018-1137)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8740"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181137", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181137", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1137\");\n script_version(\"2020-01-23T11:14:59+0000\");\n script_cve_id(\"CVE-2018-8740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:14:59 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:14:59 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2018-1137)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1137\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1137\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'sqlite' package(s) announced via the EulerOS-SA-2018-1137 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.(CVE-2018-8740)\");\n\n script_tag(name:\"affected\", value:\"'sqlite' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~8.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~8.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:33:01", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for memcached (EulerOS-SA-2018-1138)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8740", "CVE-2018-1000127"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181138", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181138", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1138\");\n script_version(\"2020-01-23T11:15:00+0000\");\n script_cve_id(\"CVE-2018-1000127\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:15:00 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:15:00 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for memcached (EulerOS-SA-2018-1138)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1138\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1138\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'memcached' package(s) announced via the EulerOS-SA-2018-1138 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.(CVE-2018-8740)\");\n\n script_tag(name:\"affected\", value:\"'memcached' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"memcached\", rpm:\"memcached~1.4.15~9.h2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:54:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-22T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for sqlite3 (openSUSE-SU-2019:1426-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10989", "CVE-2018-8740"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852510", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852510", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852510\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2017-10989\", \"CVE-2018-8740\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-22 02:01:19 +0000 (Wed, 22 May 2019)\");\n script_name(\"openSUSE: Security Advisory for sqlite3 (openSUSE-SU-2019:1426-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1426-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00050.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite3'\n package(s) announced via the openSUSE-SU-2019:1426-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for sqlite3 fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2018-8740: Fixed a NULL pointer dereference related to corrupted\n databases schemas (bsc#1085790).\n\n - CVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize()\n (bsc#1132045).\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1426=1\");\n\n script_tag(name:\"affected\", value:\"'sqlite3' package(s) on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsqlite3-0\", rpm:\"libsqlite3-0~3.8.10.2~11.7.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsqlite3-0-debuginfo\", rpm:\"libsqlite3-0-debuginfo~3.8.10.2~11.7.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite3\", rpm:\"sqlite3~3.8.10.2~11.7.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite3-debuginfo\", rpm:\"sqlite3-debuginfo~3.8.10.2~11.7.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite3-debugsource\", rpm:\"sqlite3-debugsource~3.8.10.2~11.7.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite3-devel\", rpm:\"sqlite3-devel~3.8.10.2~11.7.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sqlite3-doc\", rpm:\"sqlite3-doc~3.8.10.2~11.7.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsqlite3-0-32bit\", rpm:\"libsqlite3-0-32bit~3.8.10.2~11.7.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsqlite3-0-debuginfo-32bit\", rpm:\"libsqlite3-0-debuginfo-32bit~3.8.10.2~11.7.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-03T20:38:23", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-03-30T00:00:00", "type": "openvas", "title": "Apple iTunes Multiple Vulnerabilities-HT207598 (MAC OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310810725", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810725", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iTunes Multiple Vulnerabilities-HT207598 (MACOSX)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810725\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2009-3270\", \"CVE-2009-3560\", \"CVE-2009-3720\", \"CVE-2012-1147\",\n \"CVE-2012-1148\", \"CVE-2012-6702\", \"CVE-2013-7443\", \"CVE-2015-1283\",\n \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\", \"CVE-2015-3717\",\n \"CVE-2015-6607\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\",\n \"CVE-2016-6153\");\n script_bugtraq_id(74228);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-03-30 17:45:29 +0530 (Thu, 30 Mar 2017)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities-HT207598 (MAC OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to the multiple\n issues in SQLite and expat\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code, cause unexpected application termination\n and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.6 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.6.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT207598\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_itunes_detect_macosx.nasl\");\n script_mandatory_keys(\"Apple/iTunes/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"12.6\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"12.6\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:33:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-09T00:00:00", "type": "openvas", "title": "Fedora Update for sqlite FEDORA-2018-8d8f0e1643", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8740", "CVE-2017-13685", "CVE-2017-15286"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874663", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874663", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_8d8f0e1643_sqlite_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for sqlite FEDORA-2018-8d8f0e1643\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874663\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-09 06:01:39 +0200 (Sat, 09 Jun 2018)\");\n script_cve_id(\"CVE-2017-13685\", \"CVE-2017-15286\", \"CVE-2018-8740\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for sqlite FEDORA-2018-8d8f0e1643\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"sqlite on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-8d8f0e1643\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NZZAIFXIBPTX4ETB4R6PJE66SVCQFLC\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.20.1~3.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-15T14:35:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-14T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-sqlite FEDORA-2019-49f80a78bc", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20346", "CVE-2018-8740", "CVE-2016-6153"], "modified": "2019-08-14T00:00:00", "id": "OPENVAS:1361412562310876673", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876673", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876673\");\n script_version(\"2019-08-14T07:16:43+0000\");\n script_cve_id(\"CVE-2018-20346\", \"CVE-2018-8740\", \"CVE-2016-6153\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-08-14 07:16:43 +0000 (Wed, 14 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-14 02:34:50 +0000 (Wed, 14 Aug 2019)\");\n script_name(\"Fedora Update for mingw-sqlite FEDORA-2019-49f80a78bc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-49f80a78bc\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-sqlite'\n package(s) announced via the FEDORA-2019-49f80a78bc advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of an SQL database without the administrative hassles of\nsupporting a separate database server. Version 2 and version 3 binaries\nare named to permit each to be installed on a single host\n\nThis package contains cross-compiled libraries and development tools\nfor Windows.\");\n\n script_tag(name:\"affected\", value:\"'mingw-sqlite' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-sqlite\", rpm:\"mingw-sqlite~3.26.0.0~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-03T20:31:03", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-03-30T00:00:00", "type": "openvas", "title": "Apple iTunes Multiple Vulnerabilities-HT207599 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2479", "CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2017-2480", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2017-5029", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2017-2463", "CVE-2016-4472", "CVE-2013-7443", "CVE-2017-2383"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310810724", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810724", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iTunes Multiple Vulnerabilities-HT207599 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810724\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2009-3270\", \"CVE-2009-3560\", \"CVE-2009-3720\", \"CVE-2012-1147\",\n \"CVE-2012-1148\", \"CVE-2012-6702\", \"CVE-2013-7443\", \"CVE-2015-1283\",\n \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\", \"CVE-2015-3717\",\n \"CVE-2015-6607\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\",\n \"CVE-2016-6153\", \"CVE-2017-2383\", \"CVE-2017-2463\", \"CVE-2017-2479\",\n \"CVE-2017-2480\", \"CVE-2017-5029\");\n script_bugtraq_id(74228);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-03-30 17:37:29 +0530 (Thu, 30 Mar 2017)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities-HT207599 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - A client certificate was sent in plaintext. This issue was addressed\n through improved certificate handling.\n\n - The multiple issues existed in SQLite.\n\n - The multiple issues existed in expat.\n\n - The multiple memory corruption issues were addressed through\n improved memory handling.\n\n - The processing maliciously crafted web content may lead to arbitrary\n code execution.\n\n - The processing maliciously crafted web content may exfiltrate data\n cross-origin.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code, cause unexpected application termination\n and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.6 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.6.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT207599\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Installed\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"12.6\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"12.6\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-29T19:24:34", "description": "Several flaws were corrected in SQLite, an SQL database engine.\n\nCVE-2017-2518\n\nA use-after-free bug in the query optimizer may cause a\nbuffer overflow and application crash via a crafted SQL statement.\n\nCVE-2017-2519\n\nInsufficient size of the reference count on Table objects\ncould lead to a denial-of-service or arbitrary code execution.\n\nCVE-2017-2520\n\nThe sqlite3_value_text() interface returned a buffer that was not\nlarge enough to hold the complete string plus zero terminator when\nthe input was a zeroblob. This could lead to arbitrary code\nexecution or a denial-of-service.\n\nCVE-2017-10989\n\nSQLite mishandles undersized RTree blobs in a crafted database\nleading to a heap-based buffer over-read or possibly unspecified\nother impact.\n\nCVE-2018-8740\n\nDatabases whose schema is corrupted using a CREATE TABLE AS\nstatement could cause a NULL pointer dereference.", "cvss3": {}, "published": "2019-01-14T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for sqlite3 (DLA-1633-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10989", "CVE-2017-2520", "CVE-2018-8740", "CVE-2017-2518", "CVE-2017-2519"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891633", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891633", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891633\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-10989\", \"CVE-2017-2518\", \"CVE-2017-2519\", \"CVE-2017-2520\", \"CVE-2018-8740\");\n script_name(\"Debian LTS: Security Advisory for sqlite3 (DLA-1633-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-14 00:00:00 +0100 (Mon, 14 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00009.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"sqlite3 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n3.8.7.1-1+deb8u4.\n\nWe recommend that you upgrade your sqlite3 packages.\");\n\n script_tag(name:\"summary\", value:\"Several flaws were corrected in SQLite, an SQL database engine.\n\nCVE-2017-2518\n\nA use-after-free bug in the query optimizer may cause a\nbuffer overflow and application crash via a crafted SQL statement.\n\nCVE-2017-2519\n\nInsufficient size of the reference count on Table objects\ncould lead to a denial-of-service or arbitrary code execution.\n\nCVE-2017-2520\n\nThe sqlite3_value_text() interface returned a buffer that was not\nlarge enough to hold the complete string plus zero terminator when\nthe input was a zeroblob. This could lead to arbitrary code\nexecution or a denial-of-service.\n\nCVE-2017-10989\n\nSQLite mishandles undersized RTree blobs in a crafted database\nleading to a heap-based buffer over-read or possibly unspecified\nother impact.\n\nCVE-2018-8740\n\nDatabases whose schema is corrupted using a CREATE TABLE AS\nstatement could cause a NULL pointer dereference.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"lemon\", ver:\"3.8.7.1-1+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.7.1-1+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-0-dbg\", ver:\"3.8.7.1-1+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-dev\", ver:\"3.8.7.1-1+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-tcl\", ver:\"3.8.7.1-1+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.8.7.1-1+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"sqlite3-doc\", ver:\"3.8.7.1-1+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-19T15:00:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-12-03T00:00:00", "type": "openvas", "title": "Ubuntu Update for sqlite3 USN-4205-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8740", "CVE-2019-16168", "CVE-2019-19244", "CVE-2019-5018", "CVE-2019-19242", "CVE-2019-5827"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310844254", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844254", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844254\");\n script_version(\"2019-12-18T09:57:42+0000\");\n script_cve_id(\"CVE-2018-8740\", \"CVE-2019-16168\", \"CVE-2019-19242\", \"CVE-2019-19244\", \"CVE-2019-5018\", \"CVE-2019-5827\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 09:57:42 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-12-03 03:00:47 +0000 (Tue, 03 Dec 2019)\");\n script_name(\"Ubuntu Update for sqlite3 USN-4205-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU19\\.10|UBUNTU19\\.04|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4205-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-December/005225.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite3'\n package(s) announced via the USN-4205-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that SQLite incorrectly handled certain schemas.\nAn attacker could possibly use this issue to cause a denial of service.\nThis issue only affected Ubuntu 12.04 ESM. (CVE-2018-8740)\n\nIt was discovered that SQLite incorrectly handled certain schemas.\nAn attacker could possibly use this issue to cause a denial of service.\nThis issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.04.\n(CVE-2019-16168)\n\nIt was discovered that SQLite incorrectly handled certain schemas.\nAn attacker could possibly use this issue to mishandles some expressions.\nThis issue only affected Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-19242)\n\nIt was discovered that SQLite incorrectly handled certain queries.\nAn attacker could possibly use this issue to execute arbitrary code.\nThis issue only affected Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-19244)\n\nIt was discovered that SQLite incorrectly handled certain SQL commands.\nAn attacker could possibly use this issue to execute arbitrary code.\nThis issue only affected Ubuntu 19.04. (CVE-2019-5018)\n\nIt was discovered that SQLite incorrectly handled certain commands. An\nattacker could possibly use this issue to execute arbitrary code.\n(CVE-2019-5827)\");\n\n script_tag(name:\"affected\", value:\"'sqlite3' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.22.0-1ubuntu0.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.22.0-1ubuntu0.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.29.0-2ubuntu0.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.29.0-2ubuntu0.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.27.2-2ubuntu0.2\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.27.2-2ubuntu0.2\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.11.0-1ubuntu1.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.11.0-1ubuntu1.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-15T15:55:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-11T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for sqlite3 (USN-4394-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13434", "CVE-2018-8740", "CVE-2020-13632", "CVE-2020-13631", "CVE-2020-11655", "CVE-2020-13435", "CVE-2019-19645", "CVE-2020-13630", "CVE-2019-19603"], "modified": "2020-06-12T00:00:00", "id": "OPENVAS:1361412562310844467", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844467", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844467\");\n script_version(\"2020-06-12T07:11:22+0000\");\n script_cve_id(\"CVE-2018-8740\", \"CVE-2019-19603\", \"CVE-2019-19645\", \"CVE-2020-11655\", \"CVE-2020-13434\", \"CVE-2020-13435\", \"CVE-2020-13630\", \"CVE-2020-13631\", \"CVE-2020-13632\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-12 07:11:22 +0000 (Fri, 12 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-11 03:00:40 +0000 (Thu, 11 Jun 2020)\");\n script_name(\"Ubuntu: Security Advisory for sqlite3 (USN-4394-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS|UBUNTU20\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4394-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-June/005476.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite3'\n package(s) announced via the USN-4394-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that SQLite incorrectly handled certain corruped schemas.\nAn attacker could possibly use this issue to cause a denial of service.\nThis issue only affected Ubuntu 18.04 LTS. (CVE-2018-8740)\n\nIt was discovered that SQLite incorrectly handled certain SELECT\nstatements. An attacker could possibly use this issue to cause a denial of\nservice. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19603)\n\nIt was discovered that SQLite incorrectly handled certain self-referential\nviews. An attacker could possibly use this issue to cause a denial of\nservice. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19645)\n\nHenry Liu discovered that SQLite incorrectly handled certain malformed\nwindow-function queries. An attacker could possibly use this issue to cause\na denial of service. This issue only affected Ubuntu 19.10 and Ubuntu 20.04\nLTS. (CVE-2020-11655)\n\nIt was discovered that SQLite incorrectly handled certain string\noperations. An attacker could use this issue to cause SQLite to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2020-13434)\n\nIt was discovered that SQLite incorrectly handled certain expressions. An\nattacker could use this issue to cause SQLite to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. This issue only\naffected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13435)\n\nIt was discovered that SQLite incorrectly handled certain fts3 queries. An\nattacker could use this issue to cause SQLite to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2020-13630)\n\nIt was discovered that SQLite incorrectly handled certain virtual table\nnames. An attacker could possibly use this issue to cause a denial of\nservice. This issue was only addressed in Ubuntu 19.10 and Ubuntu 20.04\nLTS. (CVE-2020-13631)\n\nIt was discovered that SQLite incorrectly handled certain fts3 queries. An\nattacker could use this issue to cause SQLite to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2020-13632)\");\n\n script_tag(name:\"affected\", value:\"'sqlite3' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.29.0-2ubuntu0.3\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.29.0-2ubuntu0.3\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.22.0-1ubuntu0.4\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.22.0-1ubuntu0.4\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.11.0-1ubuntu1.5\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.11.0-1ubuntu1.5\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU20.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.31.1-4ubuntu0.1\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"sqlite3\", ver:\"3.31.1-4ubuntu0.1\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:32", "description": "\n\nNVD reports:\n\nSQLite before 3.8.9 does not properly implement the\n\t dequoting of collation-sequence names, which allows\n\t context-dependent attackers to cause a denial of service\n\t (uninitialized memory access and application crash) or\n\t possibly have unspecified other impact via a crafted\n\t COLLATE clause, as demonstrated by COLLATE\"\"\"\"\"\"\"\" at the\n\t end of a SELECT statement.\n\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before\n\t 3.8.9 does not properly implement comparison operators,\n\t which allows context-dependent attackers to cause a denial\n\t of service (invalid free operation) or possibly have\n\t unspecified other impact via a crafted CHECK clause, as\n\t demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.\n\t \n\n\nThe sqlite3VXPrintf function in printf.c in SQLite before\n\t 3.8.9 does not properly handle precision and width values\n\t during floating-point conversions, which allows\n\t context-dependent attackers to cause a denial of service\n\t (integer overflow and stack-based buffer overflow) or\n\t possibly have unspecified other impact via large integers\n\t in a crafted printf function call in a SELECT statement.\n\n\n", "cvss3": {}, "published": "2015-04-14T00:00:00", "type": "freebsd", "title": "sqlite -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-05-08T00:00:00", "id": "DEC3164F-3121-45EF-AF18-BB113AC5082F", "href": "https://vuxml.freebsd.org/freebsd/dec3164f-3121-45ef-af18-bb113ac5082f.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-19T15:51:31", "description": "\n\nMITRE reports:\n\nSQLite databases whose schema is corrupted using a CREATE TABLE AS\n\t statement could cause a NULL pointer dereference, related to build.c\n\t and prepare.c.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-03-16T00:00:00", "type": "freebsd", "title": "SQLite -- Corrupt DB can cause a NULL pointer dereference", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2018-03-16T00:00:00", "id": "C1630AA3-7970-11E8-8634-DCFE074BD614", "href": "https://vuxml.freebsd.org/freebsd/c1630aa3-7970-11e8-8634-dcfe074bd614.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-19T15:51:31", "description": "\n\nMITRE reports:\n\nSQLite databases whose schema is corrupted using a CREATE TABLE AS\n\t statement could cause a NULL pointer dereference, related to build.c\n\t and prepare.c.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-03-16T00:00:00", "type": "freebsd", "title": "SQLite -- Corrupt DB can cause a NULL pointer dereference", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2018-03-16T00:00:00", "id": "6D52BDA1-2E54-11E8-A68F-485B3931C969", "href": "https://vuxml.freebsd.org/freebsd/6d52bda1-2e54-11e8-a68f-485b3931c969.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-21T04:45:20", "description": "SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n", "cvss3": {}, "published": "2015-08-17T00:00:00", "type": "redhat", "title": "(RHSA-2015:1635) Moderate: sqlite security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2018-04-11T23:32:49", "id": "RHSA-2015:1635", "href": "https://access.redhat.com/errata/RHSA-2015:1635", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T18:40:51", "description": "SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n", "cvss3": {}, "published": "2015-08-17T00:00:00", "type": "redhat", "title": "(RHSA-2015:1634) Moderate: sqlite security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3416"], "modified": "2018-06-06T16:24:27", "id": "RHSA-2015:1634", "href": "https://access.redhat.com/errata/RHSA-2015:1634", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2022-01-29T01:03:52", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3252-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMay 06, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : sqlite3\nCVE ID : CVE-2015-3414 CVE-2015-3415 CVE-2015-3416\n\nMichal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.8.7.1-1+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 3.8.9-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.8.9-1.\n\nWe recommend that you upgrade your sqlite3 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-05-06T20:22:58", "type": "debian", "title": "[SECURITY] [DSA 3252-1] sqlite3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-05-06T20:22:58", "id": "DEBIAN:DSA-3252-1:580AD", "href": "https://lists.debian.org/debian-security-announce/2015/msg00140.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-29T01:02:57", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3252-2 security@debian.org\nhttps://www.debian.org/security/ Alessandro Ghedini\nJune 14, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : sqlite3\nCVE ID : CVE-2015-3416\nDebian Bug : 783968\n\nMichal Zalewski discovered that SQLite3, an implementation of an SQL\ndatabase engine, did not properly handle precision and width values\nduring floating-point conversions, leading to an integer overflow and a\nstack-based buffer overflow. This could allow remote attackers to cause\na denial of service (crash) or possibly have unspecified other impact.\n\nNote that this issue had already been fixed for the stable distribution\n(jessie) as part of DSA 3252-1.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 3.7.13-1+deb7u2.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.8.7.1-1+deb8u1.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 3.8.10.2-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.8.10.2-1.\n\nWe recommend that you upgrade your sqlite3 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-06-14T15:09:43", "type": "debian", "title": "[SECURITY] [DSA 3252-2] sqlite3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3416"], "modified": "2015-06-14T15:09:43", "id": "DEBIAN:DSA-3252-2:F9016", "href": "https://lists.debian.org/debian-security-announce/2015/msg00184.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T13:16:50", "description": "Package : sqlite3\nVersion : 3.8.7.1-1+deb8u4\nCVE ID : CVE-2017-2518 CVE-2017-2519 CVE-2017-2520\n CVE-2017-10989 CVE-2018-8740\nDebian Bug : 867618 893195\n\nSeveral flaws were corrected in SQLite, an SQL database engine.\n\nCVE-2017-2518\n\n A use-after-free bug in the query optimizer may cause a\n buffer overflow and application crash via a crafted SQL statement.\n\nCVE-2017-2519\n\n Insufficient size of the reference count on Table objects\n could lead to a denial-of-service or arbitrary code execution.\n\nCVE-2017-2520\n\n The sqlite3_value_text() interface returned a buffer that was not\n large enough to hold the complete string plus zero terminator when\n the input was a zeroblob. This could lead to arbitrary code\n execution or a denial-of-service.\n\nCVE-2017-10989\n\n SQLite mishandles undersized RTree blobs in a crafted database\n leading to a heap-based buffer over-read or possibly unspecified\n other impact.\n\nCVE-2018-8740\n\n Databases whose schema is corrupted using a CREATE TABLE AS\n statement could cause a NULL pointer dereference.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n3.8.7.1-1+deb8u4.\n\nWe recommend that you upgrade your sqlite3 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-11T18:48:51", "type": "debian", "title": "[SECURITY] [DLA 1633-1] sqlite3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10989", "CVE-2017-2518", "CVE-2017-2519", "CVE-2017-2520", "CVE-2018-8740"], "modified": "2019-01-11T18:48:51", "id": "DEBIAN:DLA-1633-1:A3283", "href": "https://lists.debian.org/debian-lts-announce/2019/01/msg00009.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-03T16:35:34", "description": "Package : sqlite3\nVersion : 3.8.7.1-1+deb8u4\nCVE ID : CVE-2017-2518 CVE-2017-2519 CVE-2017-2520\n CVE-2017-10989 CVE-2018-8740\nDebian Bug : 867618 893195\n\nSeveral flaws were corrected in SQLite, an SQL database engine.\n\nCVE-2017-2518\n\n A use-after-free bug in the query optimizer may cause a\n buffer overflow and application crash via a crafted SQL statement.\n\nCVE-2017-2519\n\n Insufficient size of the reference count on Table objects\n could lead to a denial-of-service or arbitrary code execution.\n\nCVE-2017-2520\n\n The sqlite3_value_text() interface returned a buffer that was not\n large enough to hold the complete string plus zero terminator when\n the input was a zeroblob. This could lead to arbitrary code\n execution or a denial-of-service.\n\nCVE-2017-10989\n\n SQLite mishandles undersized RTree blobs in a crafted database\n leading to a heap-based buffer over-read or possibly unspecified\n other impact.\n\nCVE-2018-8740\n\n Databases whose schema is corrupted using a CREATE TABLE AS\n statement could cause a NULL pointer dereference.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n3.8.7.1-1+deb8u4.\n\nWe recommend that you upgrade your sqlite3 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-11T18:48:51", "type": "debian", "title": "[SECURITY] [DLA 1633-1] sqlite3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10989", "CVE-2017-2518", "CVE-2017-2519", "CVE-2017-2520", "CVE-2018-8740"], "modified": "2019-01-11T18:48:51", "id": "DEBIAN:DLA-1633-1:7A683", "href": "https://lists.debian.org/debian-lts-announce/2019/01/msg00009.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-30T18:37:45", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2340-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ \nAugust 22, 2020 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : sqlite3\nVersion : 3.16.2-5+deb9u2\nCVE ID : CVE-2018-8740 CVE-2018-20346 CVE-2018-20506 CVE-2019-5827 \n CVE-2019-9936 CVE-2019-9937 CVE-2019-16168 CVE-2019-20218 \n CVE-2020-11655 CVE-2020-13434 CVE-2020-13630 CVE-2020-13632 \n CVE-2020-13871\nDebian Bug : \n\nSeveral vulnerabilities have been discovered in sqlite3, a C library that\nimplements an SQL database engine.\n\nCVE-2018-8740\n\n Databases whose schema is corrupted using a CREATE TABLE AS statement\n could cause a NULL pointer dereference.\n\nCVE-2018-20346\n\n When the FTS3 extension is enabled, sqlite3 encounters an integer\n overflow (and resultant buffer overflow) for FTS3 queries that occur\n after crafted changes to FTS3 shadow tables, allowing remote\n attackers to execute arbitrary code by leveraging the ability to run\n arbitrary SQL statements.\n\nCVE-2018-20506\n\n When the FTS3 extension is enabled, sqlite3 encounters an integer\n overflow (and resultant buffer overflow) for FTS3 queries in a\n "merge" operation that occurs after crafted changes to FTS3 shadow\n tables, allowing remote attackers to execute arbitrary code by\n leveraging the ability to run arbitrary SQL statements\n\nCVE-2019-5827\n\n Integer overflow allowed a remote attacker to potentially exploit\n heap corruption via a crafted HTML page, primarily impacting\n chromium.\n\nCVE-2019-9936\n\n Running fts5 prefix queries inside a transaction could trigger a\n heap-based buffer over-read, which may lead to an information leak.\n\nCVE-2019-9937\n\n Interleaving reads and writes in a single transaction with an fts5\n virtual table will lead to a NULL Pointer Dereference.\n\nCVE-2019-16168\n\n A browser or other application can be triggered to crash because of\n inadequate parameter validation which could lead to a divide-by-zero\n error.\n\nCVE-2019-20218\n\n WITH stack unwinding proceeds even after a parsing error, resulting\n in a possible application crash.\n\nCVE-2020-13630\n\n The code related to the snippet feature exhibits a use-after-free\n defect.\n\nCVE-2020-13632\n\n A crafted matchinfo() query can lead to a NULL pointer dereference.\n\nCVE-2020-13871\n\n The parse tree rewrite for window functions is too late, leading to\n a use-after-free defect.\n\nCVE-2020-11655\n\n An improper initialization of AggInfo objects allows attackers to\n cause a denial of service (segmentation fault) via a malformed\n window-function query.\n\nCVE-2020-13434\n\n The code in sqlite3_str_vappendf in printf.c contains an integer\n overflow defect.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.16.2-5+deb9u2.\n\nWe recommend that you upgrade your sqlite3 packages.\n\nFor the detailed security status of sqlite3 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/sqlite3\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-08-22T22:34:41", "type": "debian", "title": "[SECURITY] [DLA 2340-1] sqlite3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2018-20506", "CVE-2018-8740", "CVE-2019-16168", "CVE-2019-20218", "CVE-2019-5827", "CVE-2019-9936", "CVE-2019-9937", "CVE-2020-11655", "CVE-2020-13434", "CVE-2020-13630", "CVE-2020-13632", "CVE-2020-13871"], "modified": "2020-08-22T22:34:41", "id": "DEBIAN:DLA-2340-1:34DF9", "href": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-08-10T07:10:22", "description": "\nMichal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.8.7.1-1+deb8u1.\n\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 3.8.9-1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.8.9-1.\n\n\nWe recommend that you upgrade your sqlite3 packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2015-05-06T00:00:00", "type": "osv", "title": "sqlite3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2022-08-10T07:09:19", "id": "OSV:DSA-3252-1", "href": "https://osv.dev/vulnerability/DSA-3252-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:10:20", "description": "\nMichal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.8.7.1-1+deb8u1.\n\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 3.8.9-1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.8.9-1.\n\n\nWe recommend that you upgrade your sqlite3 packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2015-05-06T00:00:00", "type": "osv", "title": "sqlite3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3416"], "modified": "2022-08-10T07:09:19", "id": "OSV:DSA-3252-2", "href": "https://osv.dev/vulnerability/DSA-3252-2", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:19:01", "description": "\nSeveral flaws were corrected in SQLite, an SQL database engine.\n\n\n* [CVE-2017-2518](https://security-tracker.debian.org/tracker/CVE-2017-2518)\nA use-after-free bug in the query optimizer may cause a\n buffer overflow and application crash via a crafted SQL statement.\n* [CVE-2017-2519](https://security-tracker.debian.org/tracker/CVE-2017-2519)\nInsufficient size of the reference count on Table objects\n could lead to a denial-of-service or arbitrary code execution.\n* [CVE-2017-2520](https://security-tracker.debian.org/tracker/CVE-2017-2520)\nThe sqlite3\\_value\\_text() interface returned a buffer that was not\n large enough to hold the complete string plus zero terminator when\n the input was a zeroblob. This could lead to arbitrary code\n execution or a denial-of-service.\n* [CVE-2017-10989](https://security-tracker.debian.org/tracker/CVE-2017-10989)\nSQLite mishandles undersized RTree blobs in a crafted database\n leading to a heap-based buffer over-read or possibly unspecified\n other impact.\n* [CVE-2018-8740](https://security-tracker.debian.org/tracker/CVE-2018-8740)\nDatabases whose schema is corrupted using a CREATE TABLE AS\n statement could cause a NULL pointer dereference.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n3.8.7.1-1+deb8u4.\n\n\nWe recommend that you upgrade your sqlite3 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-11T00:00:00", "type": "osv", "title": "sqlite3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10989", "CVE-2017-2520", "CVE-2018-8740", "CVE-2017-2518", "CVE-2017-2519"], "modified": "2022-07-21T05:52:27", "id": "OSV:DLA-1633-1", "href": "https://osv.dev/vulnerability/DLA-1633-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:16:35", "description": "\nSeveral vulnerabilities have been discovered in sqlite3, a C library that\nimplements an SQL database engine.\n\n\n* [CVE-2018-8740](https://security-tracker.debian.org/tracker/CVE-2018-8740)\nDatabases whose schema is corrupted using a CREATE TABLE AS statement\n could cause a NULL pointer dereference.\n* [CVE-2018-20346](https://security-tracker.debian.org/tracker/CVE-2018-20346)\nWhen the FTS3 extension is enabled, sqlite3 encounters an integer\n overflow (and resultant buffer overflow) for FTS3 queries that occur\n after crafted changes to FTS3 shadow tables, allowing remote\n attackers to execute arbitrary code by leveraging the ability to run\n arbitrary SQL statements.\n* [CVE-2018-20506](https://security-tracker.debian.org/tracker/CVE-2018-20506)\nWhen the FTS3 extension is enabled, sqlite3 encounters an integer\n overflow (and resultant buffer overflow) for FTS3 queries in a\n merge operation that occurs after crafted changes to FTS3 shadow\n tables, allowing remote attackers to execute arbitrary code by\n leveraging the ability to run arbitrary SQL statements\n* [CVE-2019-5827](https://security-tracker.debian.org/tracker/CVE-2019-5827)\nInteger overflow allowed a remote attacker to potentially exploit\n heap corruption via a crafted HTML page, primarily impacting\n chromium.\n* [CVE-2019-9936](https://security-tracker.debian.org/tracker/CVE-2019-9936)\nRunning fts5 prefix queries inside a transaction could trigger a\n heap-based buffer over-read, which may lead to an information leak.\n* [CVE-2019-9937](https://security-tracker.debian.org/tracker/CVE-2019-9937)\nInterleaving reads and writes in a single transaction with an fts5\n virtual table will lead to a NULL Pointer Dereference.\n* [CVE-2019-16168](https://security-tracker.debian.org/tracker/CVE-2019-16168)\nA browser or other application can be triggered to crash because of\n inadequate parameter validation which could lead to a divide-by-zero\n error.\n* [CVE-2019-20218](https://security-tracker.debian.org/tracker/CVE-2019-20218)\nWITH stack unwinding proceeds even after a parsing error, resulting\n in a possible application crash.\n* [CVE-2020-13630](https://security-tracker.debian.org/tracker/CVE-2020-13630)\nThe code related to the snippet feature exhibits a use-after-free\n defect.\n* [CVE-2020-13632](https://security-tracker.debian.org/tracker/CVE-2020-13632)\nA crafted matchinfo() query can lead to a NULL pointer dereference.\n* [CVE-2020-13871](https://security-tracker.debian.org/tracker/CVE-2020-13871)\nThe parse tree rewrite for window functions is too late, leading to\n a use-after-free defect.\n* [CVE-2020-11655](https://security-tracker.debian.org/tracker/CVE-2020-11655)\nAn improper initialization of AggInfo objects allows attackers to\n cause a denial of service (segmentation fault) via a malformed\n window-function query.\n* [CVE-2020-13434](https://security-tracker.debian.org/tracker/CVE-2020-13434)\nThe code in sqlite3\\_str\\_vappendf in printf.c contains an integer\n overflow defect.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.16.2-5+deb9u2.\n\n\nWe recommend that you upgrade your sqlite3 packages.\n\n\nFor the detailed security status of sqlite3 please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/sqlite3>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-08-22T00:00:00", "type": "osv", "title": "sqlite3 - regression update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2020-13434", "CVE-2019-20218", "CVE-2019-9936", "CVE-2018-8740", "CVE-2019-16168", "CVE-2020-13632", "CVE-2019-9937", "CVE-2020-11655", "CVE-2020-13630", "CVE-2018-20506", "CVE-2020-13871", "CVE-2019-5827"], "modified": "2022-07-21T05:53:20", "id": "OSV:DLA-2340-2", "href": "https://osv.dev/vulnerability/DLA-2340-2", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T05:18:53", "description": "\nSeveral vulnerabilities have been discovered in sqlite3, a C library that\nimplements an SQL database engine.\n\n\n* [CVE-2018-8740](https://security-tracker.debian.org/tracker/CVE-2018-8740)\nDatabases whose schema is corrupted using a CREATE TABLE AS statement\n could cause a NULL pointer dereference.\n* [CVE-2018-20346](https://security-tracker.debian.org/tracker/CVE-2018-20346)\nWhen the FTS3 extension is enabled, sqlite3 encounters an integer\n overflow (and resultant buffer overflow) for FTS3 queries that occur\n after crafted changes to FTS3 shadow tables, allowing remote\n attackers to execute arbitrary code by leveraging the ability to run\n arbitrary SQL statements.\n* [CVE-2018-20506](https://security-tracker.debian.org/tracker/CVE-2018-20506)\nWhen the FTS3 extension is enabled, sqlite3 encounters an integer\n overflow (and resultant buffer overflow) for FTS3 queries in a\n merge operation that occurs after crafted changes to FTS3 shadow\n tables, allowing remote attackers to execute arbitrary code by\n leveraging the ability to run arbitrary SQL statements\n* [CVE-2019-5827](https://security-tracker.debian.org/tracker/CVE-2019-5827)\nInteger overflow allowed a remote attacker to potentially exploit\n heap corruption via a crafted HTML page, primarily impacting\n chromium.\n* [CVE-2019-9936](https://security-tracker.debian.org/tracker/CVE-2019-9936)\nRunning fts5 prefix queries inside a transaction could trigger a\n heap-based buffer over-read, which may lead to an information leak.\n* [CVE-2019-9937](https://security-tracker.debian.org/tracker/CVE-2019-9937)\nInterleaving reads and writes in a single transaction with an fts5\n virtual table will lead to a NULL Pointer Dereference.\n* [CVE-2019-16168](https://security-tracker.debian.org/tracker/CVE-2019-16168)\nA browser or other application can be triggered to crash because of\n inadequate parameter validation which could lead to a divide-by-zero\n error.\n* [CVE-2019-20218](https://security-tracker.debian.org/tracker/CVE-2019-20218)\nWITH stack unwinding proceeds even after a parsing error, resulting\n in a possible application crash.\n* [CVE-2020-13630](https://security-tracker.debian.org/tracker/CVE-2020-13630)\nThe code related to the snippet feature exhibits a use-after-free\n defect.\n* [CVE-2020-13632](https://security-tracker.debian.org/tracker/CVE-2020-13632)\nA crafted matchinfo() query can lead to a NULL pointer dereference.\n* [CVE-2020-13871](https://security-tracker.debian.org/tracker/CVE-2020-13871)\nThe parse tree rewrite for window functions is too late, leading to\n a use-after-free defect.\n* [CVE-2020-11655](https://security-tracker.debian.org/tracker/CVE-2020-11655)\nAn improper initialization of AggInfo objects allows attackers to\n cause a denial of service (segmentation fault) via a malformed\n window-function query.\n* [CVE-2020-13434](https://security-tracker.debian.org/tracker/CVE-2020-13434)\nThe code in sqlite3\\_str\\_vappendf in printf.c contains an integer\n overflow defect.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.16.2-5+deb9u2.\n\n\nWe recommend that you upgrade your sqlite3 packages.\n\n\nFor the detailed security status of sqlite3 please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/sqlite3>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-08-22T00:00:00", "type": "osv", "title": "sqlite3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2020-13434", "CVE-2019-20218", "CVE-2019-9936", "CVE-2018-8740", "CVE-2019-16168", "CVE-2020-13632", "CVE-2019-9937", "CVE-2020-11655", "CVE-2020-13630", "CVE-2018-20506", "CVE-2020-13871", "CVE-2019-5827"], "modified": "2022-08-05T05:18:52", "id": "OSV:DLA-2340-1", "href": "https://osv.dev/vulnerability/DLA-2340-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2021-06-04T20:21:08", "description": "[3.7.17-6.1]\n- Fixes for CVE-2015-3415 CVE-2015-3414 CVE-2015-3416\n Resolves: rhbz#1244731\n[3.7.17-6]\n- Release bump for ppc64le\n[3.7.17-5]\n- Release bump\n[3.7.17-4.1]\n- Backport 64k page fix from latest upstream (#1118151)", "cvss3": {}, "published": "2015-08-17T00:00:00", "type": "oraclelinux", "title": "sqlite security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-08-17T00:00:00", "id": "ELSA-2015-1635", "href": "http://linux.oracle.com/errata/ELSA-2015-1635.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-06-04T20:21:10", "description": "[3.6.20-1.2]\n- Add patch for compiler warnings highlighted by rpmdiff.\n Related: rhbz#1244727\n[3.6.20-1.el6_7.1]\n- fix for CVE-2015-3416\n Resolves: #1244727", "cvss3": {}, "published": "2015-08-17T00:00:00", "type": "oraclelinux", "title": "sqlite security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-3416"], "modified": "2015-08-17T00:00:00", "id": "ELSA-2015-1634", "href": "http://linux.oracle.com/errata/ELSA-2015-1634.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:06:59", "description": "### Background\n\nSQLite is a C library that implements an SQL database engine.\n\n### Description\n\nMultiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could possibly cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll SQLite users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/sqlite-3.8.9\"", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "gentoo", "title": "SQLite: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-07-07T00:00:00", "id": "GLSA-201507-05", "href": "https://security.gentoo.org/glsa/201507-05", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2021-06-08T19:11:37", "description": "Over 20 errors, including uninitialized memory access.", "edition": 2, "cvss3": {}, "published": "2015-05-05T00:00:00", "type": "securityvulns", "title": "SQLite multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2015-05-05T00:00:00", "id": "SECURITYVULNS:VULN:14389", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14389", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:58", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2015:217\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : sqlite3\r\n Date : April 30, 2015\r\n Affected: Business Server 1.0, Business Server 2.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in sqlite3:\r\n \r\n SQLite before 3.8.9 does not properly implement the dequoting of\r\n collation-sequence names, which allows context-dependent attackers to\r\n cause a denial of service (uninitialized memory access and application\r\n crash) or possibly have unspecified other impact via a crafted COLLATE\r\n clause, as demonstrated by COLLATE at the end of a SELECT statement\r\n (CVE-2015-3414).\r\n \r\n The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9\r\n does not properly implement comparison operators, which allows\r\n context-dependent attackers to cause a denial of service (invalid\r\n free operation) or possibly have unspecified other impact via a\r\n crafted CHECK clause, as demonstrated by CHECK(0&amp;O&gt;O) in a CREATE\r\n TABLE statement (CVE-2015-3415).\r\n \r\n The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\r\n not properly handle precision and width values during floating-point\r\n conversions, which allows context-dependent attackers to cause a\r\n denial of service (integer overflow and stack-based buffer overflow)\r\n or possibly have unspecified other impact via large integers in a\r\n crafted printf function call in a SELECT statement (CVE-2015-3416).\r\n \r\n The updated packages provides a solution for these security issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416\r\n https://bugzilla.redhat.com/show_bug.cgi?id=1212353\r\n https://bugzilla.redhat.com/show_bug.cgi?id=1212356\r\n https://bugzilla.redhat.com/show_bug.cgi?id=1212357\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n adb7e2731d814af7948c8a65662e7c71 mbs1/x86_64/lemon-3.8.9-1.mbs1.x86_64.rpm\r\n 8c9620460c62d0f7d07bd5fee68ac038 mbs1/x86_64/lib64sqlite3_0-3.8.9-1.mbs1.x86_64.rpm\r\n f060fd3ca68302f59e47e9bc1b336d4b mbs1/x86_64/lib64sqlite3-devel-3.8.9-1.mbs1.x86_64.rpm\r\n 0fdd2e8a7456b51773b2a131534b9867 mbs1/x86_64/lib64sqlite3-static-devel-3.8.9-1.mbs1.x86_64.rpm\r\n 14682c0d09a3dc73f4405ee136c6115d mbs1/x86_64/sqlite3-tcl-3.8.9-1.mbs1.x86_64.rpm\r\n c2fc81b9162865ecdcef85aaa805507f mbs1/x86_64/sqlite3-tools-3.8.9-1.mbs1.x86_64.rpm \r\n 474e6b9bc6a7299f8ab34a90893bbd96 mbs1/SRPMS/sqlite3-3.8.9-1.mbs1.src.rpm\r\n\r\n Mandriva Business Server 2/X86_64:\r\n 44c4a002a3480388751603981327a21d mbs2/x86_64/lemon-3.8.9-1.mbs2.x86_64.rpm\r\n 9d2ded51447e5f133c37257635ef4f22 mbs2/x86_64/lib64sqlite3_0-3.8.9-1.mbs2.x86_64.rpm\r\n 42c8fce0126487fa0a72b4f5f1b5e852 mbs2/x86_64/lib64sqlite3-devel-3.8.9-1.mbs2.x86_64.rpm\r\n a93c0f348006f6675779bf7cd5c9f547 mbs2/x86_64/lib64sqlite3-static-devel-3.8.9-1.mbs2.x86_64.rpm\r\n 792f42a7a38d7947e7b5d0ea67510de2 mbs2/x86_64/sqlite3-tcl-3.8.9-1.mbs2.x86_64.rpm\r\n 947e30fcb8c4f19b1398d6e29adc29ac mbs2/x86_64/sqlite3-tools-3.8.9-1.mbs2.x86_64.rpm \r\n 150cb2acc870d5ca8a343f21edef4248 mbs2/SRPMS/sqlite3-3.8.9-1.mbs2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFVQdZEmqjQ0CJFipgRAvj9AJ9qeo094/bpIyYh46OHXWO6W26qUACg4mCP\r\nt5Ka/OioHfZ/AmIloxds0/s=\r\n=X45P\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-05-05T00:00:00", "type": "securityvulns", "title": "[ MDVSA-2015:217 ] sqlite3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3414"], "modified": "2015-05-05T00:00:00", "id": "SECURITYVULNS:DOC:31989", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31989", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:01", "description": "\r\n\r\nAPPLE-SA-2015-09-30-3 OS X El Capitan 10.11\r\n\r\nOS X El Capitan 10.11 is now available and addresses the following:\r\n\r\nAddress Book\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker may be able to inject arbitrary code to\r\nprocesses loading the Address Book framework\r\nDescription: An issue existed in Address Book framework's handling\r\nof an environment variable. This issue was addressed through improved\r\nenvironment variable handling.\r\nCVE-ID\r\nCVE-2015-5897 : Dan Bastone of Gotham Digital Science\r\n\r\nAirScan\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker with a privileged network position may be able\r\nto extract payload from eSCL packets sent over a secure connection\r\nDescription: An issue existed in the processing of eSCL packets.\r\nThis issue was addressed through improved validation checks.\r\nCVE-ID\r\nCVE-2015-5853 : an anonymous researcher\r\n\r\napache_mod_php\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in PHP\r\nDescription: Multiple vulnerabilities existed in PHP versions prior\r\nto 5.5.27, including one which may have led to remote code execution.\r\nThis issue was addressed by updating PHP to version 5.5.27.\r\nCVE-ID\r\nCVE-2014-9425\r\nCVE-2014-9427\r\nCVE-2014-9652\r\nCVE-2014-9705\r\nCVE-2014-9709\r\nCVE-2015-0231\r\nCVE-2015-0232\r\nCVE-2015-0235\r\nCVE-2015-0273\r\nCVE-2015-1351\r\nCVE-2015-1352\r\nCVE-2015-2301\r\nCVE-2015-2305\r\nCVE-2015-2331\r\nCVE-2015-2348\r\nCVE-2015-2783\r\nCVE-2015-2787\r\nCVE-2015-3329\r\nCVE-2015-3330\r\n\r\nApple Online Store Kit\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application may gain access to a user's keychain\r\nitems\r\nDescription: An issue existed in validation of access control lists\r\nfor iCloud keychain items. This issue was addressed through improved\r\naccess control list checks.\r\nCVE-ID\r\nCVE-2015-5836 : XiaoFeng Wang of Indiana University, Luyi Xing of\r\nIndiana University, Tongxin Li of Peking University, Tongxin Li of\r\nPeking University, Xiaolong Bai of Tsinghua University\r\n\r\nAppleEvents\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A user connected through screen sharing can send Apple\r\nEvents to a local user's session\r\nDescription: An issue existed with Apple Event filtering that\r\nallowed some users to send events to other users. This was addressed\r\nby improved Apple Event handling.\r\nCVE-ID\r\nCVE-2015-5849 : Jack Lawrence (@_jackhl)\r\n\r\nAudio\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Playing a malicious audio file may lead to an unexpected\r\napplication termination\r\nDescription: A memory corruption issue existed in the handling of\r\naudio files. This issue issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.:\r\nProf. Taekyoung Kwon), Yonsei University, Seoul, Korea\r\n\r\nbash\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in bash\r\nDescription: Multiple vulnerabilities existed in bash versions prior\r\nto 3.2 patch level 57. These issues were addressed by updating bash\r\nversion 3.2 to patch level 57.\r\nCVE-ID\r\nCVE-2014-6277\r\nCVE-2014-7186\r\nCVE-2014-7187\r\n\r\nCertificate Trust Policy\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT202858.\r\n\r\nCFNetwork Cookies\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker in a privileged network position can track a\r\nuser's activity\r\nDescription: A cross-domain cookie issue existed in the handling of\r\ntop level domains. The issue was address through improved\r\nrestrictions of cookie creation.\r\nCVE-ID\r\nCVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork FTPProtocol\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Malicious FTP servers may be able to cause the client to\r\nperform reconnaissance on other hosts\r\nDescription: An issue existed in the handling of FTP packets when\r\nusing the PASV command. This issue was resolved through improved\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5912 : Amit Klein\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A maliciously crafted URL may be able to bypass HSTS and\r\nleak sensitive data\r\nDescription: A URL parsing vulnerability existed in HSTS handling.\r\nThis issue was addressed through improved URL parsing.\r\nCVE-ID\r\nCVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious website may be able to track users in Safari\r\nprivate browsing mode\r\nDescription: An issue existed in the handling of HSTS state in\r\nSafari private browsing mode. This issue was addressed through\r\nimproved state handling.\r\nCVE-ID\r\nCVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd\r\n\r\nCFNetwork Proxies\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Connecting to a malicious web proxy may set malicious\r\ncookies for a website\r\nDescription: An issue existed in the handling of proxy connect\r\nresponses. This issue was addressed by removing the set-cookie header\r\nwhile parsing the connect response.\r\nCVE-ID\r\nCVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork SSL\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker with a privileged network position may intercept\r\nSSL/TLS connections\r\nDescription: A certificate validation issue existed in NSURL when a\r\ncertificate changed. This issue was addressed through improved\r\ncertificate validation.\r\nCVE-ID\r\nCVE-2015-5824 : Timothy J. Wood of The Omni Group\r\n\r\nCFNetwork SSL\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of RC4.\r\nAn attacker could force the use of RC4, even if the server preferred\r\nbetter ciphers, by blocking TLS 1.0 and higher connections until\r\nCFNetwork tried SSL 3.0, which only allows RC4. This issue was\r\naddressed by removing the fallback to SSL 3.0.\r\n\r\nCoreCrypto\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker may be able to determine a private key\r\nDescription: By observing many signing or decryption attempts, an\r\nattacker may have been able to determine the RSA private key. This\r\nissue was addressed using improved encryption algorithms.\r\n\r\nCoreText\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nDev Tools\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in dyld. This was\r\naddressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5876 : beist of grayhash\r\n\r\nDev Tools\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An application may be able to bypass code signing\r\nDescription: An issue existed with validation of the code signature\r\nof executables. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5839 : @PanguTeam\r\n\r\nDisk Images\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in DiskImages. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5847 : Filippo Bigarella, Luca Todesco\r\n\r\ndyld\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An application may be able to bypass code signing\r\nDescription: An issue existed with validation of the code signature\r\nof executables. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5839 : TaiG Jailbreak Team\r\n\r\nEFI\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application can prevent some systems from\r\nbooting\r\nDescription: An issue existed with the addresses covered by the\r\nprotected range register. This issue was fixed by changing the\r\nprotected range.\r\nCVE-ID\r\nCVE-2015-5900 : Xeno Kovah & Corey Kallenberg from LegbaCore\r\n\r\nEFI\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious Apple Ethernet Thunderbolt adapter may be able\r\nto affect firmware flashing\r\nDescription: Apple Ethernet Thunderbolt adapters could modify the\r\nhost firmware if connected during an EFI update. This issue was\r\naddressed by not loading option ROMs during updates.\r\nCVE-ID\r\nCVE-2015-5914 : Trammell Hudson of Two Sigma Investments and snare\r\n\r\nFinder\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: The "Secure Empty Trash" feature may not securely delete\r\nfiles placed in the Trash\r\nDescription: An issue existed in guaranteeing secure deletion of\r\nTrash files on some systems, such as those with flash storage. This\r\nissue was addressed by removing the "Secure Empty Trash" option.\r\nCVE-ID\r\nCVE-2015-5901 : Apple\r\n\r\nGame Center\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious Game Center application may be able to access a\r\nplayer's email address\r\nDescription: An issue existed in Game Center in the handling of a\r\nplayer's email. This issue was addressed through improved access\r\nrestrictions.\r\nCVE-ID\r\nCVE-2015-5855 : Nasser Alnasser\r\n\r\nHeimdal\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker may be able to replay Kerberos credentials to\r\nthe SMB server\r\nDescription: An authentication issue existed in Kerberos\r\ncredentials. This issue was addressed through additional validation\r\nof credentials using a list of recently seen credentials.\r\nCVE-ID\r\nCVE-2015-5913 : Tarun Chopra of Microsoft Corporation, U.S. and Yu\r\nFan of Microsoft Corporation, China\r\n\r\nICU\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in ICU\r\nDescription: Multiple vulnerabilities existed in ICU versions prior\r\nto 53.1.0. These issues were addressed by updating ICU to version\r\n55.1.\r\nCVE-ID\r\nCVE-2014-8146\r\nCVE-2014-8147\r\nCVE-2015-5922\r\n\r\nInstall Framework Legacy\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to gain root privileges\r\nDescription: A restriction issue existed in the Install private\r\nframework containing a privileged executable. This issue was\r\naddressed by removing the executable.\r\nCVE-ID\r\nCVE-2015-5888 : Apple\r\n\r\nIntel Graphics Driver\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: Multiple memory corruption issues existed in the Intel\r\nGraphics Driver. These issues were addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5830 : Yuki MIZUNO (@mzyy94)\r\nCVE-2015-5877 : Camillus Gerard Cai\r\n\r\nIOAudioFamily\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in IOAudioFamily that led to the\r\ndisclosure of kernel memory content. This issue was addressed by\r\npermuting kernel pointers.\r\nCVE-ID\r\nCVE-2015-5864 : Luca Todesco\r\n\r\nIOGraphics\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: Multiple memory corruption issues existed in the\r\nkernel. These issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5871 : Ilja van Sprundel of IOActive\r\nCVE-2015-5872 : Ilja van Sprundel of IOActive\r\nCVE-2015-5873 : Ilja van Sprundel of IOActive\r\nCVE-2015-5890 : Ilja van Sprundel of IOActive\r\n\r\nIOGraphics\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in IOGraphics which could have led to\r\nthe disclosure of kernel memory layout. This issue was addressed\r\nthrough improved memory management.\r\nCVE-ID\r\nCVE-2015-5865 : Luca Todesco\r\n\r\nIOHIDFamily\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: Multiple memory corruption issues existed in\r\nIOHIDFamily. These issues were addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5866 : Apple\r\nCVE-2015-5867 : moony li of Trend Micro\r\n\r\nIOStorageFamily\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker may be able to read kernel memory\r\nDescription: A memory initialization issue existed in the kernel.\r\nThis issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5863 : Ilja van Sprundel of IOActive\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: Multiple memory corruption issues existed in the\r\nKernel. These issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team\r\nCVE-2015-5896 : Maxime Villard of m00nbsd\r\nCVE-2015-5903 : CESG\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local process can modify other processes without\r\nentitlement checks\r\nDescription: An issue existed where root processes using the\r\nprocessor_set_tasks API were allowed to retrieve the task ports of\r\nother processes. This issue was addressed through additional\r\nentitlement checks.\r\nCVE-ID\r\nCVE-2015-5882 : Pedro Vilaca, working from original research by\r\nMing-chieh Pan and Sung-ting Tsai; Jonathan Levin\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker may control the value of stack cookies\r\nDescription: Multiple weaknesses existed in the generation of user\r\nspace stack cookies. These issues were addressed through improved\r\ngeneration of stack cookies.\r\nCVE-ID\r\nCVE-2013-3951 : Stefan Esser\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker may be able to launch denial of service attacks\r\non targeted TCP connections without knowing the correct sequence\r\nnumber\r\nDescription: An issue existed in xnu's validation of TCP packet\r\nheaders. This issue was addressed through improved TCP packet header\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5879 : Jonathan Looney\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker in a local LAN segment may disable IPv6 routing\r\nDescription: An insufficient validation issue existed in the\r\nhandling of IPv6 router advertisements that allowed an attacker to\r\nset the hop limit to an arbitrary value. This issue was addressed by\r\nenforcing a minimum hop limit.\r\nCVE-ID\r\nCVE-2015-5869 : Dennis Spindel Ljungmark\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed that led to the disclosure of kernel\r\nmemory layout. This was addressed through improved initialization of\r\nkernel memory structures.\r\nCVE-ID\r\nCVE-2015-5842 : beist of grayhash\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in debugging interfaces that led to\r\nthe disclosure of memory content. This issue was addressed by\r\nsanitizing output from debugging interfaces.\r\nCVE-ID\r\nCVE-2015-5870 : Apple\r\n\r\nKernel\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: A state management issue existed in debugging\r\nfunctionality. This issue was addressed through improved validation.\r\nCVE-ID\r\nCVE-2015-5902 : Sergi Alvarez (pancake) of NowSecure Research Team\r\n\r\nlibc\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse\r\nCorporation\r\n\r\nlibpthread\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team\r\n\r\nlibxpc\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Many SSH connections could cause a denial of service\r\nDescription: launchd had no limit on the number of processes that\r\ncould be started by a network connection. This issue was addressed by\r\nlimiting the number of SSH processes to 40.\r\nCVE-ID\r\nCVE-2015-5881 : Apple\r\n\r\nLogin Window\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: The screen lock may not engage after the specified time\r\nperiod\r\nDescription: An issue existed with captured display locking. The\r\nissue was addressed through improved lock handling.\r\nCVE-ID\r\nCVE-2015-5833 : Carlos Moreira, Rainer Dorau of rainer dorau\r\ninformationsdesign, Chris Nehren, Kai Takac, Hans Douma, Toni\r\nVaahtera, and an anonymous researcher\r\n\r\nlukemftpd\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A remote attacker may be able to deny service to the FTP\r\nserver\r\nDescription: A glob-processing issue existed in tnftpd. This issue\r\nwas addressed through improved glob validation.\r\nCVE-ID\r\nCVE-2015-5917 : Maksymilian Arciemowicz of cxsecurity.com\r\n\r\nMail\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Printing an email may leak sensitive user information\r\nDescription: An issue existed in Mail which bypassed user\r\npreferences when printing an email. This issue was addressed through\r\nimproved user preference enforcement.\r\nCVE-ID\r\nCVE-2015-5881 : Owen DeLong of Akamai Technologies, Noritaka Kamiya,\r\nDennis Klein from Eschenburg, Germany, Jeff Hammett of Systim\r\nTechnology Partners\r\n\r\nMail\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: An attacker in a privileged network position may be able to\r\nintercept attachments of S/MIME-encrypted e-mail sent via Mail Drop\r\nDescription: An issue existed in handling encryption parameters for\r\nlarge email attachments sent via Mail Drop. The issue is addressed by\r\nno longer offering Mail Drop when sending an encrypted e-mail.\r\nCVE-ID\r\nCVE-2015-5884 : John McCombs of Integrated Mapping Ltd\r\n\r\nMultipeer Connectivity\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker may be able to observe unprotected\r\nmultipeer data\r\nDescription: An issue existed in convenience initializer handling in\r\nwhich encryption could be actively downgraded to a non-encrypted\r\nsession. This issue was addressed by changing the convenience\r\ninitializer to require encryption.\r\nCVE-ID\r\nCVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem\r\n\r\nNetworkExtension\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An uninitialized memory issue in the kernel led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved memory initialization.\r\nCVE-ID\r\nCVE-2015-5831 : Maxime Villard of m00nbsd\r\n\r\nNotes\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to leak sensitive user information\r\nDescription: An issue existed in parsing links in the Notes\r\napplication. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5878 : Craig Young of Tripwire VERT, an anonymous researcher\r\n\r\nNotes\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to leak sensitive user information\r\nDescription: A cross-site scripting issue existed in parsing text by\r\nthe Notes application. This issue was addressed through improved\r\ninput validation.\r\nCVE-ID\r\nCVE-2015-5875 : xisigr of Tencent's Xuanwu LAB (www.tencent.com)\r\n\r\nOpenSSH\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in OpenSSH\r\nDescription: Multiple vulnerabilities existed in OpenSSH versions\r\nprior to 6.9. These issues were addressed by updating OpenSSH to\r\nversion 6.9.\r\nCVE-ID\r\nCVE-2014-2532\r\n\r\nOpenSSL\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: Multiple vulnerabilities existed in OpenSSL versions\r\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\r\n0.9.8zg.\r\nCVE-ID\r\nCVE-2015-0286\r\nCVE-2015-0287\r\n\r\nprocmail\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in procmail\r\nDescription: Multiple vulnerabilities existed in procmail versions\r\nprior to 3.22. These issues were addressed by removing procmail.\r\nCVE-ID\r\nCVE-2014-3618\r\n\r\nremote_cmds\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with root\r\nprivileges\r\nDescription: An issue existed in the usage of environment variables\r\nby the rsh binary. This issue was addressed by dropping setuid\r\nprivileges from the rsh binary.\r\nCVE-ID\r\nCVE-2015-5889 : Philip Pettersson\r\n\r\nremovefile\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Processing malicious data may lead to unexpected application\r\ntermination\r\nDescription: An overflow fault existed in the checkint division\r\nroutines. This issue was addressed with improved division routines.\r\nCVE-ID\r\nCVE-2015-5840 : an anonymous researcher\r\n\r\nRuby\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in Ruby\r\nDescription: Multiple vulnerabilities existed in Ruby versions prior\r\nto 2.0.0p645. These were addressed by updating Ruby to version\r\n2.0.0p645.\r\nCVE-ID\r\nCVE-2014-8080\r\nCVE-2014-8090\r\nCVE-2015-1855\r\n\r\nSecurity\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: The lock state of the keychain may be incorrectly displayed\r\nto the user\r\nDescription: A state management issue existed in the way keychain\r\nlock status was tracked. This issue was addressed through improved\r\nstate management.\r\nCVE-ID\r\nCVE-2015-5915 : Peter Walz of University of Minnesota, David Ephron,\r\nEric E. Lawrence, Apple\r\n\r\nSecurity\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A trust evaluation configured to require revocation checking\r\nmay succeed even if revocation checking fails\r\nDescription: The kSecRevocationRequirePositiveResponse flag was\r\nspecified but not implemented. This issue was addressed by\r\nimplementing the flag.\r\nCVE-ID\r\nCVE-2015-5894 : Hannes Oud of kWallet GmbH\r\n\r\nSecurity\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A remote server may prompt for a certificate before\r\nidentifying itself\r\nDescription: Secure Transport accepted the CertificateRequest\r\nmessage before the ServerKeyExchange message. This issue was\r\naddressed by requiring the ServerKeyExchange first.\r\nCVE-ID\r\nCVE-2015-5887 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine\r\nDelignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of\r\nINRIA Paris-Rocquencourt, and Cedric Fournet and Markulf Kohlweiss of\r\nMicrosoft Research, Pierre-Yves Strub of IMDEA Software Institute\r\n\r\nSMB\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5891 : Ilja van Sprundel of IOActive\r\n\r\nSMB\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in SMBClient that led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-5893 : Ilja van Sprundel of IOActive\r\n\r\nSQLite\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Multiple vulnerabilities in SQLite v3.8.5\r\nDescription: Multiple vulnerabilities existed in SQLite v3.8.5.\r\nThese issues were addressed by updating SQLite to version 3.8.10.2.\r\nCVE-ID\r\nCVE-2015-3414\r\nCVE-2015-3415\r\nCVE-2015-3416\r\n\r\nTelephony\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker can place phone calls without the user's\r\nknowledge when using Continuity\r\nDescription: An issue existed in the authorization checks for\r\nplacing phone calls. This issue was addressed through improved\r\nauthorization checks.\r\nCVE-ID\r\nCVE-2015-3785 : Dan Bastone of Gotham Digital Science\r\n\r\nTerminal\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Maliciously crafted text could mislead the user in Terminal\r\nDescription: Terminal did not handle bidirectional override\r\ncharacters in the same way when displaying text and when selecting\r\ntext. This issue was addressed by suppressing bidirectional override\r\ncharacters in Terminal.\r\nCVE-ID\r\nCVE-2015-5883 : an anonymous researcher\r\n\r\ntidy\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Multiple memory corruption issues existed in tidy.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5522 : Fernando Munoz of NULLGroup.com\r\nCVE-2015-5523 : Fernando Munoz of NULLGroup.com\r\n\r\nTime Machine\r\nAvailable for: Mac OS X v10.6.8 and later\r\nImpact: A local attacker may gain access to keychain items\r\nDescription: An issue existed in backups by the Time Machine\r\nframework. This issue was addressed through improved coverage of Time\r\nMachine backups.\r\nCVE-ID\r\nCVE-2015-5854 : Jonas Magazinius of Assured AB\r\n\r\nNote: OS X El Capitan 10.11 includes the security content of\r\nSafari 9: https://support.apple.com/kb/HT205265.\r\n\r\nOS X El Capitan 10.11 may be obtained from the Mac App Store:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-10-05T00:00:00", "type": "securityvulns", "title": "APPLE-SA-2015-09-30-3 OS X El Capitan 10.11", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2348", "CVE-2014-9705", "CVE-2015-5883", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-5903", "CVE-2015-0235", "CVE-2015-2783", "CVE-2015-5877", "CVE-2015-3785", "CVE-2015-5847", "CVE-2014-9427", "CVE-2015-3329", "CVE-2015-3415", "CVE-2015-3330", "CVE-2015-5922", "CVE-2015-5865", "CVE-2015-5869", "CVE-2015-5879", "CVE-2015-5876", "CVE-2015-5858", "CVE-2015-5862", "CVE-2015-0286", "CVE-2015-5888", "CVE-2015-5874", "CVE-2015-5860", "CVE-2015-1855", "CVE-2014-3618", "CVE-2015-1352", "CVE-2015-2301", "CVE-2015-5868", "CVE-2015-5872", "CVE-2015-5839", "CVE-2015-5840", "CVE-2014-6277", "CVE-2014-9425", "CVE-2014-9709", "CVE-2015-2305", "CVE-2015-5873", "CVE-2015-0273", "CVE-2015-5875", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-5912", "CVE-2015-2331", "CVE-2015-5870", "CVE-2015-5913", "CVE-2015-5841", "CVE-2015-5894", "CVE-2015-5881", "CVE-2014-2532", "CVE-2015-5831", "CVE-2014-8147", "CVE-2015-5878", "CVE-2015-5855", "CVE-2014-8611", "CVE-2015-5871", "CVE-2015-5866", "CVE-2015-5901", "CVE-2014-8090", "CVE-2015-5824", "CVE-2015-5884", "CVE-2015-3416", "CVE-2015-5889", "CVE-2015-5867", "CVE-2015-5836", "CVE-2015-5915", "CVE-2015-5900", "CVE-2015-5890", "CVE-2014-7187", "CVE-2014-8146", "CVE-2015-5854", "CVE-2015-3414", "CVE-2014-9652", "CVE-2015-5523", "CVE-2015-5885", "CVE-2013-3951", "CVE-2015-5893", "CVE-2015-5917", "CVE-2014-8080", "CVE-2015-1351", "CVE-2015-5887", "CVE-2015-5902", "CVE-2015-0287", "CVE-2015-5853", "CVE-2015-5897", "CVE-2015-5830", "CVE-2015-5849", "CVE-2015-5896", "CVE-2015-5833", "CVE-2015-5863", "CVE-2015-0231", "CVE-2015-5864", "CVE-2014-7186", "CVE-2015-5891", "CVE-2015-5914", "CVE-2015-5522", "CVE-2015-5851", "CVE-2015-5899"], "modified": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32522", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32522", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:03:07", "description": "Code execution, information disclosure, restrictions bypass, multiple memory corruptions, multiple libraries vulnerabilities.", "edition": 2, "cvss3": {}, "published": "2015-10-25T00:00:00", "type": "securityvulns", "title": "Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2348", "CVE-2014-9705", "CVE-2015-5883", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-5903", "CVE-2015-6976", "CVE-2015-7007", "CVE-2015-0235", "CVE-2015-2783", "CVE-2015-5877", "CVE-2015-5927", "CVE-2015-3785", "CVE-2015-5847", "CVE-2014-9427", "CVE-2015-3329", "CVE-2015-6975", "CVE-2015-3415", "CVE-2015-7035", "CVE-2015-3330", "CVE-2015-6987", "CVE-2015-5922", "CVE-2015-5865", "CVE-2015-5869", "CVE-2015-5879", "CVE-2015-7003", "CVE-2015-5876", "CVE-2015-5858", "CVE-2015-5924", "CVE-2015-5862", "CVE-2015-0286", "CVE-2015-5888", "CVE-2015-6983", "CVE-2015-5939", "CVE-2015-5874", "CVE-2015-6834", "CVE-2015-6991", "CVE-2015-5860", "CVE-2015-1855", "CVE-2015-7020", "CVE-2014-3618", "CVE-2015-6994", "CVE-2015-1352", "CVE-2015-7016", "CVE-2015-6992", "CVE-2015-2301", "CVE-2015-7021", "CVE-2015-6977", "CVE-2015-5868", "CVE-2014-3565", "CVE-2015-5872", "CVE-2015-5839", "CVE-2015-5840", "CVE-2014-6277", "CVE-2014-9425", "CVE-2014-9709", "CVE-2015-2305", "CVE-2012-6151", "CVE-2015-5934", "CVE-2015-5873", "CVE-2015-5940", "CVE-2015-5932", "CVE-2015-0273", "CVE-2015-5875", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-6995", "CVE-2015-6978", "CVE-2015-7018", "CVE-2015-5912", "CVE-2015-6985", "CVE-2015-2331", "CVE-2015-5870", "CVE-2015-5935", "CVE-2015-5722", "CVE-2015-7010", "CVE-2015-5945", "CVE-2015-6984", "CVE-2015-7008", "CVE-2015-5841", "CVE-2015-5894", "CVE-2015-5881", "CVE-2014-2532", "CVE-2015-5831", "CVE-2014-8147", "CVE-2015-5937", "CVE-2015-5878", "CVE-2015-5855", "CVE-2015-7023", "CVE-2014-8611", "CVE-2015-6993", "CVE-2015-5871", "CVE-2015-5866", "CVE-2015-5901", "CVE-2014-8090", "CVE-2015-6836", "CVE-2015-5884", "CVE-2015-3416", "CVE-2015-5936", "CVE-2015-5889", "CVE-2015-5867", "CVE-2015-5836", "CVE-2015-6989", "CVE-2015-5915", "CVE-2015-5900", "CVE-2015-5942", "CVE-2015-7015", "CVE-2015-5890", "CVE-2014-7187", "CVE-2014-8146", "CVE-2015-5854", "CVE-2015-6990", "CVE-2015-3414", "CVE-2015-7009", "CVE-2014-9652", "CVE-2015-7031", "CVE-2015-6988", "CVE-2015-5523", "CVE-2015-5986", "CVE-2015-5943", "CVE-2015-5885", "CVE-2015-6996", "CVE-2015-6837", "CVE-2013-3951", "CVE-2015-6563", "CVE-2015-5944", "CVE-2015-5893", "CVE-2015-5917", "CVE-2014-8080", "CVE-2015-1351", "CVE-2015-5524", "CVE-2015-5887", "CVE-2015-5902", "CVE-2015-5925", "CVE-2015-5938", "CVE-2015-0287", "CVE-2015-6974", "CVE-2015-5853", "CVE-2015-6835", "CVE-2015-5897", "CVE-2015-5830", "CVE-2015-5849", "CVE-2015-5896", "CVE-2015-5833", "CVE-2015-5863", "CVE-2015-0231", "CVE-2015-5864", "CVE-2014-7186", "CVE-2015-5891", "CVE-2015-7019", "CVE-2015-7006", "CVE-2015-7017", "CVE-2015-5914", "CVE-2015-5926", "CVE-2015-5522", "CVE-2015-5851", "CVE-2015-5899", "CVE-2015-6838", "CVE-2015-5933"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14702", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14702", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2022-11-01T21:21:21", "description": "**Issue Overview:**\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3416)\n\n \n**Affected Packages:** \n\n\nsqlite\n\n \n**Issue Correction:** \nRun _yum update sqlite_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 sqlite-tcl-3.7.17-6.13.amzn1.i686 \n \u00a0\u00a0\u00a0 sqlite-3.7.17-6.13.amzn1.i686 \n \u00a0\u00a0\u00a0 sqlite-devel-3.7.17-6.13.amzn1.i686 \n \u00a0\u00a0\u00a0 lemon-3.7.17-6.13.amzn1.i686 \n \u00a0\u00a0\u00a0 sqlite-debuginfo-3.7.17-6.13.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 sqlite-doc-3.7.17-6.13.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 sqlite-3.7.17-6.13.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 sqlite-3.7.17-6.13.amzn1.x86_64 \n \u00a0\u00a0\u00a0 sqlite-devel-3.7.17-6.13.amzn1.x86_64 \n \u00a0\u00a0\u00a0 lemon-3.7.17-6.13.amzn1.x86_64 \n \u00a0\u00a0\u00a0 sqlite-tcl-3.7.17-6.13.amzn1.x86_64 \n \u00a0\u00a0\u00a0 sqlite-debuginfo-3.7.17-6.13.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2015-3414](<https://access.redhat.com/security/cve/CVE-2015-3414>), [CVE-2015-3415](<https://access.redhat.com/security/cve/CVE-2015-3415>), [CVE-2015-3416](<https://access.redhat.com/security/cve/CVE-2015-3416>)\n\nMitre: [CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>), [CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>), [CVE-2015-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416>)\n", "cvss3": {}, "published": "2015-09-02T12:00:00", "type": "amazon", "title": "Medium: sqlite", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-09-02T12:00:00", "id": "ALAS-2015-591", "href": "https://alas.aws.amazon.com/ALAS-2015-591.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-01T21:22:55", "description": "**Issue Overview:**\n\nUpstream reports that six security-related issues in PHP were fixed in this release, as well as several security issues in bundled sqlite library (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416). All PHP 5.4 users are encouraged to upgrade to this version. Please see the <a href=\"http://php.net/ChangeLog-5.php#5.4.42\">upstream release notes</a> for full details.\n\n \n**Affected Packages:** \n\n\nphp54\n\n \n**Issue Correction:** \nRun _yum update php54_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 php54-mssql-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-devel-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-xml-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-imap-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-odbc-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-debuginfo-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-pdo-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-snmp-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mysql-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-tidy-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-dba-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-pspell-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-ldap-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-xmlrpc-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-pgsql-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-common-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-intl-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-enchant-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mysqlnd-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-soap-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-fpm-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-recode-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mbstring-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-process-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mcrypt-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-bcmath-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-gd-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-embedded-5.4.42-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-cli-5.4.42-1.71.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 php54-5.4.42-1.71.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 php54-tidy-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-gd-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-ldap-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-bcmath-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-process-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mbstring-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-devel-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-xml-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mysql-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-embedded-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-odbc-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-recode-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-imap-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-cli-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-snmp-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mcrypt-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-debuginfo-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-intl-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-fpm-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-xmlrpc-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-pgsql-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mssql-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mysqlnd-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-enchant-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-dba-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-common-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-pspell-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-pdo-5.4.42-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-soap-5.4.42-1.71.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2014-3416](<https://access.redhat.com/security/cve/CVE-2014-3416>), [CVE-2015-3414](<https://access.redhat.com/security/cve/CVE-2015-3414>), [CVE-2015-3415](<https://access.redhat.com/security/cve/CVE-2015-3415>), [CVE-2015-4642](<https://access.redhat.com/security/cve/CVE-2015-4642>), [CVE-2015-4643](<https://access.redhat.com/security/cve/CVE-2015-4643>), [CVE-2015-4644](<https://access.redhat.com/security/cve/CVE-2015-4644>)\n\nMitre: [CVE-2014-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3416>), [CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>), [CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>), [CVE-2015-4642](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642>), [CVE-2015-4643](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643>), [CVE-2015-4644](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-07T12:39:00", "type": "amazon", "title": "Medium: php54", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2015-07-07T22:41:00", "id": "ALAS-2015-561", "href": "https://alas.aws.amazon.com/ALAS-2015-561.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-01T21:22:51", "description": "**Issue Overview:**\n\nUpstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.6 users are encouraged to upgrade to this version. Please see the <a href=\"http://php.net/ChangeLog-5.php#5.6.10\">upstream release notes</a> for full details.\n\n \n**Affected Packages:** \n\n\nphp56\n\n \n**Issue Correction:** \nRun _yum update php56_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 php56-intl-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-enchant-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-snmp-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-fpm-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-pgsql-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-mssql-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-dba-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-odbc-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-mysqlnd-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-mbstring-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-tidy-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-pdo-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-gd-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-pspell-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-recode-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-opcache-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-embedded-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-dbg-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-gmp-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-debuginfo-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-common-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-ldap-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-bcmath-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-soap-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-devel-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-mcrypt-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-imap-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-xml-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-cli-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-process-5.6.10-1.115.amzn1.i686 \n \u00a0\u00a0\u00a0 php56-xmlrpc-5.6.10-1.115.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 php56-5.6.10-1.115.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 php56-common-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-dba-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-mbstring-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-enchant-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-debuginfo-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-devel-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-process-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-odbc-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-xml-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-bcmath-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-imap-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-embedded-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-dbg-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-pgsql-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-ldap-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-xmlrpc-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-mysqlnd-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-recode-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-gmp-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-intl-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-mcrypt-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-mssql-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-snmp-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-pspell-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-cli-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-fpm-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-gd-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-pdo-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-tidy-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-opcache-5.6.10-1.115.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php56-soap-5.6.10-1.115.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2014-3416](<https://access.redhat.com/security/cve/CVE-2014-3416>), [CVE-2015-2325](<https://access.redhat.com/security/cve/CVE-2015-2325>), [CVE-2015-2326](<https://access.redhat.com/security/cve/CVE-2015-2326>), [CVE-2015-3414](<https://access.redhat.com/security/cve/CVE-2015-3414>), [CVE-2015-3415](<https://access.redhat.com/security/cve/CVE-2015-3415>), [CVE-2015-4642](<https://access.redhat.com/security/cve/CVE-2015-4642>), [CVE-2015-4643](<https://access.redhat.com/security/cve/CVE-2015-4643>), [CVE-2015-4644](<https://access.redhat.com/security/cve/CVE-2015-4644>)\n\nMitre: [CVE-2014-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3416>), [CVE-2015-2325](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325>), [CVE-2015-2326](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326>), [CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>), [CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>), [CVE-2015-4642](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642>), [CVE-2015-4643](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643>), [CVE-2015-4644](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-07T12:40:00", "type": "amazon", "title": "Medium: php56", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2015-07-07T22:39:00", "id": "ALAS-2015-563", "href": "https://alas.aws.amazon.com/ALAS-2015-563.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-01T21:22:53", "description": "**Issue Overview:**\n\nUpstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.5 users are encouraged to upgrade to this version. Please see the <a href=\"http://php.net/ChangeLog-5.php#5.5.26\">upstream release notes</a> for full details.\n\n \n**Affected Packages:** \n\n\nphp55\n\n \n**Issue Correction:** \nRun _yum update php55_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 php55-cli-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-odbc-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-dba-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-bcmath-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-common-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mysqlnd-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-xml-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-recode-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-intl-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-devel-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-opcache-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-gd-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-gmp-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-soap-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-ldap-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-imap-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-debuginfo-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mbstring-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-xmlrpc-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mcrypt-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mssql-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-embedded-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-pdo-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-process-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-pspell-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-enchant-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-fpm-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-pgsql-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-tidy-5.5.26-1.103.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-snmp-5.5.26-1.103.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 php55-5.5.26-1.103.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 php55-pspell-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-imap-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-embedded-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mcrypt-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-cli-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-tidy-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-gd-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-odbc-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-process-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mbstring-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-gmp-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mssql-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-snmp-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-ldap-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-devel-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mysqlnd-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-common-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-xml-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-recode-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-debuginfo-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-fpm-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-bcmath-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-xmlrpc-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-opcache-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-enchant-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-pgsql-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-pdo-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-intl-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-dba-5.5.26-1.103.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-soap-5.5.26-1.103.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2014-3416](<https://access.redhat.com/security/cve/CVE-2014-3416>), [CVE-2015-2325](<https://access.redhat.com/security/cve/CVE-2015-2325>), [CVE-2015-2326](<https://access.redhat.com/security/cve/CVE-2015-2326>), [CVE-2015-3414](<https://access.redhat.com/security/cve/CVE-2015-3414>), [CVE-2015-3415](<https://access.redhat.com/security/cve/CVE-2015-3415>), [CVE-2015-4642](<https://access.redhat.com/security/cve/CVE-2015-4642>), [CVE-2015-4643](<https://access.redhat.com/security/cve/CVE-2015-4643>), [CVE-2015-4644](<https://access.redhat.com/security/cve/CVE-2015-4644>)\n\nMitre: [CVE-2014-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3416>), [CVE-2015-2325](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325>), [CVE-2015-2326](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326>), [CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>), [CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>), [CVE-2015-4642](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642>), [CVE-2015-4643](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643>), [CVE-2015-4644](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-07T12:40:00", "type": "amazon", "title": "Medium: php55", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2015-07-07T22:40:00", "id": "ALAS-2015-562", "href": "https://alas.aws.amazon.com/ALAS-2015-562.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2023-01-01T04:43:29", "description": "**CentOS Errata and Security Advisory** CESA-2015:1635\n\n\nSQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2015-August/070812.html\n\n**Affected packages:**\nlemon\nsqlite\nsqlite-devel\nsqlite-doc\nsqlite-tcl\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2015:1635", "cvss3": {}, "published": "2015-08-17T16:54:44", "type": "centos", "title": "lemon, sqlite security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2015-08-17T16:54:44", "id": "CESA-2015:1635", "href": "https://lists.centos.org/pipermail/centos-announce/2015-August/070812.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-01T04:43:28", "description": "**CentOS Errata and Security Advisory** CESA-2015:1634\n\n\nSQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2015-August/070807.html\n\n**Affected packages:**\nlemon\nsqlite\nsqlite-devel\nsqlite-doc\nsqlite-tcl\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2015:1634", "cvss3": {}, "published": "2015-08-17T15:33:32", "type": "centos", "title": "lemon, sqlite security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3416"], "modified": "2015-08-17T15:33:32", "id": "CESA-2015:1634", "href": "https://lists.centos.org/pipermail/centos-announce/2015-August/070807.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2021-08-18T11:25:15", "description": "### *Detect date*:\n04/24/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple integer and buffer overflows were found in SQLite. By exploiting these vulnerabilities malicious users can cause denial of service or conduct other unknown impact. These vulnerabilities can be exploited remotely via a specially designed input.\n\n### *Affected products*:\nSQLite versions earlier than 3.8.9\n\n### *Solution*:\nUpdate to the latest version \n[Get SQLite](<http://www.sqlite.org/download.html>)\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[SQLite](<https://threats.kaspersky.com/en/product/SQLite/>)\n\n### *CVE-IDS*:\n[CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>)7.5Critical \n[CVE-2015-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416>)7.5Critical \n[CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>)7.5Critical", "cvss3": {}, "published": "2015-04-24T00:00:00", "type": "kaspersky", "title": "KLA10565 Denial of service vulnerabilities in SQLite", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2020-06-03T00:00:00", "id": "KLA10565", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10565/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-01-27T14:19:19", "description": "From Red Hat Security Advisory 2015:1635 :\n\nAn updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : sqlite (ELSA-2015-1635)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:lemon", "p-cpe:/a:oracle:linux:sqlite", "p-cpe:/a:oracle:linux:sqlite-devel", "p-cpe:/a:oracle:linux:sqlite-doc", "p-cpe:/a:oracle:linux:sqlite-tcl", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/85491", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1635 and \n# Oracle Linux Security Advisory ELSA-2015-1635 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85491);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1635\");\n\n script_name(english:\"Oracle Linux 7 : sqlite (ELSA-2015-1635)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1635 :\n\nAn updated sqlite package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-August/005344.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-tcl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:19:29", "description": "An updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "RHEL 7 : sqlite (RHSA-2015:1635)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:lemon", "p-cpe:/a:redhat:enterprise_linux:sqlite", "p-cpe:/a:redhat:enterprise_linux:sqlite-debuginfo", "p-cpe:/a:redhat:enterprise_linux:sqlite-devel", "p-cpe:/a:redhat:enterprise_linux:sqlite-doc", "p-cpe:/a:redhat:enterprise_linux:sqlite-tcl", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.1", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/85496", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1635. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85496);\n script_version(\"2.15\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1635\");\n\n script_name(english:\"RHEL 7 : sqlite (RHSA-2015:1635)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated sqlite package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3416\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3414\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1635\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-debuginfo-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:19:30", "description": "A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : sqlite on SL7.x x86_64 (20150817)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:lemon", "p-cpe:/a:fermilab:scientific_linux:sqlite", "p-cpe:/a:fermilab:scientific_linux:sqlite-debuginfo", "p-cpe:/a:fermilab:scientific_linux:sqlite-devel", "p-cpe:/a:fermilab:scientific_linux:sqlite-doc", "p-cpe:/a:fermilab:scientific_linux:sqlite-tcl", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150817_SQLITE_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85502", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85502);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n\n script_name(english:\"Scientific Linux Security Update : sqlite on SL7.x x86_64 (20150817)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1508&L=scientific-linux-errata&F=&S=&P=15216\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?212022ab\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-debuginfo-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:19:07", "description": "An updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "CentOS 7 : sqlite (CESA-2015:1635)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:lemon", "p-cpe:/a:centos:centos:sqlite", "p-cpe:/a:centos:centos:sqlite-devel", "p-cpe:/a:centos:centos:sqlite-doc", "p-cpe:/a:centos:centos:sqlite-tcl", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/85463", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1635 and \n# CentOS Errata and Security Advisory 2015:1635 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85463);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1635\");\n\n script_name(english:\"CentOS 7 : sqlite (CESA-2015:1635)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated sqlite package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-August/021337.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df1770c2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3414\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-tcl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:17:23", "description": "The remote host is affected by the vulnerability described in GLSA-201507-05 (SQLite: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could possibly cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2015-07-08T00:00:00", "type": "nessus", "title": "GLSA-201507-05 : SQLite: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:sqlite", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201507-05.NASL", "href": "https://www.tenable.com/plugins/nessus/84604", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201507-05.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84604);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_bugtraq_id(74228);\n script_xref(name:\"GLSA\", value:\"201507-05\");\n\n script_name(english:\"GLSA-201507-05 : SQLite: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201507-05\n(SQLite: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in SQLite. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could possibly cause a Denial of Service\n condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201507-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All SQLite users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/sqlite-3.8.9'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/sqlite\", unaffected:make_list(\"ge 3.8.9\"), vulnerable:make_list(\"lt 3.8.9\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SQLite\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:14:43", "description": "NVD reports :\n\nSQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE'''''''' at the end of a SELECT statement.\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.", "cvss3": {}, "published": "2015-04-20T00:00:00", "type": "nessus", "title": "FreeBSD : sqlite -- multiple vulnerabilities (dec3164f-3121-45ef-af18-bb113ac5082f)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:sqlite3", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_DEC3164F312145EFAF18BB113AC5082F.NASL", "href": "https://www.tenable.com/plugins/nessus/82893", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82893);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n\n script_name(english:\"FreeBSD : sqlite -- multiple vulnerabilities (dec3164f-3121-45ef-af18-bb113ac5082f)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NVD reports :\n\nSQLite before 3.8.9 does not properly implement the dequoting of\ncollation-sequence names, which allows context-dependent attackers to\ncause a denial of service (uninitialized memory access and application\ncrash) or possibly have unspecified other impact via a crafted COLLATE\nclause, as demonstrated by COLLATE'''''''' at the end of a SELECT\nstatement.\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not\nproperly implement comparison operators, which allows\ncontext-dependent attackers to cause a denial of service (invalid free\noperation) or possibly have unspecified other impact via a crafted\nCHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE\nstatement.\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\nnot properly handle precision and width values during floating-point\nconversions, which allows context-dependent attackers to cause a\ndenial of service (integer overflow and stack-based buffer overflow)\nor possibly have unspecified other impact via large integers in a\ncrafted printf function call in a SELECT statement.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.sqlite.org/src/info/eddc05e7bb31fae7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.sqlite.org/src/info/02e3c88fbf6abdcf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.sqlite.org/src/info/c494171f77dc2e5e\"\n );\n # http://seclists.org/fulldisclosure/2015/Apr/31\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/fulldisclosure/2015/Apr/31\"\n );\n # https://vuxml.freebsd.org/freebsd/dec3164f-3121-45ef-af18-bb113ac5082f.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?972e9809\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"sqlite3<3.8.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:15:48", "description": "Michal Zalewski discovered multiple vulnerabilities in SQLite, which may result in denial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2015-05-07T00:00:00", "type": "nessus", "title": "Debian DSA-3252-1 : sqlite3 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:sqlite3", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3252.NASL", "href": "https://www.tenable.com/plugins/nessus/83273", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3252. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83273);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_bugtraq_id(74228);\n script_xref(name:\"DSA\", value:\"3252\");\n\n script_name(english:\"Debian DSA-3252-1 : sqlite3 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783968\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/sqlite3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3252\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the sqlite3 packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 3.8.7.1-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"lemon\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-0\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-0-dbg\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-dev\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-tcl\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sqlite3\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sqlite3-doc\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:14:28", "description": "Multiple vulnerabilities has been found and corrected in sqlite3 :\n\nSQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement (CVE-2015-3414).\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0 O>O) in a CREATE TABLE statement (CVE-2015-3415).\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement (CVE-2015-3416).\n\nThe updated packages provides a solution for these security issues.", "cvss3": {}, "published": "2015-05-01T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : sqlite3 (MDVSA-2015:217)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lemon", "p-cpe:/a:mandriva:linux:lib64sqlite3-devel", "p-cpe:/a:mandriva:linux:lib64sqlite3-static-devel", "p-cpe:/a:mandriva:linux:lib64sqlite3_0", "p-cpe:/a:mandriva:linux:sqlite3-tcl", "p-cpe:/a:mandriva:linux:sqlite3-tools", "cpe:/o:mandriva:business_server:1", "cpe:/o:mandriva:business_server:2"], "id": "MANDRIVA_MDVSA-2015-217.NASL", "href": "https://www.tenable.com/plugins/nessus/83169", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:217. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83169);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"MDVSA\", value:\"2015:217\");\n\n script_name(english:\"Mandriva Linux Security Advisory : sqlite3 (MDVSA-2015:217)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in sqlite3 :\n\nSQLite before 3.8.9 does not properly implement the dequoting of\ncollation-sequence names, which allows context-dependent attackers to\ncause a denial of service (uninitialized memory access and application\ncrash) or possibly have unspecified other impact via a crafted COLLATE\nclause, as demonstrated by COLLATE at the end of a SELECT statement\n(CVE-2015-3414).\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not\nproperly implement comparison operators, which allows\ncontext-dependent attackers to cause a denial of service (invalid free\noperation) or possibly have unspecified other impact via a crafted\nCHECK clause, as demonstrated by CHECK(0 O>O) in a CREATE TABLE\nstatement (CVE-2015-3415).\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\nnot properly handle precision and width values during floating-point\nconversions, which allows context-dependent attackers to cause a\ndenial of service (integer overflow and stack-based buffer overflow)\nor possibly have unspecified other impact via large integers in a\ncrafted printf function call in a SELECT statement (CVE-2015-3416).\n\nThe updated packages provides a solution for these security issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212357\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sqlite3-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sqlite3_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:sqlite3-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:sqlite3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lemon-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64sqlite3-devel-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64sqlite3-static-devel-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64sqlite3_0-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"sqlite3-tcl-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"sqlite3-tools-3.8.9-1.mbs1\")) flag++;\n\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lemon-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64sqlite3-devel-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64sqlite3-static-devel-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64sqlite3_0-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"sqlite3-tcl-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"sqlite3-tools-3.8.9-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:20:02", "description": "A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)", "cvss3": {}, "published": "2015-09-03T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : sqlite (ALAS-2015-591)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:lemon", "p-cpe:/a:amazon:linux:sqlite", "p-cpe:/a:amazon:linux:sqlite-debuginfo", "p-cpe:/a:amazon:linux:sqlite-devel", "p-cpe:/a:amazon:linux:sqlite-doc", "p-cpe:/a:amazon:linux:sqlite-tcl", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-591.NASL", "href": "https://www.tenable.com/plugins/nessus/85749", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-591.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85749);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"ALAS\", value:\"2015-591\");\n\n script_name(english:\"Amazon Linux AMI : sqlite (ALAS-2015-591)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-591.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update sqlite' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"lemon-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-debuginfo-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-devel-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-doc-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-tcl-3.7.17-6.13.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:18:24", "description": "It was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.\n(CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting of collation-sequence names. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented comparison operators. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf precision and width values during floating-point conversions. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-3416).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-07-31T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : sqlite3 vulnerabilities (USN-2698-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7443", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libsqlite3-0", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2698-1.NASL", "href": "https://www.tenable.com/plugins/nessus/85156", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2698-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85156);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-7443\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"USN\", value:\"2698-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : sqlite3 vulnerabilities (USN-2698-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that SQLite incorrectly handled skip-scan\noptimization. An attacker could use this issue to cause applications\nusing SQLite to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 14.04 LTS.\n(CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting\nof collation-sequence names. An attacker could use this issue to cause\napplications using SQLite to crash, resulting in a denial of service,\nor possibly execute arbitrary code. This issue only affected Ubuntu\n14.04 LTS and Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented\ncomparison operators. An attacker could use this issue to cause\napplications using SQLite to crash, resulting in a denial of service,\nor possibly execute arbitrary code. This issue only affected Ubuntu\n15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf\nprecision and width values during floating-point conversions. An\nattacker could use this issue to cause applications using SQLite to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2015-3416).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2698-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsqlite3-0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.7.9-2ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.8.2-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.8.7.4-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsqlite3-0\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:17:24", "description": "Upstream reports that six security-related issues in PHP were fixed in this release, as well as several security issues in bundled sqlite library (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416). All PHP 5.4 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-09T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php54 (ALAS-2015-561)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php54", "p-cpe:/a:amazon:linux:php54-bcmath", "p-cpe:/a:amazon:linux:php54-cli", "p-cpe:/a:amazon:linux:php54-common", "p-cpe:/a:amazon:linux:php54-dba", "p-cpe:/a:amazon:linux:php54-debuginfo", "p-cpe:/a:amazon:linux:php54-devel", "p-cpe:/a:amazon:linux:php54-embedded", "p-cpe:/a:amazon:linux:php54-enchant", "p-cpe:/a:amazon:linux:php54-fpm", "p-cpe:/a:amazon:linux:php54-gd", "p-cpe:/a:amazon:linux:php54-imap", "p-cpe:/a:amazon:linux:php54-intl", "p-cpe:/a:amazon:linux:php54-ldap", "p-cpe:/a:amazon:linux:php54-mbstring", "p-cpe:/a:amazon:linux:php54-mcrypt", "p-cpe:/a:amazon:linux:php54-mssql", "p-cpe:/a:amazon:linux:php54-mysql", "p-cpe:/a:amazon:linux:php54-mysqlnd", "p-cpe:/a:amazon:linux:php54-odbc", "p-cpe:/a:amazon:linux:php54-pdo", "p-cpe:/a:amazon:linux:php54-pgsql", "p-cpe:/a:amazon:linux:php54-process", "p-cpe:/a:amazon:linux:php54-pspell", "p-cpe:/a:amazon:linux:php54-recode", "p-cpe:/a:amazon:linux:php54-snmp", "p-cpe:/a:amazon:linux:php54-soap", "p-cpe:/a:amazon:linux:php54-tidy", "p-cpe:/a:amazon:linux:php54-xml", "p-cpe:/a:amazon:linux:php54-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-561.NASL", "href": "https://www.tenable.com/plugins/nessus/84623", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-561.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84623);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3416\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-4642\", \"CVE-2015-4643\", \"CVE-2015-4644\");\n script_xref(name:\"ALAS\", value:\"2015-561\");\n\n script_name(english:\"Amazon Linux AMI : php54 (ALAS-2015-561)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream reports that six security-related issues in PHP were fixed in\nthis release, as well as several security issues in bundled sqlite\nlibrary (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416). All PHP 5.4\nusers are encouraged to upgrade to this version. Please see the\nupstream release notes for full details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.4.42\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-561.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php54' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php54-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-bcmath-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-cli-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-common-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-dba-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-debuginfo-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-devel-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-embedded-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-enchant-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-fpm-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-gd-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-imap-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-intl-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-ldap-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mbstring-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mcrypt-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mssql-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mysql-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mysqlnd-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-odbc-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pdo-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pgsql-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-process-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pspell-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-recode-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-snmp-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-soap-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-tidy-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-xml-5.4.42-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-xmlrpc-5.4.42-1.71.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php54 / php54-bcmath / php54-cli / php54-common / php54-dba / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:56:19", "description": "Versions of PHP 5.5.x prior to 5.5.26, or 5.6.x prior to 5.6.10 are exposed to the following vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the 'compile_branch()' and 'pcre_compile2()' functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326)\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition. (CVE-2015-3414)\n - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the 'sqlite3VdbeExec()' function in 'vdbe.c'. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415)\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the 'sqlite3VXPrintf()' function in 'printf.c'. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416)\n - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the '\\0' character with a safe file extension, to bypass access restrictions. (CVE-2015-4598)\n - An arbitrary command injection vulnerability exists due to a flaw in the 'php_escape_shell_arg()' function in 'exec.c'. A remote attacker can exploit this, via the 'escapeshellarg()' PHP method, to inject arbitrary operating system commands. (CVE-2015-4642)\n - A heap buffer overflow condition exists in the 'ftp_genlist()' function in 'ftp.c'. due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-4643)\n - A denial of service vulnerability exists due to a NULL pointer dereference flaw in the 'build_tablename()' function in 'pgsql.c'. An authenticated, remote attacker can exploit this to cause an application crash. (CVE-2015-4644)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-18T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.26 / 5.6.x < 5.6.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "8787.PRM", "href": "https://www.tenable.com/plugins/nnm/8787", "sourceData": "Binary data 8787.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:44:22", "description": "According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition. (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the '\\\\0' character with a safe file extension, to bypass access restrictions. (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due to a flaw in the php_escape_shell_arg() function in exec.c. A remote attacker can exploit this, via the escapeshellarg() PHP method, to inject arbitrary operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the ftp_genlist() function in ftp.c. due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-4643) - A denial of service vulnerability exists due to a NULL pointer dereference flaw in the build_tablename() function in pgsql.c. An authenticated, remote attacker can exploit this to cause an application crash. (CVE-2015-4644)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-09T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98802", "href": "https://www.tenable.com/plugins/was/98802", "sourceData": "No source data", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:38:08", "description": "According to its banner, the version of PHP 5.5.x running on the remote web server is prior to 5.5.26. It is, therefore, affected by multiple vulnerabilities : \n\n - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the '\\0' character with a safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due to a flaw in the php_escape_shell_arg() function in exec.c. A remote attacker can exploit this, via the escapeshellarg() PHP method, to inject arbitrary operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the ftp_genlist() function in ftp.c. due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-4643) \n - A denial of service vulnerability exists due to a NULL pointer dereference flaw in the build_tablename() function in pgsql.c. An authenticated, remote attacker can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-24T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.26 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_5_26.NASL", "href": "https://www.tenable.com/plugins/nessus/84363", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84363);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-2325\",\n \"CVE-2015-2326\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-4598\",\n \"CVE-2015-4642\",\n \"CVE-2015-4643\",\n \"CVE-2015-4644\"\n );\n script_bugtraq_id(\n 74228,\n 75174,\n 75175,\n 75244,\n 75290,\n 75291,\n 75292\n );\n\n script_name(english:\"PHP 5.5.x < 5.5.26 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.5.x running on the\nremote web server is prior to 5.5.26. It is, therefore, affected by\nmultiple vulnerabilities : \n\n - Multiple heap buffer overflow conditions exist in the\n bundled Perl-Compatible Regular Expression (PCRE)\n library due to improper validation of user-supplied\n input to the compile_branch() and pcre_compile2()\n functions. A remote attacker can exploit these\n conditions to cause a heap-based buffer overflow,\n resulting in a denial of service condition or the\n execution of arbitrary code. (CVE-2015-2325,\n CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of quotes\n in collation sequence names. A remote attacker can\n exploit this to cause uninitialized memory access,\n resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to an improper implementation of\n comparison operators in the sqlite3VdbeExec() function\n in vdbe.c. A remote attacker can exploit this to cause\n an invalid free operation, resulting in a denial of\n service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of precision\n and width values during floating-point conversions in\n the sqlite3VXPrintf() function in printf.c. A remote\n attacker can exploit this to cause a stack-based buffer\n overflow, resulting in a denial of service condition or\n the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure\n in multiple extensions to check for NULL bytes in a path\n when processing or reading a file. A remote attacker can\n exploit this, by combining the '\\0' character with a\n safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due\n to a flaw in the php_escape_shell_arg() function in\n exec.c. A remote attacker can exploit this, via the\n escapeshellarg() PHP method, to inject arbitrary\n operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the\n ftp_genlist() function in ftp.c. due to improper\n validation of user-supplied input. A remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2015-4643)\n \n - A denial of service vulnerability exists due to a NULL\n pointer dereference flaw in the build_tablename()\n function in pgsql.c. An authenticated, remote attacker\n can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.5.26\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.5.26 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4642\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.5)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.5\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.5.x\", port);\n\nif (version =~ \"^5\\.5\\.([0-9]|1[0-9]|2[0-5])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.5.26' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:16:48", "description": "According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the '\\0' character with a safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due to a flaw in the php_escape_shell_arg() function in exec.c. A remote attacker can exploit this, via the escapeshellarg() PHP method, to inject arbitrary operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the ftp_genlist() function in ftp.c. due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-4643) \n - A denial of service vulnerability exists due to a NULL pointer dereference flaw in the build_tablename() function in pgsql.c. An authenticated, remote attacker can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-24T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_6_10.NASL", "href": "https://www.tenable.com/plugins/nessus/84364", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84364);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-2325\",\n \"CVE-2015-2326\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-4598\",\n \"CVE-2015-4642\",\n \"CVE-2015-4643\",\n \"CVE-2015-4644\"\n );\n script_bugtraq_id(\n 74228,\n 75174,\n 75175,\n 75244,\n 75290,\n 75291,\n 75292\n );\n\n script_name(english:\"PHP 5.6.x < 5.6.10 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.6.x running on the\nremote web server is prior to 5.6.10. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the\n bundled Perl-Compatible Regular Expression (PCRE)\n library due to improper validation of user-supplied\n input to the compile_branch() and pcre_compile2()\n functions. A remote attacker can exploit these\n conditions to cause a heap-based buffer overflow,\n resulting in a denial of service condition or the\n execution of arbitrary code. (CVE-2015-2325,\n CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of quotes\n in collation sequence names. A remote attacker can\n exploit this to cause uninitialized memory access,\n resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to an improper implementation of\n comparison operators in the sqlite3VdbeExec() function\n in vdbe.c. A remote attacker can exploit this to cause\n an invalid free operation, resulting in a denial of\n service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of precision\n and width values during floating-point conversions in\n the sqlite3VXPrintf() function in printf.c. A remote\n attacker can exploit this to cause a stack-based buffer\n overflow, resulting in a denial of service condition or\n the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure\n in multiple extensions to check for NULL bytes in a path\n when processing or reading a file. A remote attacker can\n exploit this, by combining the '\\0' character with a\n safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due\n to a flaw in the php_escape_shell_arg() function in\n exec.c. A remote attacker can exploit this, via the\n escapeshellarg() PHP method, to inject arbitrary\n operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the\n ftp_genlist() function in ftp.c. due to improper\n validation of user-supplied input. A remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2015-4643)\n \n - A denial of service vulnerability exists due to a NULL\n pointer dereference flaw in the build_tablename()\n function in pgsql.c. An authenticated, remote attacker\n can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.6.10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.6.10 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4642\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.6)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.6\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.6.x\", port);\n\nif (version =~ \"^5\\.6\\.[0-9]($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.6.10' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:16:58", "description": "According to its banner, the version of PHP 5.4.x running on the remote web server is prior to 5.4.42. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the '\\0' character with a safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due to a flaw in the php_escape_shell_arg() function in exec.c. A remote attacker can exploit this, via the escapeshellarg() PHP method, to inject arbitrary operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the ftp_genlist() function in ftp.c. due to improper validation of user-supplied input. A remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-4643) \n - A denial of service vulnerability exists due to a NULL pointer dereference flaw in the build_tablename() function in pgsql.c. An authenticated, remote attacker can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-24T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.42 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_4_42.NASL", "href": "https://www.tenable.com/plugins/nessus/84362", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84362);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-2325\",\n \"CVE-2015-2326\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-4598\",\n \"CVE-2015-4642\",\n \"CVE-2015-4643\",\n \"CVE-2015-4644\"\n );\n script_bugtraq_id(\n 74228,\n 75174,\n 75175,\n 75244,\n 75290,\n 75291,\n 75292\n );\n\n script_name(english:\"PHP 5.4.x < 5.4.42 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.4.x running on the\nremote web server is prior to 5.4.42. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist in the\n bundled Perl-Compatible Regular Expression (PCRE)\n library due to improper validation of user-supplied\n input to the compile_branch() and pcre_compile2()\n functions. A remote attacker can exploit these\n conditions to cause a heap-based buffer overflow,\n resulting in a denial of service condition or the\n execution of arbitrary code. (CVE-2015-2325,\n CVE-2015-2326)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of quotes\n in collation sequence names. A remote attacker can\n exploit this to cause uninitialized memory access,\n resulting in denial of service condition.\n (CVE-2015-3414)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to an improper implementation of\n comparison operators in the sqlite3VdbeExec() function\n in vdbe.c. A remote attacker can exploit this to cause\n an invalid free operation, resulting in a denial of\n service condition. (CVE-2015-3415)\n\n - A denial of service vulnerability exists in the bundled\n SQLite component due to improper handling of precision\n and width values during floating-point conversions in\n the sqlite3VXPrintf() function in printf.c. A remote\n attacker can exploit this to cause a stack-based buffer\n overflow, resulting in a denial of service condition or\n the execution of arbitrary code. (CVE-2015-3416)\n\n - A security bypass vulnerability exists due to a failure\n in multiple extensions to check for NULL bytes in a path\n when processing or reading a file. A remote attacker can\n exploit this, by combining the '\\0' character with a\n safe file extension, to bypass access restrictions.\n (CVE-2015-4598)\n\n - An arbitrary command injection vulnerability exists due\n to a flaw in the php_escape_shell_arg() function in\n exec.c. A remote attacker can exploit this, via the\n escapeshellarg() PHP method, to inject arbitrary\n operating system commands. (CVE-2015-4642)\n\n - A heap buffer overflow condition exists in the\n ftp_genlist() function in ftp.c. due to improper\n validation of user-supplied input. A remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2015-4643)\n \n - A denial of service vulnerability exists due to a NULL\n pointer dereference flaw in the build_tablename()\n function in pgsql.c. An authenticated, remote attacker\n can exploit this to cause an application crash.\n (CVE-2015-4644)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.4.42\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.4.42 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4642\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.4)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.4\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.4.x\", port);\n\nif (version =~ \"^5\\.4\\.([0-9]|[1-3][0-9]|4[01])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.4.42' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:18:24", "description": "Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326). All PHP 5.5 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-09T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php55 (ALAS-2015-562)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php55", "p-cpe:/a:amazon:linux:php55-bcmath", "p-cpe:/a:amazon:linux:php55-cli", "p-cpe:/a:amazon:linux:php55-common", "p-cpe:/a:amazon:linux:php55-dba", "p-cpe:/a:amazon:linux:php55-debuginfo", "p-cpe:/a:amazon:linux:php55-devel", "p-cpe:/a:amazon:linux:php55-embedded", "p-cpe:/a:amazon:linux:php55-enchant", "p-cpe:/a:amazon:linux:php55-fpm", "p-cpe:/a:amazon:linux:php55-gd", "p-cpe:/a:amazon:linux:php55-gmp", "p-cpe:/a:amazon:linux:php55-imap", "p-cpe:/a:amazon:linux:php55-intl", "p-cpe:/a:amazon:linux:php55-ldap", "p-cpe:/a:amazon:linux:php55-mbstring", "p-cpe:/a:amazon:linux:php55-mcrypt", "p-cpe:/a:amazon:linux:php55-mssql", "p-cpe:/a:amazon:linux:php55-mysqlnd", "p-cpe:/a:amazon:linux:php55-odbc", "p-cpe:/a:amazon:linux:php55-opcache", "p-cpe:/a:amazon:linux:php55-pdo", "p-cpe:/a:amazon:linux:php55-pgsql", "p-cpe:/a:amazon:linux:php55-process", "p-cpe:/a:amazon:linux:php55-pspell", "p-cpe:/a:amazon:linux:php55-recode", "p-cpe:/a:amazon:linux:php55-snmp", "p-cpe:/a:amazon:linux:php55-soap", "p-cpe:/a:amazon:linux:php55-tidy", "p-cpe:/a:amazon:linux:php55-xml", "p-cpe:/a:amazon:linux:php55-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-562.NASL", "href": "https://www.tenable.com/plugins/nessus/84624", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-562.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84624);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3416\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-4642\", \"CVE-2015-4643\", \"CVE-2015-4644\");\n script_xref(name:\"ALAS\", value:\"2015-562\");\n\n script_name(english:\"Amazon Linux AMI : php55 (ALAS-2015-562)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream reports that several bugs have been fixed as well as several\nsecurity issues into some bundled libraries (CVE-2015-3414 ,\nCVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326). All\nPHP 5.5 users are encouraged to upgrade to this version. Please see\nthe upstream release notes for full details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.26\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-562.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php55' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php55-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-bcmath-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-cli-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-common-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-dba-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-debuginfo-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-devel-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-embedded-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-enchant-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-fpm-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gd-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gmp-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-imap-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-intl-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-ldap-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mbstring-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mcrypt-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mssql-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mysqlnd-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-odbc-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-opcache-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pdo-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pgsql-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-process-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pspell-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-recode-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-snmp-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-soap-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-tidy-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xml-5.5.26-1.103.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xmlrpc-5.5.26-1.103.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php55 / php55-bcmath / php55-cli / php55-common / php55-dba / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:18:13", "description": "Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326). All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-09T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php56 (ALAS-2015-563)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3416", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php56", "p-cpe:/a:amazon:linux:php56-bcmath", "p-cpe:/a:amazon:linux:php56-cli", "p-cpe:/a:amazon:linux:php56-common", "p-cpe:/a:amazon:linux:php56-dba", "p-cpe:/a:amazon:linux:php56-dbg", "p-cpe:/a:amazon:linux:php56-debuginfo", "p-cpe:/a:amazon:linux:php56-devel", "p-cpe:/a:amazon:linux:php56-embedded", "p-cpe:/a:amazon:linux:php56-enchant", "p-cpe:/a:amazon:linux:php56-fpm", "p-cpe:/a:amazon:linux:php56-gd", "p-cpe:/a:amazon:linux:php56-gmp", "p-cpe:/a:amazon:linux:php56-imap", "p-cpe:/a:amazon:linux:php56-intl", "p-cpe:/a:amazon:linux:php56-ldap", "p-cpe:/a:amazon:linux:php56-mbstring", "p-cpe:/a:amazon:linux:php56-mcrypt", "p-cpe:/a:amazon:linux:php56-mssql", "p-cpe:/a:amazon:linux:php56-mysqlnd", "p-cpe:/a:amazon:linux:php56-odbc", "p-cpe:/a:amazon:linux:php56-opcache", "p-cpe:/a:amazon:linux:php56-pdo", "p-cpe:/a:amazon:linux:php56-pgsql", "p-cpe:/a:amazon:linux:php56-process", "p-cpe:/a:amazon:linux:php56-pspell", "p-cpe:/a:amazon:linux:php56-recode", "p-cpe:/a:amazon:linux:php56-snmp", "p-cpe:/a:amazon:linux:php56-soap", "p-cpe:/a:amazon:linux:php56-tidy", "p-cpe:/a:amazon:linux:php56-xml", "p-cpe:/a:amazon:linux:php56-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-563.NASL", "href": "https://www.tenable.com/plugins/nessus/84625", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-563.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84625);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3416\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-4642\", \"CVE-2015-4643\", \"CVE-2015-4644\");\n script_xref(name:\"ALAS\", value:\"2015-563\");\n\n script_name(english:\"Amazon Linux AMI : php56 (ALAS-2015-563)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream reports that several bugs have been fixed as well as several\nsecurity issues into some bundled libraries (CVE-2015-3414 ,\nCVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326). All\nPHP 5.6 users are encouraged to upgrade to this version. Please see\nthe upstream release notes for full details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.6.10\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-563.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php56' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php56-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-bcmath-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-cli-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-common-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dba-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dbg-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-debuginfo-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-devel-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-embedded-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-enchant-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-fpm-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gd-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gmp-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-imap-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-intl-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-ldap-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mbstring-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mcrypt-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mssql-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mysqlnd-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-odbc-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-opcache-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pdo-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pgsql-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-process-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pspell-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-recode-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-snmp-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-soap-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-tidy-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xml-5.6.10-1.115.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xmlrpc-5.6.10-1.115.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php56 / php56-bcmath / php56-cli / php56-common / php56-dba / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:17:39", "description": "New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-20T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / current : php (SSA:2015-198-02) (BACKRONYM)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3152", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:php", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2015-198-02.NASL", "href": "https://www.tenable.com/plugins/nessus/84830", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2015-198-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84830);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-3152\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\", \"CVE-2015-4642\", \"CVE-2015-4643\", \"CVE-2015-4644\");\n script_bugtraq_id(74228, 75174, 75175, 75290, 75291, 75292);\n script_xref(name:\"SSA\", value:\"2015-198-02\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / current : php (SSA:2015-198-02) (BACKRONYM)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New php packages are available for Slackware 14.0, 14.1, and -current\nto fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.420251\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72457f25\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/17\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"php\", pkgver:\"5.4.43\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.4.43\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"php\", pkgver:\"5.4.43\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.4.43\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"php\", pkgver:\"5.6.11\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.6.11\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:59:52", "description": "An updated sqlite package that fixes one security issue is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "RHEL 6 : sqlite (RHSA-2015:1634)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3416"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:lemon", "p-cpe:/a:redhat:enterprise_linux:sqlite", "p-cpe:/a:redhat:enterprise_linux:sqlite-debuginfo", "p-cpe:/a:redhat:enterprise_linux:sqlite-devel", "p-cpe:/a:redhat:enterprise_linux:sqlite-doc", "p-cpe:/a:redhat:enterprise_linux:sqlite-tcl", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.7"], "id": "REDHAT-RHSA-2015-1634.NASL", "href": "https://www.tenable.com/plugins/nessus/85495", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1634. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85495);\n script_version(\"2.13\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1634\");\n\n script_name(english:\"RHEL 6 : sqlite (RHSA-2015:1634)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated sqlite package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3416\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1634\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"lemon-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"lemon-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"lemon-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"sqlite-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"sqlite-debuginfo-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"sqlite-devel-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"sqlite-doc-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"sqlite-doc-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"sqlite-doc-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"sqlite-tcl-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"sqlite-tcl-3.6.20-1.el6_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.6.20-1.el6_7.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:59:43", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - Add patch for compiler warnings highlighted by rpmdiff.\n Related: rhbz#1244727\n\n - fix for (CVE-2015-3416) Resolves: #1244727", "cvss3": {}, "published": "2015-08-19T00:00:00", "type": "nessus", "title": "OracleVM 3.3 : sqlite (OVMSA-2015-0115)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3416"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:sqlite", "cpe:/o:oracle:vm_server:3.3"], "id": "ORACLEVM_OVMSA-2015-0115.NASL", "href": "https://www.tenable.com/plugins/nessus/85527", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0115.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85527);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-3416\");\n script_bugtraq_id(74228);\n\n script_name(english:\"OracleVM 3.3 : sqlite (OVMSA-2015-0115)\");\n script_summary(english:\"Checks the RPM output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Add patch for compiler warnings highlighted by rpmdiff.\n Related: rhbz#1244727\n\n - fix for (CVE-2015-3416) Resolves: #1244727\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2015-August/000363.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cceb7b53\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"sqlite-3.6.20-1.el6_7.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:39:37", "description": "The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement. (CVE-2015-3416)", "cvss3": {}, "published": "2016-06-08T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : SQLite vulnerability (K16950)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3416"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL16950.NASL", "href": "https://www.tenable.com/plugins/nessus/91507", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K16950.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91507);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2015-3416\");\n script_bugtraq_id(74228);\n\n script_name(english:\"F5 Networks BIG-IP : SQLite vulnerability (K16950)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\nnot properly handle precision and width values during floating-point\nconversions, which allows context-dependent attackers to cause a\ndenial of service (integer overflow and stack-based buffer overflow)\nor possibly have unspecified other impact via large integers in a\ncrafted printf function call in a SELECT statement. (CVE-2015-3416)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K16950\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K16950.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K16950\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.3.0-11.6.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.4.0-11.6.0\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.3.0-11.6.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:59:43", "description": "From Red Hat Security Advisory 2015:1634 :\n\nAn updated sqlite package that fixes one security issue is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : sqlite (ELSA-2015-1634)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:lemon", "p-cpe:/a:oracle:linux:sqlite", "p-cpe:/a:oracle:linux:sqlite-devel", "p-cpe:/a:oracle:linux:sqlite-doc", "p-cpe:/a:oracle:linux:sqlite-tcl", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2015-1634.NASL", "href": "https://www.tenable.com/plugins/nessus/85490", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1634 and \n# Oracle Linux Security Advisory ELSA-2015-1634 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85490);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1634\");\n\n script_name(english:\"Oracle Linux 6 : sqlite (ELSA-2015-1634)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1634 :\n\nAn updated sqlite package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-August/005346.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"lemon-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"sqlite-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"sqlite-devel-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"sqlite-doc-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"sqlite-tcl-3.6.20-1.el6_7.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-tcl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:59:53", "description": "An updated sqlite package that fixes one security issue is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "CentOS 6 : sqlite (CESA-2015:1634)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3416"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:lemon", "p-cpe:/a:centos:centos:sqlite", "p-cpe:/a:centos:centos:sqlite-devel", "p-cpe:/a:centos:centos:sqlite-doc", "p-cpe:/a:centos:centos:sqlite-tcl", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2015-1634.NASL", "href": "https://www.tenable.com/plugins/nessus/85462", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1634 and \n# CentOS Errata and Security Advisory 2015:1634 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85462);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1634\");\n\n script_name(english:\"CentOS 6 : sqlite (CESA-2015:1634)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated sqlite package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-August/021332.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?94b45529\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3416\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"lemon-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"sqlite-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"sqlite-devel-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"sqlite-doc-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"sqlite-tcl-3.6.20-1.el6_7.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-tcl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:00:33", "description": "It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : sqlite on SL6.x i386/x86_64 (20150817)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:lemon", "p-cpe:/a:fermilab:scientific_linux:sqlite", "p-cpe:/a:fermilab:scientific_linux:sqlite-debuginfo", "p-cpe:/a:fermilab:scientific_linux:sqlite-devel", "p-cpe:/a:fermilab:scientific_linux:sqlite-doc", "p-cpe:/a:fermilab:scientific_linux:sqlite-tcl", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150817_SQLITE_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85501", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85501);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3416\");\n\n script_name(english:\"Scientific Linux Security Update : sqlite on SL6.x i386/x86_64 (20150817)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1508&L=scientific-linux-errata&F=&S=&P=15942\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7dd6baa3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"lemon-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"sqlite-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"sqlite-debuginfo-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"sqlite-devel-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"sqlite-doc-3.6.20-1.el6_7.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"sqlite-tcl-3.6.20-1.el6_7.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:41", "description": "Security fix for CVE-2018-8740\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : sqlite (2018-bb66329dee)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:sqlite", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-BB66329DEE.NASL", "href": "https://www.tenable.com/plugins/nessus/120739", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-bb66329dee.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120739);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-8740\");\n script_xref(name:\"FEDORA\", value:\"2018-bb66329dee\");\n\n script_name(english:\"Fedora 28 : sqlite (2018-bb66329dee)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-8740\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-bb66329dee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"sqlite-3.22.0-4.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:48:12", "description": "MITRE reports :\n\nSQLite databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-16T00:00:00", "type": "nessus", "title": "FreeBSD : SQLite -- Corrupt DB can cause a NULL pointer dereference (c1630aa3-7970-11e8-8634-dcfe074bd614)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2018-12-19T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:upp", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C1630AA3797011E88634DCFE074BD614.NASL", "href": "https://www.tenable.com/plugins/nessus/111091", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111091);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/12/19 13:21:19\");\n\n script_cve_id(\"CVE-2018-8740\");\n\n script_name(english:\"FreeBSD : SQLite -- Corrupt DB can cause a NULL pointer dereference (c1630aa3-7970-11e8-8634-dcfe074bd614)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"MITRE reports :\n\nSQLite databases whose schema is corrupted using a CREATE TABLE AS\nstatement could cause a NULL pointer dereference, related to build.c\nand prepare.c.\"\n );\n # http://openwall.com/lists/oss-security/2018/03/17/1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openwall.com/lists/oss-security/2018/03/17/1\"\n );\n # https://vuxml.freebsd.org/freebsd/c1630aa3-7970-11e8-8634-dcfe074bd614.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?577ec93f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:upp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"upp<=11540\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:43:16", "description": "Security fix for CVE-2018-8740\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-28T00:00:00", "type": "nessus", "title": "Fedora 27 : sqlite (2018-07e15ad5a5)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:sqlite", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-07E15AD5A5.NASL", "href": "https://www.tenable.com/plugins/nessus/108665", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-07e15ad5a5.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108665);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-8740\");\n script_xref(name:\"FEDORA\", value:\"2018-07e15ad5a5\");\n\n script_name(english:\"Fedora 27 : sqlite (2018-07e15ad5a5)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-8740\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-07e15ad5a5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"sqlite-3.20.1-2.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:46:28", "description": "According to the version of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.(CVE-2018-8740)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-05-29T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : sqlite (EulerOS-SA-2018-1137)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:sqlite", "p-cpe:/a:huawei:euleros:sqlite-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1137.NASL", "href": "https://www.tenable.com/plugins/nessus/110141", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110141);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-8740\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : sqlite (EulerOS-SA-2018-1137)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the sqlite packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In SQLite through 3.22.0, databases whose schema is\n corrupted using a CREATE TABLE AS statement could cause\n a NULL pointer dereference, related to build.c and\n prepare.c.(CVE-2018-8740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1137\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f28b1b75\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected sqlite package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"sqlite-3.7.17-8.h1\",\n \"sqlite-devel-3.7.17-8.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:42:24", "description": "Security fix for CVE-2018-8740\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-28T00:00:00", "type": "nessus", "title": "Fedora 26 : sqlite (2018-aace372c3f)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:sqlite", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2018-AACE372C3F.NASL", "href": "https://www.tenable.com/plugins/nessus/108671", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-aace372c3f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108671);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-8740\");\n script_xref(name:\"FEDORA\", value:\"2018-aace372c3f\");\n\n script_name(english:\"Fedora 26 : sqlite (2018-aace372c3f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-8740\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-aace372c3f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"sqlite-3.20.1-2.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:48:05", "description": "An update of the sqlite package has been released.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Sqlite PHSA-2018-1.0-0126", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2022-05-24T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:sqlite", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2018-1_0-0126_SQLITE.NASL", "href": "https://www.tenable.com/plugins/nessus/121829", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-1.0-0126. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121829);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/24\");\n\n script_cve_id(\"CVE-2018-8740\");\n\n script_name(english:\"Photon OS 1.0: Sqlite PHSA-2018-1.0-0126\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the sqlite package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-126.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8740\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"sqlite-autoconf-3.22.0-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"sqlite-autoconf-debuginfo-3.22.0-2.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:41:32", "description": "MITRE reports :\n\nSQLite databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-23T00:00:00", "type": "nessus", "title": "FreeBSD : SQLite -- Corrupt DB can cause a NULL pointer dereference (6d52bda1-2e54-11e8-a68f-485b3931c969)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2018-12-19T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:sqlite3", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_6D52BDA12E5411E8A68F485B3931C969.NASL", "href": "https://www.tenable.com/plugins/nessus/108574", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108574);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/12/19 13:21:19\");\n\n script_cve_id(\"CVE-2018-8740\");\n\n script_name(english:\"FreeBSD : SQLite -- Corrupt DB can cause a NULL pointer dereference (6d52bda1-2e54-11e8-a68f-485b3931c969)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"MITRE reports :\n\nSQLite databases whose schema is corrupted using a CREATE TABLE AS\nstatement could cause a NULL pointer dereference, related to build.c\nand prepare.c.\"\n );\n # http://openwall.com/lists/oss-security/2018/03/17/1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openwall.com/lists/oss-security/2018/03/17/1\"\n );\n # https://vuxml.freebsd.org/freebsd/6d52bda1-2e54-11e8-a68f-485b3931c969.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?394105b7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"sqlite3<3.22.0_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:51:12", "description": "According to the version of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.(CVE-2018-8740)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-26T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.0 : sqlite (EulerOS-SA-2018-1341)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2022-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:sqlite", "cpe:/o:huawei:euleros:uvp:2.5.0"], "id": "EULEROS_SA-2018-1341.NASL", "href": "https://www.tenable.com/plugins/nessus/118429", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118429);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/03\");\n\n script_cve_id(\"CVE-2018-8740\");\n\n script_name(english:\"EulerOS Virtualization 2.5.0 : sqlite (EulerOS-SA-2018-1341)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the sqlite package installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerability :\n\n - In SQLite through 3.22.0, databases whose schema is\n corrupted using a CREATE TABLE AS statement could cause\n a NULL pointer dereference, related to build.c and\n prepare.c.(CVE-2018-8740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1341\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a91f5d02\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected sqlite package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8740\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"sqlite-3.7.17-6.1.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:47:48", "description": "According to the version of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.(CVE-2018-8740)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-03T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : sqlite (EulerOS-SA-2018-1180)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:sqlite", "p-cpe:/a:huawei:euleros:sqlite-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1180.NASL", "href": "https://www.tenable.com/plugins/nessus/110844", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110844);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-8740\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : sqlite (EulerOS-SA-2018-1180)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the sqlite packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In SQLite through 3.22.0, databases whose schema is\n corrupted using a CREATE TABLE AS statement could cause\n a NULL pointer dereference, related to build.c and\n prepare.c.(CVE-2018-8740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1180\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?52c9f3a7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected sqlite package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"sqlite-3.7.17-8.h1\",\n \"sqlite-devel-3.7.17-8.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:45:55", "description": "According to the version of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.(CVE-2018-8740)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-05-29T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : sqlite (EulerOS-SA-2018-1136)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:sqlite", "p-cpe:/a:huawei:euleros:sqlite-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1136.NASL", "href": "https://www.tenable.com/plugins/nessus/110140", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110140);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-8740\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : sqlite (EulerOS-SA-2018-1136)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the sqlite packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In SQLite through 3.22.0, databases whose schema is\n corrupted using a CREATE TABLE AS statement could cause\n a NULL pointer dereference, related to build.c and\n prepare.c.(CVE-2018-8740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1136\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a1befef7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected sqlite package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"sqlite-3.7.17-6.1.h1\",\n \"sqlite-devel-3.7.17-6.1.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:45:33", "description": "According to the version of the memcached package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.(CVE-2018-8740)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-05-29T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : memcached (EulerOS-SA-2018-1138)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000127", "CVE-2018-8740"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:memcached", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1138.NASL", "href": "https://www.tenable.com/plugins/nessus/110142", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110142);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1000127\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : memcached (EulerOS-SA-2018-1138)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the memcached package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In SQLite through 3.22.0, databases whose schema is\n corrupted using a CREATE TABLE AS statement could cause\n a NULL pointer dereference, related to build.c and\n prepare.c.(CVE-2018-8740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1138\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a1b1551e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected memcached package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:memcached\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"memcached-1.4.15-9.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"memcached\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T13:50:16", "description": "This update for sqlite3 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2018-8740: Fixed a NULL pointer dereference related to corrupted databases schemas (bsc#1085790).\n\nCVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize() (bsc#1132045).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-13T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : sqlite3 (SUSE-SU-2019:1208-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10989", "CVE-2018-8740"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsqlite3", "p-cpe:/a:novell:suse_linux:libsqlite3-0", "p-cpe:/a:novell:suse_linux:libsqlite3-0-debuginfo", "p-cpe:/a:novell:suse_linux:sqlite3", "p-cpe:/a:novell:suse_linux:sqlite3-debuginfo", "p-cpe:/a:novell:suse_linux:sqlite3-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-1208-1.NASL", "href": "https://www.tenable.com/plugins/nessus/124856", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1208-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124856);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2017-10989\", \"CVE-2018-8740\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : sqlite3 (SUSE-SU-2019:1208-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for sqlite3 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2018-8740: Fixed a NULL pointer dereference related to corrupted\ndatabases schemas (bsc#1085790).\n\nCVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize()\n(bsc#1132045).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1132045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10989/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8740/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191208-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f79ab67b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-1208=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2019-1208=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-1208=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-1208=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-1208=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2019-1208=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-1208=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsqlite3-0-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsqlite3-0-32bit-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsqlite3-0-debuginfo-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsqlite3-0-debuginfo-32bit-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"sqlite3-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"sqlite3-debuginfo-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"sqlite3-debugsource-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsqlite3-0-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsqlite3-0-32bit-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsqlite3-0-debuginfo-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsqlite3-0-debuginfo-32bit-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"sqlite3-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"sqlite3-debuginfo-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"sqlite3-debugsource-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsqlite3-0-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsqlite3-0-32bit-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsqlite3-0-debuginfo-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsqlite3-0-debuginfo-32bit-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"sqlite3-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"sqlite3-debuginfo-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"sqlite3-debugsource-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsqlite3-0-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsqlite3-0-32bit-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsqlite3-0-debuginfo-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsqlite3-0-debuginfo-32bit-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"sqlite3-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"sqlite3-debuginfo-3.8.10.2-9.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"sqlite3-debugsource-3.8.10.2-9.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:49:02", "description": "This update for sqlite3 fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-8740: Fixed a NULL pointer dereference related to corrupted databases schemas (bsc#1085790).\n\n - CVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize() (bsc#1132045).\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update project.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : sqlite3 (openSUSE-2019-1426)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10989", "CVE-2018-8740"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsqlite3-0", "p-cpe:/a:novell:opensuse:libsqlite3-0-32bit", "p-cpe:/a:novell:opensuse:libsqlite3-0-debuginfo", "p-cpe:/a:novell:opensuse:libsqlite3-0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:sqlite3", "p-cpe:/a:novell:opensuse:sqlite3-debuginfo", "p-cpe:/a:novell:opensuse:sqlite3-debugsource", "p-cpe:/a:novell:opensuse:sqlite3-devel", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-1426.NASL", "href": "https://www.tenable.com/plugins/nessus/125325", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1426.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125325);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-10989\", \"CVE-2018-8740\");\n\n script_name(english:\"openSUSE Security Update : sqlite3 (openSUSE-2019-1426)\");\n script_summary(english:\"Check for the openSUSE-2019-1426 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for sqlite3 fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-8740: Fixed a NULL pointer dereference related\n to corrupted databases schemas (bsc#1085790).\n\n - CVE-2017-10989: Fixed a heap-based buffer over-read in\n getNodeSize() (bsc#1132045).\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1085790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1132045\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsqlite3-0-3.8.10.2-11.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsqlite3-0-debuginfo-3.8.10.2-11.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"sqlite3-3.8.10.2-11.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"sqlite3-debuginfo-3.8.10.2-11.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"sqlite3-debugsource-3.8.10.2-11.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"sqlite3-devel-3.8.10.2-11.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsqlite3-0-32bit-3.8.10.2-11.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsqlite3-0-debuginfo-32bit-3.8.10.2-11.7.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsqlite3-0 / libsqlite3-0-32bit / libsqlite3-0-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:24:53", "description": "The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-08T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3270", "CVE-2009-3560", "CVE-2009-3720", "CVE-2012-1147", "CVE-2012-1148", "CVE-2012-6702", "CVE-2013-7443", "CVE-2015-1283", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3717", "CVE-2015-6607", "CVE-2016-0718", "CVE-2016-4472", "CVE-2016-5300", "CVE-2016-6153"], "modified": "2019-11-13T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "MACOS_ITUNES_12_6.NASL", "href": "https://www.tenable.com/plugins/nessus/100027", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100027);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/13\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)\");\n script_summary(english:\"Checks iTunes version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-0718\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_itunes_detect.nasl\");\n script_require_keys(\"Host/MacOSX/Version\", \"installed_sw/iTunes\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"iTunes\");\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:17:12", "description": "This update for sqlite3 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8457: Fixed a Heap out-of-bound read in rtreenode() when handling invalid rtree tables (bsc#1136976).\n\nCVE-2018-8740: Fixed a NULL pointer dereference related to corrupted databases schemas (bsc#1085790).\n\nCVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize() (bsc#1132045).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-18T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2019:1522-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10989", "CVE-2018-8740", "CVE-2019-8457"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsqlite3", "p-cpe:/a:novell:suse_linux:libsqlite3-0", "p-cpe:/a:novell:suse_linux:libsqlite3-0-debuginfo", "p-cpe:/a:novell:suse_linux:sqlite3", "p-cpe:/a:novell:suse_linux:sqlite3-debuginfo", "p-cpe:/a:novell:suse_linux:sqlite3-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-1522-1.NASL", "href": "https://www.tenable.com/plugins/nessus/125986", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1522-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125986);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2017-10989\", \"CVE-2018-8740\", \"CVE-2019-8457\");\n\n script_name(english:\"SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2019:1522-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for sqlite3 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8457: Fixed a Heap out-of-bound read in rtreenode() when\nhandling invalid rtree tables (bsc#1136976).\n\nCVE-2018-8740: Fixed a NULL pointer dereference related to corrupted\ndatabases schemas (bsc#1085790).\n\nCVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize()\n(bsc#1132045).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1132045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10989/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8740/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8457/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191522-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e727aefe\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2019-1522=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsqlite3-0-3.8.3.1-2.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsqlite3-0-32bit-3.8.3.1-2.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsqlite3-0-debuginfo-3.8.3.1-2.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsqlite3-0-debuginfo-32bit-3.8.3.1-2.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"sqlite3-3.8.3.1-2.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"sqlite3-debuginfo-3.8.3.1-2.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"sqlite3-debugsource-3.8.3.1-2.12.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sqlite3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:09:03", "description": "According to its self-reported version number, the remote pfSense install is prior to 2.2.3. It is, therefore, affected by multiple vulnerabilities as stated in the referenced vendor advisories.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-31T00:00:00", "type": "nessus", "title": "pfSense < 2.2.3 Multiple Vulnerabilities (SA-15_07) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-2325", "CVE-2015-2326", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-4000", "CVE-2015-4029", "CVE-2015-4171", "CVE-2015-4598", "CVE-2015-4642", "CVE-2015-4643", "CVE-2015-4644", "CVE-2015-6508", "CVE-2015-6509", "CVE-2015-6510", "CVE-2015-6511"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:pfsense:pfsense", "cpe:/a:bsdperimeter:pfsense"], "id": "PFSENSE_SA-15_06.NASL", "href": "https://www.tenable.com/plugins/nessus/106495", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106495);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2014-8176\",\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-2325\",\n \"CVE-2015-2326\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-4000\",\n \"CVE-2015-4029\",\n \"CVE-2015-4171\",\n \"CVE-2015-4598\",\n \"CVE-2015-4642\",\n \"CVE-2015-4643\",\n \"CVE-2015-4644\",\n \"CVE-2015-6508\",\n \"CVE-2015-6509\",\n \"CVE-2015-6510\",\n \"CVE-2015-6511\"\n );\n script_bugtraq_id(\n 74228,\n 75174,\n 75175,\n 75244,\n 75290,\n 75291,\n 75292\n );\n script_xref(name:\"FreeBSD\", value:\"SA-15:10.openssl\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"pfSense < 2.2.3 Multiple Vulnerabilities (SA-15_07) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote firewall host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote pfSense\ninstall is prior to 2.2.3. It is, therefore, affected by multiple\nvulnerabilities as stated in the referenced vendor advisories.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://doc.pfsense.org/index.php/2.2.3_New_Features_and_Changes\");\n # https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?61bea99f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to pfSense version 2.2.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4642\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:pfsense:pfsense\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:bsdperimeter:pfsense\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"pfsense_detect.nbin\");\n script_require_keys(\"Host/pfSense\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nif (!get_kb_item(\"Host/pfSense\")) audit(AUDIT_HOST_NOT, \"pfSense\");\n\napp_info = vcf::pfsense::get_app_info();\nconstraints = [\n { \"fixed_version\" : \"2.2.3\" }\n];\n\nvcf::pfsense::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n flags:{xss:TRUE}\n);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:24:51", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the APNs server component due to client certificates being transmitted in cleartext. A man-in-the-middle attacker can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component due to improper handling of RenderBox objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS) vulnerabilities exist in the WebKit component due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these vulnerabilities, by convincing a user to visit a specially crafted web page, to execute arbitrary script code in a user's browser session. (CVE-2017-2479, CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt component in the xsltAddTextString() function in transform.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause an out-of-bounds write, resulting in the execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-08T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3270", "CVE-2009-3560", "CVE-2009-3720", "CVE-2012-1147", "CVE-2012-1148", "CVE-2012-6702", "CVE-2013-7443", "CVE-2015-1283", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3717", "CVE-2015-6607", "CVE-2016-0718", "CVE-2016-4472", "CVE-2016-5300", "CVE-2016-6153", "CVE-2017-2383", "CVE-2017-2463", "CVE-2017-2479", "CVE-2017-2480", "CVE-2017-2493", "CVE-2017-5029"], "modified": "2019-11-13T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_6.NASL", "href": "https://www.tenable.com/plugins/nessus/100025", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100025);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/13\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\",\n \"CVE-2017-2383\",\n \"CVE-2017-2463\",\n \"CVE-2017-2479\",\n \"CVE-2017-2480\",\n \"CVE-2017-5029\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546,\n 96767,\n 97175,\n 97176\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-1\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-28-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the\n APNs server component due to client certificates being\n transmitted in cleartext. A man-in-the-middle attacker\n can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component\n due to improper handling of RenderBox objects. An\n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS)\n vulnerabilities exist in the WebKit component due to\n improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these\n vulnerabilities, by convincing a user to visit a\n specially crafted web page, to execute arbitrary script\n code in a user's browser session. (CVE-2017-2479,\n CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt\n component in the xsltAddTextString() function in\n transform.c due to improper validation of user-supplied\n input. An unauthenticated, remote attacker can exploit\n this to cause an out-of-bounds write, resulting in the\n execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207599\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00000.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d1057132\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00010.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?65be44ae\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-0718\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"iTunes Version\", win_local:TRUE);\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, flags:{xss:TRUE});\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:24:52", "description": "The version of Apple iTunes running on the remote host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the APNs server component due to client certificates being transmitted in cleartext. A man-in-the-middle attacker can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component due to improper handling of RenderBox objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS) vulnerabilities exist in the WebKit component due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these vulnerabilities, by convincing a user to visit a specially crafted web page, to execute arbitrary script code in a user's browser session. (CVE-2017-2479, CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt component in the xsltAddTextString() function in transform.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause an out-of-bounds write, resulting in the execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-08T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3270", "CVE-2009-3560", "CVE-2009-3720", "CVE-2012-1147", "CVE-2012-1148", "CVE-2012-6702", "CVE-2013-7443", "CVE-2015-1283", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3717", "CVE-2015-6607", "CVE-2016-0718", "CVE-2016-4472", "CVE-2016-5300", "CVE-2016-6153", "CVE-2017-2383", "CVE-2017-2463", "CVE-2017-2479", "CVE-2017-2480", "CVE-2017-2493", "CVE-2017-5029"], "modified": "2019-11-13T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_6_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/100026", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100026);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/13\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\",\n \"CVE-2017-2383\",\n \"CVE-2017-2463\",\n \"CVE-2017-2479\",\n \"CVE-2017-2480\",\n \"CVE-2017-5029\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546,\n 96767,\n 97175,\n 97176\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-1\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-28-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes running on the remote host is prior to\n12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the\n APNs server component due to client certificates being\n transmitted in cleartext. A man-in-the-middle attacker\n can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component\n due to improper handling of RenderBox objects. An\n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS)\n vulnerabilities exist in the WebKit component due to\n improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these\n vulnerabilities, by convincing a user to visit a\n specially crafted web page, to execute arbitrary script\n code in a user's browser session. (CVE-2017-2479,\n CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt\n component in the xsltAddTextString() function in\n transform.c due to improper validation of user-supplied\n input. An unauthenticated, remote attacker can exploit\n this to cause an out-of-bounds write, resulting in the\n execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00000.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d1057132\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00010.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?65be44ae\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-0718\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type == 'AppleTV') audit(AUDIT_OS_NOT, \"Windows or Mac OS\");\n\nfixed_version = \"12.6\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) < 0)\n{\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_report_v4(port:port, extra:report, severity:SECURITY_HOLE, xss:TRUE);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:46:59", "description": "Several flaws were corrected in SQLite, a SQL database engine.\n\nCVE-2017-2518\n\nA use-after-free bug in the query optimizer may cause a buffer overflow and application crash via a crafted SQL statement.\n\nCVE-2017-2519\n\nInsufficient size of the reference count on Table objects could lead to a denial of service or arbitrary code execution.\n\nCVE-2017-2520\n\nThe sqlite3_value_text() interface returned a buffer that was not large enough to hold the complete string plus zero terminator when the input was a zeroblob. This could lead to arbitrary code execution or a denial of service.\n\nCVE-2017-10989\n\nSQLite mishandles undersized RTree blobs in a crafted database leading to a heap-based buffer over-read or possibly unspecified other impact.\n\nCVE-2018-8740\n\nDatabases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 3.8.7.1-1+deb8u4.\n\nWe recommend that you upgrade your sqlite3 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-14T00:00:00", "type": "nessus", "title": "Debian DLA-1633-1 : sqlite3 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10989", "CVE-2017-2518", "CVE-2017-2519", "CVE-2017-2520", "CVE-2018-8740"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:lemon", "p-cpe:/a:debian:debian_linux:libsqlite3-0", "p-cpe:/a:debian:debian_linux:libsqlite3-0-dbg", "p-cpe:/a:debian:debian_linux:libsqlite3-dev", "p-cpe:/a:debian:debian_linux:libsqlite3-tcl", "p-cpe:/a:debian:debian_linux:sqlite3", "p-cpe:/a:debian:debian_linux:sqlite3-doc", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1633.NASL", "href": "https://www.tenable.com/plugins/nessus/121133", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1633-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121133);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-10989\", \"CVE-2017-2518\", \"CVE-2017-2519\", \"CVE-2017-2520\", \"CVE-2018-8740\");\n\n script_name(english:\"Debian DLA-1633-1 : sqlite3 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were corrected in SQLite, a SQL database engine.\n\nCVE-2017-2518\n\nA use-after-free bug in the query optimizer may cause a buffer\noverflow and application crash via a crafted SQL statement.\n\nCVE-2017-2519\n\nInsufficient size of the reference count on Table objects could lead\nto a denial of service or arbitrary code execution.\n\nCVE-2017-2520\n\nThe sqlite3_value_text() interface returned a buffer that was not\nlarge enough to hold the complete string plus zero terminator when the\ninput was a zeroblob. This could lead to arbitrary code execution or a\ndenial of service.\n\nCVE-2017-10989\n\nSQLite mishandles undersized RTree blobs in a crafted database leading\nto a heap-based buffer over-read or possibly unspecified other impact.\n\nCVE-2018-8740\n\nDatabases whose schema is corrupted using a CREATE TABLE AS statement\ncould cause a NULL pointer dereference.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.8.7.1-1+deb8u4.\n\nWe recommend that you upgrade your sqlite3 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00009.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/sqlite3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsqlite3-0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsqlite3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsqlite3-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sqlite3-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"lemon\", reference:\"3.8.7.1-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-0\", reference:\"3.8.7.1-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-0-dbg\", reference:\"3.8.7.1-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-dev\", reference:\"3.8.7.1-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-tcl\", reference:\"3.8.7.1-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sqlite3\", reference:\"3.8.7.1-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sqlite3-doc\", reference:\"3.8.7.1-1+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-25T14:45:45", "description": "It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to cause a denial of service.\nThis issue only affected Ubuntu 12.04 ESM. (CVE-2018-8740)\n\nIt was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to cause a denial of service.\nThis issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.04. (CVE-2019-16168)\n\nIt was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to mishandles some expressions.\nThis issue only affected Ubuntu 19.04 and Ubuntu 19.10.\n(CVE-2019-19242)\n\nIt was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-19244)\n\nIt was discovered that SQLite incorrectly handled certain SQL commands. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 19.04. (CVE-2019-5018)\n\nIt was discovered that SQLite incorrectly handled certain commands. An attacker could possibly use this issue to execute arbitrary code.\n(CVE-2019-5827).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-03T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : sqlite3 vulnerabilities (USN-4205-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8740", "CVE-2019-16168", "CVE-2019-19242", "CVE-2019-19244", "CVE-2019-5018", "CVE-2019-5827"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libsqlite3-0", "p-cpe:/a:canonical:ubuntu_linux:sqlite3", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:canonical:ubuntu_linux:19.10"], "id": "UBUNTU_USN-4205-1.NASL", "href": "https://www.tenable.com/plugins/nessus/131561", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4205-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131561);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2018-8740\", \"CVE-2019-16168\", \"CVE-2019-19242\", \"CVE-2019-19244\", \"CVE-2019-5018\", \"CVE-2019-5827\");\n script_xref(name:\"USN\", value:\"4205-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : sqlite3 vulnerabilities (USN-4205-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that SQLite incorrectly handled certain schemas. An\nattacker could possibly use this issue to cause a denial of service.\nThis issue only affected Ubuntu 12.04 ESM. (CVE-2018-8740)\n\nIt was discovered that SQLite incorrectly handled certain schemas. An\nattacker could possibly use this issue to cause a denial of service.\nThis issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu\n19.04. (CVE-2019-16168)\n\nIt was discovered that SQLite incorrectly handled certain schemas. An\nattacker could possibly use this issue to mishandles some expressions.\nThis issue only affected Ubuntu 19.04 and Ubuntu 19.10.\n(CVE-2019-19242)\n\nIt was discovered that SQLite incorrectly handled certain queries. An\nattacker could possibly use this issue to execute arbitrary code. This\nissue only affected Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-19244)\n\nIt was discovered that SQLite incorrectly handled certain SQL\ncommands. An attacker could possibly use this issue to execute\narbitrary code. This issue only affected Ubuntu 19.04. (CVE-2019-5018)\n\nIt was discovered that SQLite incorrectly handled certain commands. An\nattacker could possibly use this issue to execute arbitrary code.\n(CVE-2019-5827).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4205-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libsqlite3-0 and / or sqlite3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(12\\.04|16\\.04|18\\.04|19\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 16.04 / 18.04 / 19.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.11.0-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"sqlite3\", pkgver:\"3.11.0-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.22.0-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"sqlite3\", pkgver:\"3.22.0-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.27.2-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"sqlite3\", pkgver:\"3.27.2-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"libsqlite3-0\", pkgver:\"3.29.0-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"sqlite3\", pkgver:\"3.29.0-2ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsqlite3-0 / sqlite3\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:55:58", "description": "The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3215-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a CREATE TABLE statement. (CVE-2015-3415)\n\n - os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.\n (CVE-2016-6153)\n\n - The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over- read or possibly unspecified other impact. (CVE-2017-10989)\n\n - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the SQLite component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement. (CVE-2017-2518)\n\n - SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan. (CVE-2018-20346)\n\n - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. (CVE-2018-8740)\n\n - In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a severe division by zero in the query planner. (CVE-2019-16168)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self- referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. (CVE-2019-8457)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-24T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : sqlite3 (SUSE-SU-2021:3215-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2016-6153", "CVE-2017-10989", "CVE-2017-2518", "CVE-2018-20346", "CVE-2018-8740", "CVE-2019-16168", "CVE-2019-19244", "CVE-2019-19317", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19646", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-19959", "CVE-2019-20218", "CVE-2019-8457", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-15358", "CVE-2020-9327"], "modified": "2022-05-16T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsqlite3-0", "p-cpe:/a:novell:suse_linux:libsqlite3-0-32bit", "p-cpe:/a:novell:suse_linux:sqlite3", "p-cpe:/a:novell:suse_linux:sqlite3-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-3215-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153643", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3215-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153643);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2016-6153\",\n \"CVE-2017-2518\",\n \"CVE-2017-10989\",\n \"CVE-2018-8740\",\n \"CVE-2018-20346\",\n \"CVE-2019-8457\",\n \"CVE-2019-16168\",\n \"CVE-2019-19244\",\n \"CVE-2019-19317\",\n \"CVE-2019-19603\",\n \"CVE-2019-19645\",\n \"CVE-2019-19646\",\n \"CVE-2019-19880\",\n \"CVE-2019-19923\",\n \"CVE-2019-19924\",\n \"CVE-2019-19925\",\n \"CVE-2019-19926\",\n \"CVE-2019-19959\",\n \"CVE-2019-20218\",\n \"CVE-2020-9327\",\n \"CVE-2020-13434\",\n \"CVE-2020-13435\",\n \"CVE-2020-13630\",\n \"CVE-2020-13631\",\n \"CVE-2020-13632\",\n \"CVE-2020-15358\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3215-1\");\n script_xref(name:\"IAVA\", value:\"2020-A-0358-S\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : sqlite3 (SUSE-SU-2021:3215-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:3215-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows\n context-dependent attackers to cause a denial of service (uninitialized memory access and application\n crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by\n COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison\n operators, which allows context-dependent attackers to cause a denial of service (invalid free operation)\n or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a\n CREATE TABLE statement. (CVE-2015-3415)\n\n - os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which\n might allow local users to obtain sensitive information, cause a denial of service (application crash), or\n have unspecified other impact by leveraging use of the current working directory for temporary files.\n (CVE-2016-6153)\n\n - The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other\n products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-\n read or possibly unspecified other impact. (CVE-2017-10989)\n\n - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is\n affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the\n SQLite component. It allows remote attackers to execute arbitrary code or cause a denial of service\n (buffer overflow and application crash) via a crafted SQL statement. (CVE-2017-2518)\n\n - SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant\n buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote\n attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in\n certain WebSQL use cases), aka Magellan. (CVE-2018-20346)\n\n - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could\n cause a NULL pointer dereference, related to build.c and prepare.c. (CVE-2018-8740)\n\n - In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application\n because of missing validation of a sqlite_stat1 sz field, aka a severe division by zero in the query\n planner. (CVE-2019-16168)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window\n functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated\n column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application\n crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-\n referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain\n cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference\n because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT\n JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect\n results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This\n is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP\n archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by\n errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for\n CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving\n embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for\n example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode()\n function when handling invalid rtree tables. (CVE-2019-8457)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet\n feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related\n to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo()\n query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy\n heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and\n segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1157818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1164719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1173641\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-September/009509.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b948800c\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2016-6153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-10989\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-2518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-20218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9327\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsqlite3-0, libsqlite3-0-32bit, sqlite3 and / or sqlite3-devel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8457\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'libsqlite3-0-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsqlite3-0-32bit-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sqlite3-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sqlite3-devel-3.36.0-9.18.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsqlite3-0 / libsqlite3-0-32bit / sqlite3 / sqlite3-devel');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:33", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1058-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self- referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-20T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:1058-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2019-19244", "CVE-2019-19317", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19646", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-19959", "CVE-2019-20218", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-15358", "CVE-2020-9327"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsqlite3-0", "p-cpe:/a:novell:opensuse:libsqlite3-0-32bit", "p-cpe:/a:novell:opensuse:sqlite3", "p-cpe:/a:novell:opensuse:sqlite3-devel", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1058.NASL", "href": "https://www.tenable.com/plugins/nessus/151816", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1058-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151816);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2019-19244\",\n \"CVE-2019-19317\",\n \"CVE-2019-19603\",\n \"CVE-2019-19645\",\n \"CVE-2019-19646\",\n \"CVE-2019-19880\",\n \"CVE-2019-19923\",\n \"CVE-2019-19924\",\n \"CVE-2019-19925\",\n \"CVE-2019-19926\",\n \"CVE-2019-19959\",\n \"CVE-2019-20218\",\n \"CVE-2020-9327\",\n \"CVE-2020-13434\",\n \"CVE-2020-13435\",\n \"CVE-2020-13630\",\n \"CVE-2020-13631\",\n \"CVE-2020-13632\",\n \"CVE-2020-15358\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0358-S\");\n\n script_name(english:\"openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:1058-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1058-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows\n context-dependent attackers to cause a denial of service (uninitialized memory access and application\n crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by\n COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison\n operators, which allows context-dependent attackers to cause a denial of service (invalid free operation)\n or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a\n CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window\n functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated\n column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application\n crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-\n referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain\n cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference\n because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT\n JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect\n results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This\n is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP\n archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by\n errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for\n CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving\n embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for\n example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet\n feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related\n to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo()\n query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy\n heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and\n segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1157818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1164719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1173641\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SB6Z44NRR3L5O3VXGRWAB7XUKDS4TMFZ/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7bcf13b2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-20218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9327\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsqlite3-0, libsqlite3-0-32bit, sqlite3 and / or sqlite3-devel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19646\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nos_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\npkgs = [\n {'reference':'libsqlite3-0-3.36.0-lp152.4.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsqlite3-0-32bit-3.36.0-lp152.4.3.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite3-3.36.0-lp152.4.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite3-devel-3.36.0-lp152.4.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsqlite3-0 / libsqlite3-0-32bit / sqlite3 / sqlite3-devel');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:56", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2320-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self- referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-16T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:2320-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2019-19244", "CVE-2019-19317", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19646", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-19959", "CVE-2019-20218", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-15358", "CVE-2020-9327"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsqlite3-0", "p-cpe:/a:novell:opensuse:libsqlite3-0-32bit", "p-cpe:/a:novell:opensuse:sqlite3", "p-cpe:/a:novell:opensuse:sqlite3-devel", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-2320.NASL", "href": "https://www.tenable.com/plugins/nessus/151748", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:2320-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151748);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2019-19244\",\n \"CVE-2019-19317\",\n \"CVE-2019-19603\",\n \"CVE-2019-19645\",\n \"CVE-2019-19646\",\n \"CVE-2019-19880\",\n \"CVE-2019-19923\",\n \"CVE-2019-19924\",\n \"CVE-2019-19925\",\n \"CVE-2019-19926\",\n \"CVE-2019-19959\",\n \"CVE-2019-20218\",\n \"CVE-2020-9327\",\n \"CVE-2020-13434\",\n \"CVE-2020-13435\",\n \"CVE-2020-13630\",\n \"CVE-2020-13631\",\n \"CVE-2020-13632\",\n \"CVE-2020-15358\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0358-S\");\n\n script_name(english:\"openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:2320-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:2320-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows\n context-dependent attackers to cause a denial of service (uninitialized memory access and application\n crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by\n COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison\n operators, which allows context-dependent attackers to cause a denial of service (invalid free operation)\n or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a\n CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window\n functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated\n column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application\n crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-\n referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain\n cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference\n because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT\n JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect\n results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This\n is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP\n archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by\n errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for\n CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving\n embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for\n example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet\n feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related\n to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo()\n query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy\n heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and\n segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1157818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1164719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1173641\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JD4EZ74IZ57MKTDKDVIUAIG6VCAEKMD5/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?405d0bcc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-20218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9327\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsqlite3-0, libsqlite3-0-32bit, sqlite3 and / or sqlite3-devel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19646\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsqlite3-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nos_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\npkgs = [\n {'reference':'libsqlite3-0-3.36.0-3.12.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsqlite3-0-32bit-3.36.0-3.12.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite3-3.36.0-3.12.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite3-devel-3.36.0-3.12.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsqlite3-0 / libsqlite3-0-32bit / sqlite3 / sqlite3-devel');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:41", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2320-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self- referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-15T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : sqlite3 (SUSE-SU-2021:2320-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2019-19244", "CVE-2019-19317", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19646", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-19959", "CVE-2019-20218", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-15358", "CVE-2020-9327"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsqlite3-0", "p-cpe:/a:novell:suse_linux:libsqlite3-0-32bit", "p-cpe:/a:novell:suse_linux:sqlite3", "p-cpe:/a:novell:suse_linux:sqlite3-devel", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-2320-1.NASL", "href": "https://www.tenable.com/plugins/nessus/151654", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:2320-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151654);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2019-19244\",\n \"CVE-2019-19317\",\n \"CVE-2019-19603\",\n \"CVE-2019-19645\",\n \"CVE-2019-19646\",\n \"CVE-2019-19880\",\n \"CVE-2019-19923\",\n \"CVE-2019-19924\",\n \"CVE-2019-19925\",\n \"CVE-2019-19926\",\n \"CVE-2019-19959\",\n \"CVE-2019-20218\",\n \"CVE-2020-9327\",\n \"CVE-2020-13434\",\n \"CVE-2020-13435\",\n \"CVE-2020-13630\",\n \"CVE-2020-13631\",\n \"CVE-2020-13632\",\n \"CVE-2020-15358\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:2320-1\");\n script_xref(name:\"IAVA\", value:\"2020-A-0358-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : sqlite3 (SUSE-SU-2021:2320-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:2320-1 advisory.\n\n - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows\n context-dependent attackers to cause a denial of service (uninitialized memory access and application\n crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by\n COLLATE at the end of a SELECT statement. (CVE-2015-3414)\n\n - The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison\n operators, which allows context-dependent attackers to cause a denial of service (invalid free operation)\n or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O;>O) in a\n CREATE TABLE statement. (CVE-2015-3415)\n\n - sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window\n functions, and also has certain ORDER BY usage. (CVE-2019-19244)\n\n - lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated\n column, which allows attackers to cause a denial of service or possibly have unspecified other impact.\n (CVE-2019-19317)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application\n crash. (CVE-2019-19603)\n\n - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-\n referential views in conjunction with ALTER TABLE statements. (CVE-2019-19645)\n\n - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain\n cases of generated columns. (CVE-2019-19646)\n\n - exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference\n because constant integer values in ORDER BY clauses of window definitions are mishandled. (CVE-2019-19880)\n\n - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT\n JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect\n results). (CVE-2019-19923)\n\n - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This\n is caused by incorrect sqlite3WindowRewrite() error handling. (CVE-2019-19924)\n\n - zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP\n archive. (CVE-2019-19925)\n\n - multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by\n errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for\n CVE-2019-19880. (CVE-2019-19926)\n\n - ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving\n embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for\n example) valgrind. (CVE-2019-19959)\n\n - selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.\n (CVE-2019-20218)\n\n - SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. (CVE-2020-13434)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet\n feature. (CVE-2020-13630)\n\n - SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related\n to alter.c and build.c. (CVE-2020-13631)\n\n - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo()\n query. (CVE-2020-13632)\n\n - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy\n heap overflow because of misuse of transitive properties for constant propagation. (CVE-2020-15358)\n\n - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and\n segmentation fault because of generated column optimizations. (CVE-2020-9327)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/928701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1157818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1160439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1164719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1173641\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-July/009137.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1fe5c1d1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-20218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9327\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsqlite3-0, libsqlite3-0-32bit, sqlite3 and / or sqlite3-devel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19646\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsqlite3-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar