EulerOS Virtualization 3.0.2.2 : bluez (EulerOS-SA-2021-2129)

2021-07-06T00:00:00

Description

According to the versions of the bluez package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BlueZ 5.42, a use-after-free was identified in 'conf_opt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9798) - In BlueZ 5.42, a buffer overflow was observed in 'pin_code_reply_dump' function in 'tools/parser/hci.c' source file. The issue exists because 'pin' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800) - In BlueZ 5.42, a buffer overflow was observed in 'set_ext_ctrl' function in 'tools/parser/l2cap.c' source file when processing corrupted dump file.(CVE-2016-9801) - In BlueZ 5.42, a buffer over-read was identified in 'l2cap_packet' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9802) - In BlueZ 5.42, a buffer overflow was observed in 'commands_dump' function in 'tools/parser/csr.c' source file. The issue exists because 'commands' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'frm->ptr' parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9804) - In BlueZ 5.42, a buffer overflow was observed in 'read_n' function in 'tools/hcidump.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9917) - In BlueZ 5.42, an out-of-bounds read was identified in 'packet_hexdump' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9918) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

{"id": "EULEROS_SA-2021-2129.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "EulerOS Virtualization 3.0.2.2 : bluez (EulerOS-SA-2021-2129)", "description": "According to the versions of the bluez package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - In BlueZ 5.42, a use-after-free was identified in 'conf_opt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'pin_code_reply_dump' function in 'tools/parser/hci.c' source file. The issue exists because 'pin' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'set_ext_ctrl' function in 'tools/parser/l2cap.c' source file when processing corrupted dump file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in 'l2cap_packet' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'commands_dump' function in 'tools/parser/csr.c' source file. The issue exists because 'commands' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'frm->ptr' parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in 'packet_hexdump' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2021-07-06T00:00:00", "modified": "2021-07-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": true, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://www.tenable.com/plugins/nessus/151392", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9798", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9917", "http://www.nessus.org/u?bda265d4", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9800", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9918", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9804", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9801", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9802"], "cvelist": ["CVE-2016-9798", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918"], "immutableFields": [], "lastseen": "2023-03-01T15:05:31", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "cve", "idList": ["CVE-2016-9798", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-9798", "DEBIANCVE:CVE-2016-9800", "DEBIANCVE:CVE-2016-9801", "DEBIANCVE:CVE-2016-9802", "DEBIANCVE:CVE-2016-9804", "DEBIANCVE:CVE-2016-9917", "DEBIANCVE:CVE-2016-9918"]}, {"type": "mageia", "idList": ["MGASA-2019-0052"]}, {"type": "nessus", "idList": ["EULEROS_SA-2019-2380.NASL", "EULEROS_SA-2019-2559.NASL", "EULEROS_SA-2021-1179.NASL", "EULEROS_SA-2021-1427.NASL", "EULEROS_SA-2021-1460.NASL", "EULEROS_SA-2021-2088.NASL", "OPENSUSE-2018-1596.NASL", "OPENSUSE-2019-1030.NASL", "OPENSUSE-2019-1198.NASL", "OPENSUSE-2019-1476.NASL", "OPENSUSE-2019-2585.NASL", "OPENSUSE-2019-2588.NASL", "SUSE_SU-2018-1778-1.NASL", "SUSE_SU-2018-4188-1.NASL", "SUSE_SU-2018-4189-1.NASL", "SUSE_SU-2019-0510-1.NASL", "SUSE_SU-2019-0841-1.NASL", "SUSE_SU-2019-1339-1.NASL", "SUSE_SU-2019-1353-1.NASL", "SUSE_SU-2019-1353-2.NASL", "SUSE_SU-2019-2915-1.NASL", "SUSE_SU-2019-3046-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852200", "OPENVAS:1361412562310852417", "OPENVAS:1361412562310852526", "OPENVAS:1361412562310852789", "OPENVAS:1361412562310852809", "OPENVAS:1361412562311220192380", "OPENVAS:1361412562311220192559"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9798", "RH:CVE-2016-9800", "RH:CVE-2016-9801", "RH:CVE-2016-9802", "RH:CVE-2016-9804", "RH:CVE-2016-9917", "RH:CVE-2016-9918"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:4259-1", "OPENSUSE-SU-2019:1198-1", "OPENSUSE-SU-2019:1476-1", "OPENSUSE-SU-2019:2585-1", "OPENSUSE-SU-2019:2588-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-9798", "UB:CVE-2016-9800", "UB:CVE-2016-9801", "UB:CVE-2016-9802", "UB:CVE-2016-9804", "UB:CVE-2016-9917", "UB:CVE-2016-9918"]}]}, "score": {"value": 0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2016-9798", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-9798", "DEBIANCVE:CVE-2016-9800", "DEBIANCVE:CVE-2016-9801", "DEBIANCVE:CVE-2016-9802", "DEBIANCVE:CVE-2016-9804", "DEBIANCVE:CVE-2016-9917", "DEBIANCVE:CVE-2016-9918"]}, {"type": "nessus", "idList": ["OPENSUSE-2018-1596.NASL", "SUSE_SU-2018-1778-1.NASL", "SUSE_SU-2018-4188-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852200"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9798", "RH:CVE-2016-9800", "RH:CVE-2016-9801", "RH:CVE-2016-9802", "RH:CVE-2016-9804", "RH:CVE-2016-9917", "RH:CVE-2016-9918"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:4259-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-9798", "UB:CVE-2016-9800", "UB:CVE-2016-9801", "UB:CVE-2016-9802", "UB:CVE-2016-9804", "UB:CVE-2016-9917", "UB:CVE-2016-9918"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2016-9798", "epss": "0.003660000", "percentile": "0.681370000", "modified": "2023-03-17"}, {"cve": "CVE-2016-9800", "epss": "0.002010000", "percentile": "0.562350000", "modified": "2023-03-17"}, {"cve": "CVE-2016-9801", "epss": "0.002010000", "percentile": "0.562350000", "modified": "2023-03-17"}, {"cve": "CVE-2016-9802", "epss": "0.003100000", "percentile": "0.653240000", "modified": "2023-03-17"}, {"cve": "CVE-2016-9804", "epss": "0.002010000", "percentile": "0.562350000", "modified": "2023-03-17"}, {"cve": "CVE-2016-9917", "epss": "0.001420000", "percentile": "0.482670000", "modified": "2023-03-17"}, {"cve": "CVE-2016-9918", "epss": "0.003030000", "percentile": "0.649190000", "modified": "2023-03-17"}], "vulnersScore": 0.1}, "_state": {"dependencies": 1677684187, "score": 1677683198, "epss": 1679098904}, "_internal": {"score_hash": "9c30ac400fb0c27ddfa8358ceade02cc"}, "pluginID": "151392", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151392);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/08\");\n\n script_cve_id(\n \"CVE-2016-9798\",\n \"CVE-2016-9800\",\n \"CVE-2016-9801\",\n \"CVE-2016-9802\",\n \"CVE-2016-9804\",\n \"CVE-2016-9917\",\n \"CVE-2016-9918\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : bluez (EulerOS-SA-2021-2129)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bluez package installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - In BlueZ 5.42, a use-after-free was identified in\n 'conf_opt' function in 'tools/parser/l2cap.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in hcidump\n crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'pin_code_reply_dump' function in 'tools/parser/hci.c'\n source file. The issue exists because 'pin' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'set_ext_ctrl' function in 'tools/parser/l2cap.c'\n source file when processing corrupted dump\n file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in\n 'l2cap_packet' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'commands_dump' function in 'tools/parser/csr.c' source\n file. The issue exists because 'commands' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'frm->ptr' parameter. This issue can be triggered by\n processing a corrupted dump file and will result in\n hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted\n dump file and will result in hcidump\n crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in\n 'packet_hexdump' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2129\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bda265d4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bluez packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9918\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"bluez-libs-5.44-4.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "naslFamily": "Huawei Local Security Checks", "cpe": ["p-cpe:/a:huawei:euleros:bluez-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "solution": "Update the affected bluez packages.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2016-9918", "vendor_cvss2": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "vendor_cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "vpr": {"risk factor": "Medium", "score": "4.4"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-07-06T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}

{"nessus": [{"lastseen": "2023-03-01T14:58:55", "description": "According to the versions of the bluez packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In BlueZ 5.42, a use-after-free was identified in 'conf_opt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'pin_code_reply_dump' function in 'tools/parser/hci.c' source file. The issue exists because 'pin' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'set_ext_ctrl' function in 'tools/parser/l2cap.c' source file when processing corrupted dump file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in 'l2cap_packet' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'commands_dump' function in 'tools/parser/csr.c' source file. The issue exists because 'commands' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'frm->ptr' parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in 'packet_hexdump' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-02-04T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : bluez (EulerOS-SA-2021-1179)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918"], "modified": "2021-02-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bluez", "p-cpe:/a:huawei:euleros:bluez-libs", "p-cpe:/a:huawei:euleros:bluez-libs-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1179.NASL", "href": "https://www.tenable.com/plugins/nessus/146182", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146182);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/08\");\n\n script_cve_id(\n \"CVE-2016-9798\",\n \"CVE-2016-9800\",\n \"CVE-2016-9801\",\n \"CVE-2016-9802\",\n \"CVE-2016-9804\",\n \"CVE-2016-9917\",\n \"CVE-2016-9918\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : bluez (EulerOS-SA-2021-1179)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bluez packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In BlueZ 5.42, a use-after-free was identified in\n 'conf_opt' function in 'tools/parser/l2cap.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in hcidump\n crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'pin_code_reply_dump' function in 'tools/parser/hci.c'\n source file. The issue exists because 'pin' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'set_ext_ctrl' function in 'tools/parser/l2cap.c'\n source file when processing corrupted dump\n file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in\n 'l2cap_packet' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'commands_dump' function in 'tools/parser/csr.c' source\n file. The issue exists because 'commands' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'frm->ptr' parameter. This issue can be triggered by\n processing a corrupted dump file and will result in\n hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted\n dump file and will result in hcidump\n crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in\n 'packet_hexdump' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1179\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d4870c43\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bluez packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9918\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"bluez-5.44-4.h2.eulerosv2r7\",\n \"bluez-libs-5.44-4.h2.eulerosv2r7\",\n \"bluez-libs-devel-5.44-4.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T15:23:56", "description": "According to the versions of the bluez package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - In BlueZ 5.42, a use-after-free was identified in 'conf_opt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'pin_code_reply_dump' function in 'tools/parser/hci.c' source file. The issue exists because 'pin' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'set_ext_ctrl' function in 'tools/parser/l2cap.c' source file when processing corrupted dump file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in 'l2cap_packet' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'commands_dump' function in 'tools/parser/csr.c' source file. The issue exists because 'commands' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'frm->ptr' parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in 'packet_hexdump' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.6 : bluez (EulerOS-SA-2021-1427)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918"], "modified": "2021-03-16T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bluez-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.6"], "id": "EULEROS_SA-2021-1427.NASL", "href": "https://www.tenable.com/plugins/nessus/147516", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147516);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/16\");\n\n script_cve_id(\n \"CVE-2016-9798\",\n \"CVE-2016-9800\",\n \"CVE-2016-9801\",\n \"CVE-2016-9802\",\n \"CVE-2016-9804\",\n \"CVE-2016-9917\",\n \"CVE-2016-9918\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.6 : bluez (EulerOS-SA-2021-1427)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bluez package installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - In BlueZ 5.42, a use-after-free was identified in\n 'conf_opt' function in 'tools/parser/l2cap.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in hcidump\n crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'pin_code_reply_dump' function in 'tools/parser/hci.c'\n source file. The issue exists because 'pin' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'set_ext_ctrl' function in 'tools/parser/l2cap.c'\n source file when processing corrupted dump\n file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in\n 'l2cap_packet' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'commands_dump' function in 'tools/parser/csr.c' source\n file. The issue exists because 'commands' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'frm->ptr' parameter. This issue can be triggered by\n processing a corrupted dump file and will result in\n hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted\n dump file and will result in hcidump\n crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in\n 'packet_hexdump' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1427\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ea85cab4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bluez packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9918\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"bluez-libs-5.44-4.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-01T14:59:17", "description": "According to the versions of the bluez packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - In BlueZ 5.42, a use-after-free was identified in 'conf_opt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'pin_code_reply_dump' function in 'tools/parser/hci.c' source file. The issue exists because 'pin' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'set_ext_ctrl' function in 'tools/parser/l2cap.c' source file when processing corrupted dump file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in 'l2cap_packet' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'commands_dump' function in 'tools/parser/csr.c' source file. The issue exists because 'commands' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'frm->ptr' parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in 'packet_hexdump' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : bluez (EulerOS-SA-2021-1460)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918"], "modified": "2021-03-16T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bluez", "p-cpe:/a:huawei:euleros:bluez-libs", "p-cpe:/a:huawei:euleros:bluez-libs-devel", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2021-1460.NASL", "href": "https://www.tenable.com/plugins/nessus/147616", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147616);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/16\");\n\n script_cve_id(\n \"CVE-2016-9798\",\n \"CVE-2016-9800\",\n \"CVE-2016-9801\",\n \"CVE-2016-9802\",\n \"CVE-2016-9804\",\n \"CVE-2016-9917\",\n \"CVE-2016-9918\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : bluez (EulerOS-SA-2021-1460)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bluez packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In BlueZ 5.42, a use-after-free was identified in\n 'conf_opt' function in 'tools/parser/l2cap.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in hcidump\n crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'pin_code_reply_dump' function in 'tools/parser/hci.c'\n source file. The issue exists because 'pin' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'set_ext_ctrl' function in 'tools/parser/l2cap.c'\n source file when processing corrupted dump\n file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in\n 'l2cap_packet' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'commands_dump' function in 'tools/parser/csr.c' source\n file. The issue exists because 'commands' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'frm->ptr' parameter. This issue can be triggered by\n processing a corrupted dump file and will result in\n hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted\n dump file and will result in hcidump\n crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in\n 'packet_hexdump' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1460\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?18baf580\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bluez packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9918\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"bluez-5.44-4.h2.eulerosv2r7\",\n \"bluez-libs-5.44-4.h2.eulerosv2r7\",\n \"bluez-libs-devel-5.44-4.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T15:15:24", "description": "According to the versions of the bluez packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In BlueZ 5.42, a use-after-free was identified in 'conf_opt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'pin_code_reply_dump' function in 'tools/parser/hci.c' source file. The issue exists because 'pin' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'set_ext_ctrl' function in 'tools/parser/l2cap.c' source file when processing corrupted dump file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in 'l2cap_packet' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'commands_dump' function in 'tools/parser/csr.c' source file. The issue exists because 'commands' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'frm->ptr' parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in 'packet_hexdump' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : bluez (EulerOS-SA-2019-2380)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bluez", "p-cpe:/a:huawei:euleros:bluez-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2380.NASL", "href": "https://www.tenable.com/plugins/nessus/131872", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131872);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-9798\",\n \"CVE-2016-9800\",\n \"CVE-2016-9801\",\n \"CVE-2016-9802\",\n \"CVE-2016-9804\",\n \"CVE-2016-9917\",\n \"CVE-2016-9918\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : bluez (EulerOS-SA-2019-2380)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bluez packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In BlueZ 5.42, a use-after-free was identified in\n 'conf_opt' function in 'tools/parser/l2cap.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in hcidump\n crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'pin_code_reply_dump' function in 'tools/parser/hci.c'\n source file. The issue exists because 'pin' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'set_ext_ctrl' function in 'tools/parser/l2cap.c'\n source file when processing corrupted dump\n file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in\n 'l2cap_packet' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'commands_dump' function in 'tools/parser/csr.c' source\n file. The issue exists because 'commands' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'frm->ptr' parameter. This issue can be triggered by\n processing a corrupted dump file and will result in\n hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted\n dump file and will result in hcidump\n crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in\n 'packet_hexdump' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2380\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d50ac5b5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bluez packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9918\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"bluez-5.44-4.h2\",\n \"bluez-libs-5.44-4.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T15:17:10", "description": "According to the versions of the bluez packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In BlueZ 5.42, a buffer overflow was observed in 'commands_dump' function in 'tools/parser/csr.c' source file. The issue exists because 'commands' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'frm->ptr' parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'pin_code_reply_dump' function in 'tools/parser/hci.c' source file. The issue exists because 'pin' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'set_ext_ctrl' function in 'tools/parser/l2cap.c' source file when processing corrupted dump file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in 'l2cap_packet' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a use-after-free was identified in 'conf_opt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in 'packet_hexdump' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-19T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : bluez (EulerOS-SA-2019-2559)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bluez", "p-cpe:/a:huawei:euleros:bluez-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2559.NASL", "href": "https://www.tenable.com/plugins/nessus/132276", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132276);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-9798\",\n \"CVE-2016-9800\",\n \"CVE-2016-9801\",\n \"CVE-2016-9802\",\n \"CVE-2016-9804\",\n \"CVE-2016-9917\",\n \"CVE-2016-9918\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : bluez (EulerOS-SA-2019-2559)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bluez packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'commands_dump' function in 'tools/parser/csr.c' source\n file. The issue exists because 'commands' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'frm->ptr' parameter. This issue can be triggered by\n processing a corrupted dump file and will result in\n hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'pin_code_reply_dump' function in 'tools/parser/hci.c'\n source file. The issue exists because 'pin' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted\n dump file and will result in hcidump\n crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'set_ext_ctrl' function in 'tools/parser/l2cap.c'\n source file when processing corrupted dump\n file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer over-read was identified in\n 'l2cap_packet' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a use-after-free was identified in\n 'conf_opt' function in 'tools/parser/l2cap.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in hcidump\n crash.(CVE-2016-9798)\n\n - In BlueZ 5.42, an out-of-bounds read was identified in\n 'packet_hexdump' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9918)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2559\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fa68dccf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bluez packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9918\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"bluez-5.44-4.h3\",\n \"bluez-libs-5.44-4.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:53:01", "description": "According to the versions of the bluez package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - In BlueZ 5.42, an out-of-bounds read was identified in 'packet_hexdump' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9918)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'commands_dump' function in 'tools/parser/csr.c' source file. The issue exists because 'commands' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'frm->ptr' parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer over-read was identified in 'l2cap_packet' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'set_ext_ctrl' function in 'tools/parser/l2cap.c' source file when processing corrupted dump file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer overflow was observed in 'pin_code_reply_dump' function in 'tools/parser/hci.c' source file. The issue exists because 'pin' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a use-after-free was identified in 'conf_opt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9798)\n\n - In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.(CVE-2020-27153)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2021-07-02T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : bluez (EulerOS-SA-2021-2088)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918", "CVE-2020-27153"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bluez-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2021-2088.NASL", "href": "https://www.tenable.com/plugins/nessus/151295", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151295);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2016-9798\",\n \"CVE-2016-9800\",\n \"CVE-2016-9801\",\n \"CVE-2016-9802\",\n \"CVE-2016-9804\",\n \"CVE-2016-9917\",\n \"CVE-2016-9918\",\n \"CVE-2020-27153\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : bluez (EulerOS-SA-2021-2088)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bluez package installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - In BlueZ 5.42, an out-of-bounds read was identified in\n 'packet_hexdump' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9918)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'read_n' function in 'tools/hcidump.c' source file.\n This issue can be triggered by processing a corrupted\n dump file and will result in hcidump\n crash.(CVE-2016-9917)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'commands_dump' function in 'tools/parser/csr.c' source\n file. The issue exists because 'commands' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'frm->ptr' parameter. This issue can be triggered by\n processing a corrupted dump file and will result in\n hcidump crash.(CVE-2016-9804)\n\n - In BlueZ 5.42, a buffer over-read was identified in\n 'l2cap_packet' function in 'monitor/packet.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in btmon\n crash.(CVE-2016-9802)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'set_ext_ctrl' function in 'tools/parser/l2cap.c'\n source file when processing corrupted dump\n file.(CVE-2016-9801)\n\n - In BlueZ 5.42, a buffer overflow was observed in\n 'pin_code_reply_dump' function in 'tools/parser/hci.c'\n source file. The issue exists because 'pin' array is\n overflowed by supplied parameter due to lack of\n boundary checks on size of the buffer from frame\n 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\n - In BlueZ 5.42, a use-after-free was identified in\n 'conf_opt' function in 'tools/parser/l2cap.c' source\n file. This issue can be triggered by processing a\n corrupted dump file and will result in hcidump\n crash.(CVE-2016-9798)\n\n - In BlueZ before 5.55, a double free was found in the\n gatttool disconnect_cb() routine from shared/att.c. A\n remote attacker could potentially cause a denial of\n service or code execution, during service discovery,\n due to a redundant disconnect MGMT\n event.(CVE-2020-27153)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2088\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?03dfb15d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bluez packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bluez-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"bluez-libs-5.44-4.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:22:27", "description": "This update for bluez fixes the following issues :\n\nSecurity vulnerability addressed :\n\nCVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).\n\nCVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\nCVE-2016-9917: Fixed a heap-based buffer overflow in read_n() (bsc#1015171).\n\nCVE-2016-9802: Fixed a buffer over-read in l2cap_packet() (bsc#1013893).\n\nCVE-2016-9918: Fixed an out-of-bounds stack read in packet_hexdump(), which could be triggered by processing a corrupted dump file and will result in a crash of the hcidump tool (bsc#1015173)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2019:1339-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9797", "CVE-2016-9798", "CVE-2016-9802", "CVE-2016-9917", "CVE-2016-9918"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bluez", "p-cpe:/a:novell:suse_linux:bluez-cups", "p-cpe:/a:novell:suse_linux:bluez-cups-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debugsource", "p-cpe:/a:novell:suse_linux:libbluetooth3", "p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-1339-1.NASL", "href": "https://www.tenable.com/plugins/nessus/125459", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1339-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125459);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2016-9797\", \"CVE-2016-9798\", \"CVE-2016-9802\", \"CVE-2016-9917\", \"CVE-2016-9918\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2019:1339-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bluez fixes the following issues :\n\nSecurity vulnerability addressed :\n\nCVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).\n\nCVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\nCVE-2016-9917: Fixed a heap-based buffer overflow in read_n()\n(bsc#1015171).\n\nCVE-2016-9802: Fixed a buffer over-read in l2cap_packet()\n(bsc#1013893).\n\nCVE-2016-9918: Fixed an out-of-bounds stack read in packet_hexdump(),\nwhich could be triggered by processing a corrupted dump file and will\nresult in a crash of the hcidump tool (bsc#1015173)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1015171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1015173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9797/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9798/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9802/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9917/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9918/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191339-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?14b5359b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-1339=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2019-1339=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-1339=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2019-1339=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-1339=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-1339=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-1339=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2019-1339=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"bluez-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"bluez-debuginfo-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"bluez-debugsource-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libbluetooth3-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libbluetooth3-debuginfo-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"bluez-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"bluez-debuginfo-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"bluez-debugsource-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libbluetooth3-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libbluetooth3-debuginfo-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-cups-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-cups-debuginfo-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-debuginfo-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-debugsource-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libbluetooth3-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libbluetooth3-debuginfo-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-cups-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-cups-debuginfo-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-debuginfo-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-debugsource-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libbluetooth3-5.13-5.12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libbluetooth3-debuginfo-5.13-5.12.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:49:16", "description": "This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2016-7837: Fixed possible buffer overflow, make sure we don't write past the end of the array.(bsc#1026652)\n\nCVE-2016-9800: Fix hcidump memory leak in pin_code_reply_dump() (bsc#1013721).\n\nCVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl function (bsc#1013732)\n\nCVE-2016-9804: Fix hcidump buffer overflow in commands_dump() (bsc#1013877).\n\nCVE-2016-9918: Fixed an out-of-bounds read in packet_hexdump() (bsc#1015173)\n\nCVE-2017-1000250: Fixed a information leak in SDP (part of the recently published BlueBorne vulnerabilities) (bsc#1057342)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-01T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : bluez (SUSE-SU-2019:0510-1) (BlueBorne)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7837", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9804", "CVE-2016-9918", "CVE-2017-1000250"], "modified": "2020-02-07T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bluez", "p-cpe:/a:novell:suse_linux:bluez-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debugsource", "p-cpe:/a:novell:suse_linux:libbluetooth3", "p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0510-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122530", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0510-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122530);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/07\");\n\n script_cve_id(\"CVE-2016-7837\", \"CVE-2016-9800\", \"CVE-2016-9801\", \"CVE-2016-9804\", \"CVE-2016-9918\", \"CVE-2017-1000250\");\n\n script_name(english:\"SUSE SLES12 Security Update : bluez (SUSE-SU-2019:0510-1) (BlueBorne)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2016-7837: Fixed possible buffer overflow, make sure we don't\nwrite past the end of the array.(bsc#1026652)\n\nCVE-2016-9800: Fix hcidump memory leak in pin_code_reply_dump()\n(bsc#1013721).\n\nCVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl function\n(bsc#1013732)\n\nCVE-2016-9804: Fix hcidump buffer overflow in commands_dump()\n(bsc#1013877).\n\nCVE-2016-9918: Fixed an out-of-bounds read in packet_hexdump()\n(bsc#1015173)\n\nCVE-2017-1000250: Fixed a information leak in SDP (part of the\nrecently published BlueBorne vulnerabilities) (bsc#1057342)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1015173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1026652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1057342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7837/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9800/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9801/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9804/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9918/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000250/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190510-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?69fdcf82\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2019-510=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-510=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2019-510=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-7837\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/01\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bluez-5.13-3.10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bluez-debuginfo-5.13-3.10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bluez-debugsource-5.13-3.10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libbluetooth3-5.13-3.10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libbluetooth3-debuginfo-5.13-3.10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"bluez-5.13-3.10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"bluez-debuginfo-5.13-3.10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"bluez-debugsource-5.13-3.10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libbluetooth3-5.13-3.10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libbluetooth3-debuginfo-5.13-3.10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T13:51:03", "description": "This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\n - CVE-2016-9917: Fixed a heap-based buffer overflow in read_n() (bsc#1015171).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-05-31T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bluez (openSUSE-2019-1476)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9797", "CVE-2016-9798", "CVE-2016-9802", "CVE-2016-9917"], "modified": "2020-09-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bluez", "p-cpe:/a:novell:opensuse:bluez-auto-enable-devices", "p-cpe:/a:novell:opensuse:bluez-cups", "p-cpe:/a:novell:opensuse:bluez-cups-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debugsource", "p-cpe:/a:novell:opensuse:bluez-devel", "p-cpe:/a:novell:opensuse:bluez-devel-32bit", "p-cpe:/a:novell:opensuse:bluez-test", "p-cpe:/a:novell:opensuse:bluez-test-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-1476.NASL", "href": "https://www.tenable.com/plugins/nessus/125618", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1476.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125618);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/23\");\n\n script_cve_id(\"CVE-2016-9797\", \"CVE-2016-9798\", \"CVE-2016-9802\", \"CVE-2016-9917\");\n\n script_name(english:\"openSUSE Security Update : bluez (openSUSE-2019-1476)\");\n script_summary(english:\"Check for the openSUSE-2019-1476 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-9797: Fixed a buffer over-read in l2cap_dump()\n (bsc#1013708).\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt()\n (bsc#1013712).\n\n - CVE-2016-9917: Fixed a heap-based buffer overflow in\n read_n() (bsc#1015171).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1013708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1013712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1013893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1015171\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected bluez packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-auto-enable-devices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-auto-enable-devices-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-cups-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-cups-debuginfo-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-debuginfo-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-debugsource-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-devel-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-test-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-test-debuginfo-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libbluetooth3-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libbluetooth3-debuginfo-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"bluez-devel-32bit-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-5.48-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-debuginfo-5.48-lp151.8.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez / bluez-auto-enable-devices / bluez-cups / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T13:50:26", "description": "This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).\n\nCVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\nCVE-2016-9917: Fixed a heap-based buffer overflow in read_n() (bsc#1015171).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2019:1353-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9797", "CVE-2016-9798", "CVE-2016-9802", "CVE-2016-9917"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bluez", "p-cpe:/a:novell:suse_linux:bluez-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debugsource", "p-cpe:/a:novell:suse_linux:bluez-devel", "p-cpe:/a:novell:suse_linux:bluez-test", "p-cpe:/a:novell:suse_linux:bluez-test-debuginfo", "p-cpe:/a:novell:suse_linux:libbluetooth3", "p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-1353-1.NASL", "href": "https://www.tenable.com/plugins/nessus/125467", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1353-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125467);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2016-9797\", \"CVE-2016-9798\", \"CVE-2016-9802\", \"CVE-2016-9917\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2019:1353-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).\n\nCVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\nCVE-2016-9917: Fixed a heap-based buffer overflow in read_n()\n(bsc#1015171).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1015171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9797/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9798/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9802/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9917/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191353-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?380203a1\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15:zypper in -t patch\nSUSE-SLE-Product-WE-15-2019-1353=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-1353=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2019-1353=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-1353=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-debugsource-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-devel-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-test-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-test-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libbluetooth3-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libbluetooth3-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-debugsource-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-devel-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-test-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-test-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libbluetooth3-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libbluetooth3-debuginfo-5.48-5.16.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T15:12:21", "description": "This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).\n\nCVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\nCVE-2016-9917: Fixed a heap-based buffer overflow in read_n() (bsc#1015171).\n\nCVE-2016-9802: Fixed a buffer over-read in l2cap_packet() (bsc#1013893).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-10-21T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2019:1353-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9797", "CVE-2016-9798", "CVE-2016-9802", "CVE-2016-9917"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bluez", "p-cpe:/a:novell:suse_linux:bluez-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debugsource", "p-cpe:/a:novell:suse_linux:bluez-devel", "p-cpe:/a:novell:suse_linux:bluez-test", "p-cpe:/a:novell:suse_linux:bluez-test-debuginfo", "p-cpe:/a:novell:suse_linux:libbluetooth3", "p-cpe:/a:novell:suse_linux:libbluetooth3-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-1353-2.NASL", "href": "https://www.tenable.com/plugins/nessus/130087", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1353-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130087);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2016-9797\", \"CVE-2016-9798\", \"CVE-2016-9802\", \"CVE-2016-9917\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2019:1353-2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).\n\nCVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\nCVE-2016-9917: Fixed a heap-based buffer overflow in read_n()\n(bsc#1015171).\n\nCVE-2016-9802: Fixed a buffer over-read in l2cap_packet()\n(bsc#1013893).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1015171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9797/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9798/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9802/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9917/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191353-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?69090bfa\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15-SP1:zypper in -t patch\nSUSE-SLE-Product-WE-15-SP1-2019-1353=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1353=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP1:zypper in\n-t patch SUSE-SLE-Module-Desktop-Applications-15-SP1-2019-1353=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-1353=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"bluez-devel-32bit-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-debugsource-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-devel-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-test-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-test-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libbluetooth3-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libbluetooth3-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"bluez-devel-32bit-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-debugsource-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-devel-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-test-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-test-debuginfo-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libbluetooth3-5.48-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libbluetooth3-debuginfo-5.48-5.16.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-01T15:09:57", "description": "This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2016-9800: Fixed a buffer overflow in pin_code_reply_dump function (bsc#1013721)\n\nCVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl function (bsc#1013732)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2018:4189-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9800", "CVE-2016-9801"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bluez", "p-cpe:/a:novell:suse_linux:bluez-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debugsource", "p-cpe:/a:novell:suse_linux:bluez-devel", "p-cpe:/a:novell:suse_linux:bluez-test", "p-cpe:/a:novell:suse_linux:bluez-test-debuginfo", "p-cpe:/a:novell:suse_linux:libbluetooth3", "p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-4189-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120190", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:4189-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120190);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2016-9800\", \"CVE-2016-9801\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2018:4189-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2016-9800: Fixed a buffer overflow in pin_code_reply_dump function\n(bsc#1013721)\n\nCVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl function\n(bsc#1013732)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9800/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9801/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20184189-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9af31ddc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15:zypper in -t patch\nSUSE-SLE-Product-WE-15-2018-2988=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2018-2988=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2018-2988=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-2988=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-debuginfo-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-debugsource-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-devel-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-test-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-test-debuginfo-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libbluetooth3-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libbluetooth3-debuginfo-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-debuginfo-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-debugsource-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-devel-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-test-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-test-debuginfo-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libbluetooth3-5.48-5.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libbluetooth3-debuginfo-5.48-5.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T14:46:11", "description": "This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-9800: Fixed a buffer overflow in pin_code_reply_dump function (bsc#1013721)\n\n - CVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl function (bsc#1013732)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bluez (openSUSE-2019-1030)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9800", "CVE-2016-9801"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bluez", "p-cpe:/a:novell:opensuse:bluez-auto-enable-devices", "p-cpe:/a:novell:opensuse:bluez-cups", "p-cpe:/a:novell:opensuse:bluez-cups-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debugsource", "p-cpe:/a:novell:opensuse:bluez-devel", "p-cpe:/a:novell:opensuse:bluez-devel-32bit", "p-cpe:/a:novell:opensuse:bluez-test", "p-cpe:/a:novell:opensuse:bluez-test-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-1030.NASL", "href": "https://www.tenable.com/plugins/nessus/123160", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1030.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123160);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-9800\", \"CVE-2016-9801\");\n\n script_name(english:\"openSUSE Security Update : bluez (openSUSE-2019-1030)\");\n script_summary(english:\"Check for the openSUSE-2019-1030 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-9800: Fixed a buffer overflow in\n pin_code_reply_dump function (bsc#1013721)\n\n - CVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl\n function (bsc#1013732)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1013721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1013732\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bluez packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-auto-enable-devices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-auto-enable-devices-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-cups-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-cups-debuginfo-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-debuginfo-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-debugsource-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-devel-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-test-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-test-debuginfo-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libbluetooth3-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libbluetooth3-debuginfo-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"bluez-devel-32bit-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-debuginfo-5.48-lp150.4.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez / bluez-auto-enable-devices / bluez-cups / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-01T14:47:17", "description": "This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2016-9800: Fixed a buffer overflow in the pin_code_reply_dump function (bsc#1013721)\n\nCVE-2016-9801: Fixed a buffer overflow in the set_ext_ctrl function (bsc#1013732)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-12-20T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2018:4188-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9800", "CVE-2016-9801"], "modified": "2020-03-27T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bluez", "p-cpe:/a:novell:suse_linux:bluez-cups", "p-cpe:/a:novell:suse_linux:bluez-cups-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debugsource", "p-cpe:/a:novell:suse_linux:libbluetooth3", "p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-4188-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119806", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:4188-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119806);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/27\");\n\n script_cve_id(\"CVE-2016-9800\", \"CVE-2016-9801\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2018:4188-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2016-9800: Fixed a buffer overflow in the pin_code_reply_dump\nfunction (bsc#1013721)\n\nCVE-2016-9801: Fixed a buffer overflow in the set_ext_ctrl function\n(bsc#1013732)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9800/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9801/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20184188-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?954c6b09\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2018-2987=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2018-2987=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2018-2987=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2987=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2018-2987=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2987=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2018-2987=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2987=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"bluez-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"bluez-debuginfo-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"bluez-debugsource-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libbluetooth3-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libbluetooth3-debuginfo-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"bluez-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"bluez-debuginfo-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"bluez-debugsource-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libbluetooth3-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libbluetooth3-debuginfo-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-cups-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-cups-debuginfo-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-debuginfo-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-debugsource-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libbluetooth3-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libbluetooth3-debuginfo-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-cups-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-cups-debuginfo-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-debuginfo-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-debugsource-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libbluetooth3-5.13-5.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libbluetooth3-debuginfo-5.13-5.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-01T14:46:46", "description": "This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-9800: Fixed a buffer overflow in pin_code_reply_dump function (bsc#1013721)\n\n - CVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl function (bsc#1013732)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-12-24T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bluez (openSUSE-2018-1596)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9800", "CVE-2016-9801"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bluez", "p-cpe:/a:novell:opensuse:bluez-auto-enable-devices", "p-cpe:/a:novell:opensuse:bluez-cups", "p-cpe:/a:novell:opensuse:bluez-cups-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debugsource", "p-cpe:/a:novell:opensuse:bluez-devel", "p-cpe:/a:novell:opensuse:bluez-devel-32bit", "p-cpe:/a:novell:opensuse:bluez-test", "p-cpe:/a:novell:opensuse:bluez-test-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-1596.NASL", "href": "https://www.tenable.com/plugins/nessus/119864", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1596.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119864);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-9800\", \"CVE-2016-9801\");\n\n script_name(english:\"openSUSE Security Update : bluez (openSUSE-2018-1596)\");\n script_summary(english:\"Check for the openSUSE-2018-1596 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bluez fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-9800: Fixed a buffer overflow in\n pin_code_reply_dump function (bsc#1013721)\n\n - CVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl\n function (bsc#1013732)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1013721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1013732\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bluez packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-auto-enable-devices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-auto-enable-devices-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-cups-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-cups-debuginfo-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-debuginfo-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-debugsource-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-devel-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-test-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-test-debuginfo-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libbluetooth3-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libbluetooth3-debuginfo-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"bluez-devel-32bit-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-5.48-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-debuginfo-5.48-lp150.4.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez / bluez-auto-enable-devices / bluez-cups / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:47:27", "description": "This update for bluez fixes the following issues: Security issues fixed :\n\n - CVE-2016-9800: Fix hcidump memory leak in pin_code_reply_dump() (bsc#1013721).\n\n - CVE-2016-9804: Fix hcidump buffer overflow in commands_dump() (bsc#1013877).\n\n - CVE-2016-7837: Fix possible buffer overflow, make sure we don't write past the end of the array (bsc#1026652).\n\n - CVE-2017-1000250: Fix information disclosure vulnerability in service_search_attr_req (bsc#1057342).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-22T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2018:1778-1) (BlueBorne)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7837", "CVE-2016-9800", "CVE-2016-9804", "CVE-2017-1000250"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bluez", "p-cpe:/a:novell:suse_linux:bluez-cups", "p-cpe:/a:novell:suse_linux:bluez-cups-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debugsource", "p-cpe:/a:novell:suse_linux:libbluetooth3", "p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1778-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110661", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1778-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110661);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/09/10 13:51:48\");\n\n script_cve_id(\"CVE-2016-7837\", \"CVE-2016-9800\", \"CVE-2016-9804\", \"CVE-2017-1000250\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2018:1778-1) (BlueBorne)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bluez fixes the following issues: Security issues\nfixed :\n\n - CVE-2016-9800: Fix hcidump memory leak in\n pin_code_reply_dump() (bsc#1013721).\n\n - CVE-2016-9804: Fix hcidump buffer overflow in\n commands_dump() (bsc#1013877).\n\n - CVE-2016-7837: Fix possible buffer overflow, make sure\n we don't write past the end of the array (bsc#1026652).\n\n - CVE-2017-1000250: Fix information disclosure\n vulnerability in service_search_attr_req (bsc#1057342).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1026652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1057342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7837/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9800/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9804/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000250/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181778-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c33bbd46\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2018-1194=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-1194=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-1194=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-1194=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/22\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"bluez-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"bluez-debuginfo-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"bluez-debugsource-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libbluetooth3-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libbluetooth3-debuginfo-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-cups-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-cups-debuginfo-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-debuginfo-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"bluez-debugsource-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libbluetooth3-5.13-5.4.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libbluetooth3-debuginfo-5.13-5.4.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T14:46:52", "description": "This update for bluez fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2016-9918: Fixed a out-of-bound read in the packet_hexdump function (bsc#1015173)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bluez (openSUSE-2019-1198)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9918"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bluez", "p-cpe:/a:novell:opensuse:bluez-auto-enable-devices", "p-cpe:/a:novell:opensuse:bluez-cups", "p-cpe:/a:novell:opensuse:bluez-cups-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debugsource", "p-cpe:/a:novell:opensuse:bluez-devel", "p-cpe:/a:novell:opensuse:bluez-devel-32bit", "p-cpe:/a:novell:opensuse:bluez-test", "p-cpe:/a:novell:opensuse:bluez-test-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-1198.NASL", "href": "https://www.tenable.com/plugins/nessus/124053", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1198.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124053);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-9918\");\n\n script_name(english:\"openSUSE Security Update : bluez (openSUSE-2019-1198)\");\n script_summary(english:\"Check for the openSUSE-2019-1198 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bluez fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2016-9918: Fixed a out-of-bound read in the\n packet_hexdump function (bsc#1015173)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1015173\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bluez packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-auto-enable-devices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-auto-enable-devices-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-cups-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-cups-debuginfo-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-debuginfo-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-debugsource-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-devel-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-test-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-test-debuginfo-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libbluetooth3-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libbluetooth3-debuginfo-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"bluez-devel-32bit-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-5.48-lp150.4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-debuginfo-5.48-lp150.4.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez / bluez-auto-enable-devices / bluez-cups / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T14:47:52", "description": "This update for bluez fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2016-9918: Fixed a out-of-bound read in the packet_hexdump function (bsc#1015173)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-03T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2019:0841-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9918"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bluez", "p-cpe:/a:novell:suse_linux:bluez-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debugsource", "p-cpe:/a:novell:suse_linux:bluez-devel", "p-cpe:/a:novell:suse_linux:bluez-test", "p-cpe:/a:novell:suse_linux:bluez-test-debuginfo", "p-cpe:/a:novell:suse_linux:libbluetooth3", "p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-0841-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123673", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0841-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123673);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2016-9918\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2019:0841-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for bluez fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2016-9918: Fixed a out-of-bound read in the packet_hexdump\nfunction (bsc#1015173)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1015173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9918/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190841-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f5bd619\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15:zypper in -t patch\nSUSE-SLE-Product-WE-15-2019-841=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-841=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2019-841=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-841=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-debuginfo-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-debugsource-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-devel-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-test-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-test-debuginfo-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libbluetooth3-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libbluetooth3-debuginfo-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-debuginfo-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-debugsource-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-devel-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-test-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-test-debuginfo-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libbluetooth3-5.48-5.13.10\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libbluetooth3-debuginfo-5.48-5.13.10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T15:14:02", "description": "This update for bluez fixes the following issues :\n\nCVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-11-26T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2019:3046-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bluez", "p-cpe:/a:novell:suse_linux:bluez-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debugsource", "p-cpe:/a:novell:suse_linux:bluez-devel", "p-cpe:/a:novell:suse_linux:bluez-test", "p-cpe:/a:novell:suse_linux:bluez-test-debuginfo", "p-cpe:/a:novell:suse_linux:libbluetooth3", "p-cpe:/a:novell:suse_linux:libbluetooth3-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-3046-1.NASL", "href": "https://www.tenable.com/plugins/nessus/131303", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3046-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131303);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2016-9798\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2019:3046-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for bluez fixes the following issues :\n\nCVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9798/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193046-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4071588e\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15-SP1:zypper in -t patch\nSUSE-SLE-Product-WE-15-SP1-2019-3046=1\n\nSUSE Linux Enterprise Workstation Extension 15:zypper in -t patch\nSUSE-SLE-Product-WE-15-2019-3046=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-3046=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-3046=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP1:zypper in\n-t patch SUSE-SLE-Module-Desktop-Applications-15-SP1-2019-3046=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2019-3046=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-3046=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-3046=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"bluez-devel-32bit-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-debugsource-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-devel-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-test-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"bluez-test-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libbluetooth3-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libbluetooth3-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-debugsource-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-devel-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-test-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"bluez-test-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libbluetooth3-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libbluetooth3-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"bluez-devel-32bit-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-debugsource-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-devel-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-test-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"bluez-test-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libbluetooth3-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libbluetooth3-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-debugsource-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-devel-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-test-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"bluez-test-debuginfo-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libbluetooth3-5.48-5.19.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libbluetooth3-debuginfo-5.48-5.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T15:17:10", "description": "This update for bluez fixes the following issues :\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-12-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bluez (openSUSE-2019-2588)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798"], "modified": "2019-12-09T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bluez", "p-cpe:/a:novell:opensuse:bluez-auto-enable-devices", "p-cpe:/a:novell:opensuse:bluez-cups", "p-cpe:/a:novell:opensuse:bluez-cups-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debugsource", "p-cpe:/a:novell:opensuse:bluez-devel", "p-cpe:/a:novell:opensuse:bluez-devel-32bit", "p-cpe:/a:novell:opensuse:bluez-test", "p-cpe:/a:novell:opensuse:bluez-test-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2588.NASL", "href": "https://www.tenable.com/plugins/nessus/131534", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2588.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131534);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/09\");\n\n script_cve_id(\"CVE-2016-9798\");\n\n script_name(english:\"openSUSE Security Update : bluez (openSUSE-2019-2588)\");\n script_summary(english:\"Check for the openSUSE-2019-2588 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bluez fixes the following issues :\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt()\n (bsc#1013712).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1013712\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bluez packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-auto-enable-devices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-auto-enable-devices-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-cups-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-cups-debuginfo-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-debuginfo-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-debugsource-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-devel-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-test-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"bluez-test-debuginfo-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libbluetooth3-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libbluetooth3-debuginfo-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"bluez-devel-32bit-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-5.48-lp151.8.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-debuginfo-5.48-lp151.8.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez / bluez-auto-enable-devices / bluez-cups / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T15:15:53", "description": "This update for bluez fixes the following issues :\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-12-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bluez (openSUSE-2019-2585)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bluez", "p-cpe:/a:novell:opensuse:bluez-auto-enable-devices", "p-cpe:/a:novell:opensuse:bluez-cups", "p-cpe:/a:novell:opensuse:bluez-cups-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debuginfo", "p-cpe:/a:novell:opensuse:bluez-debugsource", "p-cpe:/a:novell:opensuse:bluez-devel", "p-cpe:/a:novell:opensuse:bluez-devel-32bit", "p-cpe:/a:novell:opensuse:bluez-test", "p-cpe:/a:novell:opensuse:bluez-test-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit", "p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2585.NASL", "href": "https://www.tenable.com/plugins/nessus/131532", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2585.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131532);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-9798\");\n\n script_name(english:\"openSUSE Security Update : bluez (openSUSE-2019-2585)\");\n script_summary(english:\"Check for the openSUSE-2019-2585 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bluez fixes the following issues :\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt()\n (bsc#1013712).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1013712\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bluez packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-auto-enable-devices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bluez-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-auto-enable-devices-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-cups-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-cups-debuginfo-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-debuginfo-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-debugsource-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-devel-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-test-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"bluez-test-debuginfo-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libbluetooth3-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libbluetooth3-debuginfo-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"bluez-devel-32bit-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-5.48-lp150.4.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libbluetooth3-32bit-debuginfo-5.48-lp150.4.16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez / bluez-auto-enable-devices / bluez-cups / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-02T15:13:21", "description": "This update for bluez fixes the following issue :\n\nCVE-2016-9798: Fixed a use-after-free in conf_opt (bsc#1013712).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2019:2915-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798"], "modified": "2019-12-16T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bluez", "p-cpe:/a:novell:suse_linux:bluez-cups", "p-cpe:/a:novell:suse_linux:bluez-cups-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debuginfo", "p-cpe:/a:novell:suse_linux:bluez-debugsource", "p-cpe:/a:novell:suse_linux:libbluetooth3", "p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2915-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130754", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2915-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130754);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/16\");\n\n script_cve_id(\"CVE-2016-9798\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2019:2915-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bluez fixes the following issue :\n\nCVE-2016-9798: Fixed a use-after-free in conf_opt (bsc#1013712).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9798/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192915-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d76e8ae0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP5:zypper in -t patch\nSUSE-SLE-WE-12-SP5-2019-2915=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-2915=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2019-2915=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-2915=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2019-2915=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-2915=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-2915=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bluez-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4/5\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"bluez-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"bluez-debuginfo-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"bluez-debugsource-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libbluetooth3-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libbluetooth3-debuginfo-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"bluez-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"bluez-debuginfo-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"bluez-debugsource-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libbluetooth3-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libbluetooth3-debuginfo-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-cups-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-cups-debuginfo-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-debuginfo-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"bluez-debugsource-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libbluetooth3-5.13-5.15.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libbluetooth3-debuginfo-5.13-5.15.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bluez\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2020-01-27T18:35:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2019-2380)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9802", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9917", "CVE-2016-9918", "CVE-2016-9798", "CVE-2016-9804"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192380", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192380", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2380\");\n script_version(\"2020-01-23T12:52:24+0000\");\n script_cve_id(\"CVE-2016-9798\", \"CVE-2016-9800\", \"CVE-2016-9801\", \"CVE-2016-9802\", \"CVE-2016-9804\", \"CVE-2016-9917\", \"CVE-2016-9918\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:52:24 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:52:24 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2019-2380)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2380\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2380\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'bluez' package(s) announced via the EulerOS-SA-2019-2380 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In BlueZ 5.42, a use-after-free was identified in 'conf_opt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9798)\n\nIn BlueZ 5.42, a buffer overflow was observed in 'pin_code_reply_dump' function in 'tools/parser/hci.c' source file. The issue exists because 'pin' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\nIn BlueZ 5.42, a buffer overflow was observed in 'set_ext_ctrl' function in 'tools/parser/l2cap.c' source file when processing corrupted dump file.(CVE-2016-9801)\n\nIn BlueZ 5.42, a buffer over-read was identified in 'l2cap_packet' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9802)\n\nIn BlueZ 5.42, a buffer overflow was observed in 'commands_dump' function in 'tools/parser/csr.c' source file. The issue exists because 'commands' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'frm-ptr' parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9804)\n\nIn BlueZ 5.42, a buffer overflow was observed in 'read_n' function in 'tools/hcidump.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9917)\n\nIn BlueZ 5.42, an out-of-bounds read was identified in 'packet_hexdump' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9918)\");\n\n script_tag(name:\"affected\", value:\"'bluez' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez\", rpm:\"bluez~5.44~4.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-libs\", rpm:\"bluez-libs~5.44~4.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:36:55", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2019-2559)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9802", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9917", "CVE-2016-9918", "CVE-2016-9798", "CVE-2016-9804"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192559", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2559\");\n script_version(\"2020-01-23T13:06:24+0000\");\n script_cve_id(\"CVE-2016-9798\", \"CVE-2016-9800\", \"CVE-2016-9801\", \"CVE-2016-9802\", \"CVE-2016-9804\", \"CVE-2016-9917\", \"CVE-2016-9918\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:06:24 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:06:24 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2019-2559)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2559\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2559\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'bluez' package(s) announced via the EulerOS-SA-2019-2559 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In BlueZ 5.42, a buffer overflow was observed in 'commands_dump' function in 'tools/parser/csr.c' source file. The issue exists because 'commands' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'frm-ptr' parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9804)\n\nIn BlueZ 5.42, a buffer overflow was observed in 'pin_code_reply_dump' function in 'tools/parser/hci.c' source file. The issue exists because 'pin' array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame 'pin_code_reply_cp *cp' parameter.(CVE-2016-9800)\n\nIn BlueZ 5.42, a buffer overflow was observed in 'read_n' function in 'tools/hcidump.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9917)\n\nIn BlueZ 5.42, a buffer overflow was observed in 'set_ext_ctrl' function in 'tools/parser/l2cap.c' source file when processing corrupted dump file.(CVE-2016-9801)\n\nIn BlueZ 5.42, a buffer over-read was identified in 'l2cap_packet' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9802)\n\nIn BlueZ 5.42, a use-after-free was identified in 'conf_opt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.(CVE-2016-9798)\n\nIn BlueZ 5.42, an out-of-bounds read was identified in 'packet_hexdump' function in 'monitor/packet.c' source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.(CVE-2016-9918)\");\n\n script_tag(name:\"affected\", value:\"'bluez' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez\", rpm:\"bluez~5.44~4.h3\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-libs\", rpm:\"bluez-libs~5.44~4.h3\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:53:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-31T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for bluez (openSUSE-SU-2019:1476-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9802", "CVE-2016-9917", "CVE-2016-9797", "CVE-2016-9798"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852526", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852526", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852526\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2016-9797\", \"CVE-2016-9798\", \"CVE-2016-9802\", \"CVE-2016-9917\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-31 02:00:43 +0000 (Fri, 31 May 2019)\");\n script_name(\"openSUSE: Security Advisory for bluez (openSUSE-SU-2019:1476-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1476-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00069.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bluez'\n package(s) announced via the openSUSE-SU-2019:1476-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for bluez fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\n - CVE-2016-9917: Fixed a heap-based buffer overflow in read_n()\n (bsc#1015171).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1476=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1476=1\");\n\n script_tag(name:\"affected\", value:\"'bluez' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez\", rpm:\"bluez~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-cups-debuginfo\", rpm:\"bluez-cups-debuginfo~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-debuginfo\", rpm:\"bluez-debuginfo~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-debugsource\", rpm:\"bluez-debugsource~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-devel\", rpm:\"bluez-devel~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-test-debuginfo\", rpm:\"bluez-test-debuginfo~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3\", rpm:\"libbluetooth3~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-debuginfo\", rpm:\"libbluetooth3-debuginfo~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-devel-32bit\", rpm:\"bluez-devel-32bit~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-32bit\", rpm:\"libbluetooth3-32bit~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-32bit-debuginfo\", rpm:\"libbluetooth3-32bit-debuginfo~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"luez-auto-enable-devices\", rpm:\"luez-auto-enable-devices~5.48~lp150.4.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T17:39:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-23T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for bluez (openSUSE-SU-2018:4259-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9800", "CVE-2016-9801"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852200", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852200", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852200\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2016-9800\", \"CVE-2016-9801\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-12-23 04:00:41 +0100 (Sun, 23 Dec 2018)\");\n script_name(\"openSUSE: Security Advisory for bluez (openSUSE-SU-2018:4259-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:4259-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00064.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bluez'\n package(s) announced via the openSUSE-SU-2018:4259-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for bluez fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2016-9800: Fixed a buffer overflow in pin_code_reply_dump function\n (bsc#1013721)\n\n - CVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl function\n (bsc#1013732)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1596=1\");\n\n script_tag(name:\"affected\", value:\"bluez on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"bluez\", rpm:\"bluez~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-cups-debuginfo\", rpm:\"bluez-cups-debuginfo~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-debuginfo\", rpm:\"bluez-debuginfo~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-debugsource\", rpm:\"bluez-debugsource~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-devel\", rpm:\"bluez-devel~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-test-debuginfo\", rpm:\"bluez-test-debuginfo~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3\", rpm:\"libbluetooth3~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-debuginfo\", rpm:\"libbluetooth3-debuginfo~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-devel-32bit\", rpm:\"bluez-devel-32bit~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-32bit\", rpm:\"libbluetooth3-32bit~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-32bit-debuginfo\", rpm:\"libbluetooth3-32bit-debuginfo~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"luez-auto-enable-devices\", rpm:\"luez-auto-enable-devices~5.48~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:51:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-13T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for bluez (openSUSE-SU-2019:1198-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9918"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852417", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852417", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852417\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2016-9918\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-13 02:00:53 +0000 (Sat, 13 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for bluez (openSUSE-SU-2019:1198-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1198-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00054.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bluez'\n package(s) announced via the openSUSE-SU-2019:1198-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for bluez fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2016-9918: Fixed a out-of-bound read in the packet_hexdump function\n (bsc#1015173)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1198=1\");\n\n script_tag(name:\"affected\", value:\"'bluez' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez\", rpm:\"bluez~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-cups-debuginfo\", rpm:\"bluez-cups-debuginfo~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-debuginfo\", rpm:\"bluez-debuginfo~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-debugsource\", rpm:\"bluez-debugsource~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-devel\", rpm:\"bluez-devel~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-test-debuginfo\", rpm:\"bluez-test-debuginfo~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3\", rpm:\"libbluetooth3~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-debuginfo\", rpm:\"libbluetooth3-debuginfo~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-auto-enable-devices\", rpm:\"bluez-auto-enable-devices~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-devel-32bit\", rpm:\"bluez-devel-32bit~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-32bit\", rpm:\"libbluetooth3-32bit~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-32bit-debuginfo\", rpm:\"libbluetooth3-32bit-debuginfo~5.48~lp150.4.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:54:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-12-01T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for bluez (openSUSE-SU-2019:2585-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9798"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852789", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852789", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852789\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2016-9798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-01 03:00:44 +0000 (Sun, 01 Dec 2019)\");\n script_name(\"openSUSE: Security Advisory for bluez (openSUSE-SU-2019:2585-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2585-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00071.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bluez'\n package(s) announced via the openSUSE-SU-2019:2585-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for bluez fixes the following issues:\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2585=1\");\n\n script_tag(name:\"affected\", value:\"'bluez' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez\", rpm:\"bluez~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-cups-debuginfo\", rpm:\"bluez-cups-debuginfo~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-debuginfo\", rpm:\"bluez-debuginfo~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-debugsource\", rpm:\"bluez-debugsource~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-devel\", rpm:\"bluez-devel~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-test-debuginfo\", rpm:\"bluez-test-debuginfo~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3\", rpm:\"libbluetooth3~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-debuginfo\", rpm:\"libbluetooth3-debuginfo~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-devel-32bit\", rpm:\"bluez-devel-32bit~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-32bit\", rpm:\"libbluetooth3-32bit~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-32bit-debuginfo\", rpm:\"libbluetooth3-32bit-debuginfo~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"luez-auto-enable-devices\", rpm:\"luez-auto-enable-devices~5.48~lp150.4.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:29:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for bluez (openSUSE-SU-2019:2588-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9798"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852809", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852809", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852809\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2016-9798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:32:50 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for bluez (openSUSE-SU-2019:2588-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2588-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00072.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bluez'\n package(s) announced via the openSUSE-SU-2019:2588-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for bluez fixes the following issues:\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2588=1\");\n\n script_tag(name:\"affected\", value:\"'bluez' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez\", rpm:\"bluez~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-cups-debuginfo\", rpm:\"bluez-cups-debuginfo~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-debuginfo\", rpm:\"bluez-debuginfo~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-debugsource\", rpm:\"bluez-debugsource~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-devel\", rpm:\"bluez-devel~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-test-debuginfo\", rpm:\"bluez-test-debuginfo~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3\", rpm:\"libbluetooth3~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-debuginfo\", rpm:\"libbluetooth3-debuginfo~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bluez-devel-32bit\", rpm:\"bluez-devel-32bit~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-32bit\", rpm:\"libbluetooth3-32bit~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libbluetooth3-32bit-debuginfo\", rpm:\"libbluetooth3-32bit-debuginfo~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"luez-auto-enable-devices\", rpm:\"luez-auto-enable-devices~5.48~lp151.8.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "A buffer overflow in pin_code_reply_dump function (CVE-2016-9800). A buffer overflow in set_ext_ctrl function (CVE-2016-9801). A buffer overflow in commands_dump function (CVE-2016-9804). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-01-30T19:39:18", "type": "mageia", "title": "Updated bluez packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9804"], "modified": "2019-01-30T19:39:18", "id": "MGASA-2019-0052", "href": "https://advisories.mageia.org/MGASA-2019-0052.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:42:01", "description": "An update that fixes four vulnerabilities is now available.\n\nDescription:\n\n This update for bluez fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).\n - CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n - CVE-2016-9917: Fixed a heap-based buffer overflow in read_n()\n (bsc#1015171).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1476=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1476=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-30T00:00:00", "type": "suse", "title": "Security update for bluez (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9797", "CVE-2016-9798", "CVE-2016-9802", "CVE-2016-9917"], "modified": "2019-05-30T00:00:00", "id": "OPENSUSE-SU-2019:1476-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XZHD5VUMX7KIQPDT63RDBFNM2PUTFJEL/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-12-23T03:50:22", "description": "This update for bluez fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2016-9800: Fixed a buffer overflow in pin_code_reply_dump function\n (bsc#1013721)\n - CVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl function\n (bsc#1013732)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-12-23T00:12:30", "type": "suse", "title": "Security update for bluez (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-9800", "CVE-2016-9801"], "modified": "2018-12-23T00:12:30", "id": "OPENSUSE-SU-2018:4259-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00064.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2022-04-18T12:42:07", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for bluez fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2016-9918: Fixed a out-of-bound read in the packet_hexdump function\n (bsc#1015173)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1198=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-12T00:00:00", "type": "suse", "title": "Security update for bluez (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9918"], "modified": "2019-04-12T00:00:00", "id": "OPENSUSE-SU-2019:1198-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NTXYHE6PGTMF25YP75XLZYTQRMVXASLS/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-06T19:35:42", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for bluez fixes the following issues:\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2585=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-11-30T00:00:00", "type": "suse", "title": "Security update for bluez (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798"], "modified": "2019-11-30T00:00:00", "id": "OPENSUSE-SU-2019:2585-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NQCMJ3S23QNDH5LYNDD7WFLMU6BHPW2H/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-06T19:35:42", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for bluez fixes the following issues:\n\n - CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2588=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-11-30T00:00:00", "type": "suse", "title": "Security update for bluez (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798"], "modified": "2019-11-30T00:00:00", "id": "OPENSUSE-SU-2019:2588-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/E5FQ643W3V2OADUIBEE2U2U7KJ3WODW7/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-11-23T06:03:30", "description": "In BlueZ 5.42, an out-of-bounds read was identified in \"packet_hexdump\" function in \"monitor/packet.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-12-08T08:59:00", "type": "debiancve", "title": "CVE-2016-9918", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9918"], "modified": "2016-12-08T08:59:00", "id": "DEBIANCVE:CVE-2016-9918", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9918", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-23T06:03:30", "description": "In BlueZ 5.42, a buffer overflow was observed in \"commands_dump\" function in \"tools/parser/csr.c\" source file. The issue exists because \"commands\" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame \"frm->ptr\" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T06:59:00", "type": "debiancve", "title": "CVE-2016-9804", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9804"], "modified": "2016-12-03T06:59:00", "id": "DEBIANCVE:CVE-2016-9804", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9804", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-23T06:03:30", "description": "In BlueZ 5.42, a buffer overflow was observed in \"read_n\" function in \"tools/hcidump.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-12-08T08:59:00", "type": "debiancve", "title": "CVE-2016-9917", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9917"], "modified": "2016-12-08T08:59:00", "id": "DEBIANCVE:CVE-2016-9917", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9917", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-23T06:03:30", "description": "In BlueZ 5.42, a buffer overflow was observed in \"set_ext_ctrl\" function in \"tools/parser/l2cap.c\" source file when processing corrupted dump file.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T06:59:00", "type": "debiancve", "title": "CVE-2016-9801", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9801"], "modified": "2016-12-03T06:59:00", "id": "DEBIANCVE:CVE-2016-9801", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9801", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-23T06:03:30", "description": "In BlueZ 5.42, a buffer over-read was identified in \"l2cap_packet\" function in \"monitor/packet.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T06:59:00", "type": "debiancve", "title": "CVE-2016-9802", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9802"], "modified": "2016-12-03T06:59:00", "id": "DEBIANCVE:CVE-2016-9802", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9802", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-23T06:03:30", "description": "In BlueZ 5.42, a use-after-free was identified in \"conf_opt\" function in \"tools/parser/l2cap.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T06:59:00", "type": "debiancve", "title": "CVE-2016-9798", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798"], "modified": "2016-12-03T06:59:00", "id": "DEBIANCVE:CVE-2016-9798", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9798", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-23T06:03:30", "description": "In BlueZ 5.42, a buffer overflow was observed in \"pin_code_reply_dump\" function in \"tools/parser/hci.c\" source file. The issue exists because \"pin\" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame \"pin_code_reply_cp *cp\" parameter.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T06:59:00", "type": "debiancve", "title": "CVE-2016-9800", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9800"], "modified": "2016-12-03T06:59:00", "id": "DEBIANCVE:CVE-2016-9800", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9800", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2021-09-02T22:52:33", "description": "In BlueZ 5.42, an out-of-bounds read was identified in \"packet_hexdump\" function in \"monitor/packet.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-12-12T14:47:56", "type": "redhatcve", "title": "CVE-2016-9918", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9918"], "modified": "2019-10-12T01:08:59", "id": "RH:CVE-2016-9918", "href": "https://access.redhat.com/security/cve/cve-2016-9918", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-02T22:52:07", "description": "In BlueZ 5.42, a buffer overflow was observed in \"commands_dump\" function in \"tools/parser/csr.c\" source file. The issue exists because \"commands\" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame \"frm->ptr\" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-12-05T14:48:00", "type": "redhatcve", "title": "CVE-2016-9804", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9804"], "modified": "2019-10-12T01:05:19", "id": "RH:CVE-2016-9804", "href": "https://access.redhat.com/security/cve/cve-2016-9804", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-02T22:52:34", "description": "In BlueZ 5.42, a buffer overflow was observed in \"read_n\" function in \"tools/hcidump.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2016-12-12T14:47:41", "type": "redhatcve", "title": "CVE-2016-9917", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9917"], "modified": "2019-12-20T12:06:31", "id": "RH:CVE-2016-9917", "href": "https://access.redhat.com/security/cve/cve-2016-9917", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-02T22:52:09", "description": "In BlueZ 5.42, a buffer overflow was observed in \"set_ext_ctrl\" function in \"tools/parser/l2cap.c\" source file when processing corrupted dump file.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-12-05T14:48:08", "type": "redhatcve", "title": "CVE-2016-9801", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9801"], "modified": "2019-10-12T01:05:17", "id": "RH:CVE-2016-9801", "href": "https://access.redhat.com/security/cve/cve-2016-9801", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-02T22:52:08", "description": "In BlueZ 5.42, a buffer over-read was identified in \"l2cap_packet\" function in \"monitor/packet.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-12-05T14:48:24", "type": "redhatcve", "title": "CVE-2016-9802", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9802"], "modified": "2019-10-12T01:05:16", "id": "RH:CVE-2016-9802", "href": "https://access.redhat.com/security/cve/cve-2016-9802", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-02T22:52:08", "description": "In BlueZ 5.42, a use-after-free was identified in \"conf_opt\" function in \"tools/parser/l2cap.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-12-05T14:17:37", "type": "redhatcve", "title": "CVE-2016-9798", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798"], "modified": "2019-10-12T01:05:06", "id": "RH:CVE-2016-9798", "href": "https://access.redhat.com/security/cve/cve-2016-9798", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-02T22:52:09", "description": "In BlueZ 5.42, a buffer overflow was observed in \"pin_code_reply_dump\" function in \"tools/parser/hci.c\" source file. The issue exists because \"pin\" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame \"pin_code_reply_cp *cp\" parameter.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-12-05T14:17:24", "type": "redhatcve", "title": "CVE-2016-9800", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9800"], "modified": "2019-10-12T01:05:11", "id": "RH:CVE-2016-9800", "href": "https://access.redhat.com/security/cve/cve-2016-9800", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:07:20", "description": "In BlueZ 5.42, an out-of-bounds read was identified in \"packet_hexdump\"\nfunction in \"monitor/packet.c\" source file. This issue can be triggered by\nprocessing a corrupted dump file and will result in btmon crash.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847837>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | as of 2020-02-07, appears unfixed crash in hcidump command line tool only\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-12-08T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9918", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9918"], "modified": "2016-12-08T00:00:00", "id": "UB:CVE-2016-9918", "href": "https://ubuntu.com/security/CVE-2016-9918", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:07:24", "description": "In BlueZ 5.42, a buffer overflow was observed in \"commands_dump\" function\nin \"tools/parser/csr.c\" source file. The issue exists because \"commands\"\narray is overflowed by supplied parameter due to lack of boundary checks on\nsize of the buffer from frame \"frm->ptr\" parameter. This issue can be\ntriggered by processing a corrupted dump file and will result in hcidump\ncrash.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847837>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | as of 2020-02-07, appears unfixed crash in hcidump command line tool only\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9804", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9804"], "modified": "2016-12-03T00:00:00", "id": "UB:CVE-2016-9804", "href": "https://ubuntu.com/security/CVE-2016-9804", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:07:20", "description": "In BlueZ 5.42, a buffer overflow was observed in \"read_n\" function in\n\"tools/hcidump.c\" source file. This issue can be triggered by processing a\ncorrupted dump file and will result in hcidump crash.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847837>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | as of 2020-02-07, appears unfixed crash in hcidump command line tool only\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-12-08T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9917", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9917"], "modified": "2016-12-08T00:00:00", "id": "UB:CVE-2016-9917", "href": "https://ubuntu.com/security/CVE-2016-9917", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:18:14", "description": "In BlueZ 5.42, a buffer overflow was observed in \"set_ext_ctrl\" function in\n\"tools/parser/l2cap.c\" source file when processing corrupted dump file.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847837>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | as of 2020-02-07, appears unfixed crash in hcidump command line tool only\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9801", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9801"], "modified": "2016-12-03T00:00:00", "id": "UB:CVE-2016-9801", "href": "https://ubuntu.com/security/CVE-2016-9801", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:07:26", "description": "In BlueZ 5.42, a buffer over-read was identified in \"l2cap_packet\" function\nin \"monitor/packet.c\" source file. This issue can be triggered by\nprocessing a corrupted dump file and will result in btmon crash.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847837>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | as of 2020-02-07, appears unfixed crash in hcidump command line tool only\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9802", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9802"], "modified": "2016-12-03T00:00:00", "id": "UB:CVE-2016-9802", "href": "https://ubuntu.com/security/CVE-2016-9802", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:07:25", "description": "In BlueZ 5.42, a use-after-free was identified in \"conf_opt\" function in\n\"tools/parser/l2cap.c\" source file. This issue can be triggered by\nprocessing a corrupted dump file and will result in hcidump crash.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847837>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | as of 2020-02-07, appears unfixed crash in hcidump command line tool only\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9798", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798"], "modified": "2016-12-03T00:00:00", "id": "UB:CVE-2016-9798", "href": "https://ubuntu.com/security/CVE-2016-9798", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:18:13", "description": "In BlueZ 5.42, a buffer overflow was observed in \"pin_code_reply_dump\"\nfunction in \"tools/parser/hci.c\" source file. The issue exists because\n\"pin\" array is overflowed by supplied parameter due to lack of boundary\nchecks on size of the buffer from frame \"pin_code_reply_cp *cp\" parameter.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847837>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | as of 2020-02-07, appears unfixed crash in hcidump command line tool only\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9800", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9800"], "modified": "2016-12-03T00:00:00", "id": "UB:CVE-2016-9800", "href": "https://ubuntu.com/security/CVE-2016-9800", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2023-02-09T14:23:33", "description": "In BlueZ 5.42, an out-of-bounds read was identified in \"packet_hexdump\" function in \"monitor/packet.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-12-08T08:59:00", "type": "cve", "title": "CVE-2016-9918", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9918"], "modified": "2019-04-12T13:29:00", "cpe": ["cpe:/a:bluez_project:bluez:5.42"], "id": "CVE-2016-9918", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9918", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:bluez_project:bluez:5.42:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:18", "description": "In BlueZ 5.42, a buffer overflow was observed in \"commands_dump\" function in \"tools/parser/csr.c\" source file. The issue exists because \"commands\" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame \"frm->ptr\" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T06:59:00", "type": "cve", "title": "CVE-2016-9804", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9804"], "modified": "2016-12-07T19:29:00", "cpe": ["cpe:/a:bluez:bluez:5.42"], "id": "CVE-2016-9804", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9804", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:bluez:bluez:5.42:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:33", "description": "In BlueZ 5.42, a buffer overflow was observed in \"read_n\" function in \"tools/hcidump.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-12-08T08:59:00", "type": "cve", "title": "CVE-2016-9917", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9917"], "modified": "2019-12-19T17:46:00", "cpe": ["cpe:/a:bluez:bluez:5.42"], "id": "CVE-2016-9917", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9917", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:bluez:bluez:5.42:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:17", "description": "In BlueZ 5.42, a buffer overflow was observed in \"set_ext_ctrl\" function in \"tools/parser/l2cap.c\" source file when processing corrupted dump file.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T06:59:00", "type": "cve", "title": "CVE-2016-9801", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9801"], "modified": "2016-12-07T19:32:00", "cpe": ["cpe:/a:bluez:bluez:5.42"], "id": "CVE-2016-9801", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9801", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:bluez:bluez:5.42:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:18", "description": "In BlueZ 5.42, a buffer over-read was identified in \"l2cap_packet\" function in \"monitor/packet.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T06:59:00", "type": "cve", "title": "CVE-2016-9802", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9802"], "modified": "2019-05-30T14:29:00", "cpe": ["cpe:/a:bluez:bluez:5.42"], "id": "CVE-2016-9802", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9802", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:bluez:bluez:5.42:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:19", "description": "In BlueZ 5.42, a use-after-free was identified in \"conf_opt\" function in \"tools/parser/l2cap.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T06:59:00", "type": "cve", "title": "CVE-2016-9798", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9798"], "modified": "2019-05-30T14:29:00", "cpe": ["cpe:/a:bluez:bluez:5.42"], "id": "CVE-2016-9798", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9798", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:bluez:bluez:5.42:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:17", "description": "In BlueZ 5.42, a buffer overflow was observed in \"pin_code_reply_dump\" function in \"tools/parser/hci.c\" source file. The issue exists because \"pin\" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame \"pin_code_reply_cp *cp\" parameter.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-03T06:59:00", "type": "cve", "title": "CVE-2016-9800", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9800"], "modified": "2016-12-07T19:32:00", "cpe": ["cpe:/a:bluez:bluez:5.42"], "id": "CVE-2016-9800", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9800", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:bluez:bluez:5.42:*:*:*:*:*:*:*"]}], "avleonov": [{"lastseen": "2022-12-30T20:09:45", "description": "Hello everyone! Great news for my open source [Scanvus](<https://github.com/leonov-av/scanvus>) project! You can now perform vulnerability checks on Linux hosts and docker images not only using the [Vulners.com API](<https://vulners.com/docs/API_wrapper/linux_audit/>), but also with the [Vulns.io VM API](<https://vulns.io/>). It's especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. I just had to do the final test. Many thanks to them for this!\n\nAlternative video link (for Russia): <https://vk.com/video-149273431_456239113>\n\n## How can the support of these two APIs in Scanvus be useful?\n\n 1. Now there is no binding to one vendor. Choose which service and price you prefer.\n 2. The set of supported operating systems varies between Vulners.com and Vulns.io. If a particular Linux distribution is not supported by one vendor, it may be supported by another vendor.\n 3. Vulners and Vulns.io implemented vulnerability checks independently of each other. If the results differ when scanning the same host/image, then implementation errors will be clearly visible.\n 4. Scanvus is released under the MIT license, so you can use it as an example of working with the Vulners.com and Vulns.io APIs and use this code in your projects.\n\n## How to use it?\n\nBasically, everything works exactly the same. You only need to specify the API you want to use in the -audit-service parameter. This can be "vulners" (default) or "vulnsio".\n\n### Localhost\n\nTo begin, I scanned my localhost. This is a completely updated Ubuntu host. Vulners and Vulns.io did not detect security bulletin vulnerabilities there. And this is correct.\n\nVulners did not detect any vulnerabilities at all.\n \n \n $ python3.8 scanvus.py --audit-service vulners --assessment-type localhost\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: localhost\n host: localhost\n Getting OS inventory data...\n os_name: ubuntu\n os_version: 20.04\n package_list_len: 2899\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for localhost (localhost, ubuntu 20.04, linux kernel 5.4.0-135-generic, 2899 packages)\n 0 vulnerabilities were found\n \n\nAnd Vulns.io detected some vulnerabilities.\n \n \n $ python3.8 scanvus.py --audit-service vulnsio --assessment-type localhost\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: localhost\n host: localhost\n Getting OS inventory data...\n os_name: ubuntu\n os_version: 20.04\n package_list_len: 2899\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for localhost (localhost, ubuntu 20.04, linux kernel 5.4.0-135-generic, 2899 packages)\n 3 vulnerabilities with levels ['Medium', 'Critical', 'High'] were found\n +---+----------+-------------+------------------+-------------------------------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +---+----------+-------------+------------------+-------------------------------------------------------------------------------+\n | 1 | Critical | no advisory | CVE-2021-21783 | apparmor-2.13.3-7ubuntu5.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2207 | libapparmor1-2.13.3-7ubuntu5.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-12390 | libapparmor1-2.13.3-7ubuntu5.1.i386 >= 0:0.0.0 |\n | | | | CVE-2021-3773 | chromium-codecs-ffmpeg-extra-1:85.0.4183.83-0ubuntu0.20.04.2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-25236 | gstreamer1.0-libav-1.16.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-24791 | libqt5webengine-data-5.12.8+dfsg-0ubuntu1.1.all >= 0:0.0.0 |\n | | | | CVE-2019-15232 | libqt5webengine5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-26972 | libqt5webenginecore5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-12389 | libqt5webenginewidgets5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2042 | firefox-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-13576 | firefox-locale-en-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-23852 | firefox-locale-ru-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1253 | thunderbird-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-29462 | thunderbird-gnome-support-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-30475 | thunderbird-locale-en-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n ...\n \n\nWhy? Because Vulners and Vulns.io work differently. Vulners only detects vulnerabilities mentioned in bulletins, while Vulns.io also shows vulnerabilities for which there are no bulletins and patches that fix the vulnerability. Such vulnerabilities are grouped by severity with "no advisory" instead of a bulletin identifier. Whether you want to see vulnerabilities that you can't fix yet is up to you.\n\n### Linux host\n\nNext, I scanned a test upatched Debian 11 host.\n \n \n $ ssh-copy-id -i ~/.ssh/id_rsa.pub vmuser@192.168.56.105\n $ ssh -i ~/.ssh/id_rsa.pub vmuser@192.168.56.105\n\nIn this case, vulnerabilities related to security bulletins were detected. And there are not many of them, so the reports can be easily analyzed manually.\n \n \n $ python3.8 scanvus.py --audit-service \"vulners\" --assessment-type \"remote_ssh\" --host \"192.168.56.105\" --user-name \"vmuser\" --key-path \"/home/alexander/.ssh/id_rsa.pub\"\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: remote_ssh\n host: 192.168.56.105\n user_name: vmuser\n key_path: /home/alexander/.ssh/id_rsa.pub\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 364\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for 192.168.56.105 (remote_ssh, debian 11, linux kernel 5.10.0-17-amd64, 364 packages)\n 3 vulnerabilities with levels ['High', 'Medium'] were found\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | 1 | High | DEBIAN:DLA-3152-1:9B676 | CVE-2016-10228 | libc-bin 2.31-13+deb11u3 amd64 < 2.31-13+deb11u4 |\n | | | | CVE-2019-19126 | libc6 2.31-13+deb11u3 amd64 < 2.31-13+deb11u4 |\n | | | | CVE-2019-25013 | locales 2.31-13+deb11u3 all < 2.31-13+deb11u4 |\n | | | | CVE-2020-10029 | libc-l10n 2.31-13+deb11u3 all < 2.31-13+deb11u4 |\n | | | | CVE-2020-1752 | |\n | | | | CVE-2020-27618 | |\n | | | | CVE-2020-6096 | |\n | | | | CVE-2021-27645 | |\n | | | | CVE-2021-3326 | |\n | | | | CVE-2021-33574 | |\n | | | | CVE-2021-35942 | |\n | | | | CVE-2021-3999 | |\n | | | | CVE-2022-23218 | |\n | | | | CVE-2022-23219 | |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | 2 | Medium | DEBIAN:DLA-3206-1:5481E | CVE-2019-14870 | krb5-locales 1.18.3-6+deb11u1 all < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-3671 | libkrb5-3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libk5crypto3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libkrb5support0 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | libgssapi-krb5-2 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-42898 | |\n | | | | CVE-2022-44640 | |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | 3 | Medium | DEBIAN:DSA-5287-1:12BD4 | CVE-2021-3671 | krb5-locales 1.18.3-6+deb11u1 all < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libkrb5-3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libk5crypto3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | libkrb5support0 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-42898 | libgssapi-krb5-2 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-44640 | |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n \n \n \n $ python3.8 scanvus.py --audit-service \"vulnsio\" --assessment-type \"remote_ssh\" --host \"192.168.56.105\" --user-name \"vmuser\" --key-path \"/home/alexander/.ssh/id_rsa.pub\"\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: remote_ssh\n host: 192.168.56.105\n user_name: vmuser\n key_path: /home/alexander/.ssh/id_rsa.pub\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 364\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for 192.168.56.105 (remote_ssh, debian 11, linux kernel 5.10.0-17-amd64, 364 packages)\n 7 vulnerabilities with levels ['Medium', 'Critical', 'High'] were found\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 1 | Critical | DSA-5236-1 | CVE-2022-40674 | libexpat1-2.2.10-2+deb11u3.amd64 < 0:2.2.10-2+deb11u4 |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 2 | Critical | no advisory | CVE-2022-23303 | apparmor-2.13.6-10.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45952 | libapparmor1-2.13.6-10.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3491 | bluetooth-5.55-3.1.all >= 0:0.0.0 |\n | | | | CVE-2020-27619 | bluez-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-43400 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-29921 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-37454 | dnsmasq-base-2.85-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010022 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2005-2541 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2021-45957 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-46908 | locales-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2021-42377 | libdb5.3-5.3.28+dfsg1-0.8.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-46848 | libpcre2-8-0-10.36-2.amd64 < 0:10.36-2+deb11u1 |\n | | | | CVE-2022-23304 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-8457 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2210 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2042 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1586 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45954 | libtasn1-6-4.16.0-2.amd64 < 0:4.16.0-2+deb11u1 |\n | | | | CVE-2022-1587 | tar-1.34+dfsg-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45953 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2016-1585 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45955 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45956 | wpasupplicant-2:2.9.0-21.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45951 | |\n | | | | CVE-2015-20107 | |\n | | | | CVE-2022-2207 | |\n | | | | CVE-2022-0318 | |\n | | | | CVE-2022-1927 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 3 | High | DSA-5207-1 | CVE-2022-26373 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 < 0:5.10.136-1 |\n | | | | CVE-2022-2585 | |\n | | | | CVE-2022-23816 | |\n | | | | CVE-2022-2588 | |\n | | | | CVE-2022-29901 | |\n | | | | CVE-2022-36946 | |\n | | | | CVE-2022-2586 | |\n | | | | CVE-2022-29900 | |\n | | | | CVE-2022-36879 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 4 | High | DSA-5235-1 | CVE-2022-3080 | bind9-dnsutils-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 |\n | | | | CVE-2022-38177 | bind9-host-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 |\n | | | | CVE-2022-2795 | bind9-libs-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 |\n | | | | CVE-2022-38178 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 5 | High | no advisory | CVE-2022-1616 | bash-completion-1:2.11-2.all >= 0:0.0.0 |\n | | | | CVE-2022-31782 | bluetooth-5.55-3.1.all >= 0:0.0.0 |\n | | | | CVE-2022-0361 | bluez-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-15778 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3534 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-28831 | cpio-2.13+dfsg-4.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-43680 | dnsmasq-base-2.85-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-43551 | e2fsprogs-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0629 | libcom-err2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2284 | libext2fs2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4173 | libss2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0729 | logsave-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3999 | grub-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-2206 | grub-pc-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2021-3903 | grub-pc-bin-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-1733 | grub2-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-1851 | iptables-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-19378 | libip4tc2-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-9918 | libip6tc2-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42385 | libxtables12-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2581 | krb5-locales-1.18.3-6+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2021-42384 | libgssapi-krb5-2-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-39537 | libk5crypto3-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42919 | libkrb5-3-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3973 | libkrb5support0-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2129 | libbpf0-1:0.3-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4136 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-15131 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2022-3176 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2344 | locales-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2021-3697 | libcurl3-gnutls-7.74.0-1.3+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-7246 | libexpat1-2.2.10-2+deb11u3.amd64 < 0:2.2.10-2+deb11u5 |\n | | | | CVE-2020-26560 | libfreetype6-2.10.4+dfsg-1+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-26559 | libgcrypt20-1.8.7-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-39686 | libjansson4-2.13.1-1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1247 | libldap-2.4-2-2.4.57+dfsg-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42382 | libldap-common-2.4.57+dfsg-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2017-17740 | libncurses6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-36325 | libncursesw6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2257 | libtinfo6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1154 | ncurses-base-6.2+20201114-2.all >= 0:0.0.0 |\n | | | | CVE-2022-0392 | ncurses-bin-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3297 | ncurses-term-6.2+20201114-2.all >= 0:0.0.0 |\n | | | | CVE-2021-4192 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2287 | libperl5.32-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0408 | perl-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2571 | perl-base-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0393 | perl-modules-5.32-5.32.1-4+deb11u2.all >= 0:0.0.0 |\n | | | | CVE-2022-1619 | libpolkit-agent-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-7245 | libpolkit-gobject-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2345 | policykit-1-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1886 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4204 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0943 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2264 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0359 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0572 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0391 | linux-image-5.10.0-17-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-11164 | linux-image-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0413 | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3974 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1769 | openssh-client-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42378 | openssh-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0554 | openssh-sftp-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2175 | python3-httplib2-0.18.1-3.all >= 0:0.0.0 |\n | | | | CVE-2022-0685 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2022-1621 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-36690 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010023 | xdg-user-dirs-0.17-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2946 | |\n | | | | CVE-2018-20796 | |\n | | | | CVE-2021-38185 | |\n | | | | CVE-2018-6829 | |\n | | | | CVE-2022-3424 | |\n | | | | CVE-2021-21240 | |\n | | | | CVE-2022-1735 | |\n | | | | CVE-2022-0204 | |\n | | | | CVE-2019-9192 | |\n | | | | CVE-2016-9917 | |\n | | | | CVE-2022-2849 | |\n | | | | CVE-2022-2304 | |\n | | | | CVE-2022-0407 | |\n | | | | CVE-2021-3737 | |\n | | | | CVE-2022-2602 | |\n | | | | CVE-2022-1898 | |\n | | | | CVE-2022-2845 | |\n | | | | CVE-2022-0417 | |\n | | | | CVE-2022-1882 | |\n | | | | CVE-2013-7445 | |\n | | | | CVE-2019-20838 | |\n | | | | CVE-2021-42386 | |\n | | | | CVE-2022-2289 | |\n | | | | CVE-2022-1304 | |\n | | | | CVE-2022-2889 | |\n | | | | CVE-2022-1629 | |\n | | | | CVE-2021-41617 | |\n | | | | CVE-2022-2183 | |\n | | | | CVE-2022-0351 | |\n | | | | CVE-2020-11725 | |\n | | | | CVE-2021-4166 | |\n | | | | CVE-2022-2817 | |\n | | | | CVE-2020-26557 | |\n | | | | CVE-2022-29458 | |\n | | | | CVE-2021-3968 | |\n | | | | CVE-2022-25265 | |\n | | | | CVE-2019-19070 | |\n | | | | CVE-2021-4037 | |\n | | | | CVE-2019-12456 | |\n | | | | CVE-2019-19882 | |\n | | | | CVE-2021-33560 | |\n | | | | CVE-2022-2522 | |\n | | | | CVE-2022-2182 | |\n | | | | CVE-2012-2663 | |\n | | | | CVE-2022-1796 | |\n | | | | CVE-2022-2862 | |\n | | | | CVE-2022-2286 | |\n | | | | CVE-2020-16156 | |\n | | | | CVE-2022-1942 | |\n | | | | CVE-2022-1679 | |\n | | | | CVE-2021-26934 | |\n | | | | CVE-2018-1000500 | |\n | | | | CVE-2008-4609 | |\n | | | | CVE-2019-19449 | |\n | | | | CVE-2021-42381 | |\n | | | | CVE-2022-0368 | |\n | | | | CVE-2022-1720 | |\n | | | | CVE-2022-2125 | |\n | | | | CVE-2021-3847 | |\n | | | | CVE-2022-4139 | |\n | | | | CVE-2022-4378 | |\n | | | | CVE-2022-1620 | |\n | | | | CVE-2021-3872 | |\n | | | | CVE-2022-2126 | |\n | | | | CVE-2022-0934 | |\n | | | | CVE-2021-3928 | |\n | | | | CVE-2022-2000 | |\n | | | | CVE-2021-42383 | |\n | | | | CVE-2022-2816 | |\n | | | | CVE-2021-3984 | |\n | | | | CVE-2019-19814 | |\n | | | | CVE-2022-28733 | |\n | | | | CVE-2021-3927 | |\n | | | | CVE-2020-12362 | |\n | | | | CVE-2018-5709 | |\n | | | | CVE-2011-4116 | |\n | | | | CVE-2022-35737 | |\n | | | | CVE-2022-30065 | |\n | | | | CVE-2022-28734 | |\n | | | | CVE-2018-7738 | |\n | | | | CVE-2021-4187 | |\n | | | | CVE-2021-4069 | |\n | | | | CVE-2016-2568 | |\n | | | | CVE-2022-2343 | |\n | | | | CVE-2021-32078 | |\n | | | | CVE-2021-28861 | |\n | | | | CVE-2021-42380 | |\n | | | | CVE-2022-2819 | |\n | | | | CVE-2022-1785 | |\n | | | | CVE-2021-3864 | |\n | | | | CVE-2022-0443 | |\n | | | | CVE-2022-2124 | |\n | | | | CVE-2021-4019 | |\n | | | | CVE-2022-1968 | |\n | | | | CVE-2022-28391 | |\n | | | | CVE-2022-0500 | |\n | | | | CVE-2022-3775 | |\n | | | | CVE-2022-1897 | |\n | | | | CVE-2022-0261 | |\n | | | | CVE-2021-42379 | |\n | | | | CVE-2022-2285 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 6 | Medium | DSA-5251-1 | CVE-2022-2929 | isc-dhcp-client-4.4.1-2.3.amd64 < 0:4.4.1-2.3+deb11u1 |\n | | | | CVE-2022-2928 | isc-dhcp-common-4.4.1-2.3.amd64 < 0:4.4.1-2.3+deb11u1 |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 7 | Medium | no advisory | CVE-2019-12380 | avahi-autoipd-0.8-5.amd64 < 0:0.8-5+deb11u1 |\n | | | | CVE-2021-42376 | bash-5.1-2+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-16234 | bluetooth-5.55-3.1.all >= 0:0.0.0 |\n | | | | CVE-2022-3586 | bluez-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-5367 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1674 | bsdextrautils-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-31879 | bsdutils-1:2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-15919 | eject-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1771 | fdisk-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-36516 | libblkid1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1280 | libfdisk1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3669 | libmount1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-5321 | libsmartcols1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2007-6755 | libuuid1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-15719 | mount-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42374 | util-linux-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-28736 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-9804 | coreutils-8.32-4+b1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42375 | grub-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2021-3696 | grub-pc-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2018-17977 | grub-pc-bin-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-0156 | grub2-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-3542 | initramfs-tools-0.140.all >= 0:0.0.0 |\n | | | | CVE-2016-9799 | initramfs-tools-core-0.140.all >= 0:0.0.0 |\n | | | | CVE-2011-3389 | krb5-locales-1.18.3-6+deb11u1.all < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2020-26555 | libgssapi-krb5-2-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2019-16229 | libk5crypto3-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2020-24504 | libkrb5-3-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2017-16231 | libkrb5support0-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2021-4193 | libbpf0-1:0.3-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2874 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2012-4542 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2022-3715 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2013-4235 | locales-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2016-9798 | libcurl3-gnutls-7.74.0-1.3+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-0347 | libexpat1-2.2.10-2+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-22923 | libglib2.0-0-2.66.8-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-14159 | libglib2.0-data-2.66.8-1.all >= 0:0.0.0 |\n | | | | CVE-2021-3468 | libgnutls30-3.7.1-5+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-5366 | libldap-2.4-2-2.4.57+dfsg-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2012-0039 | libldap-common-2.4.57+dfsg-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2020-14145 | libnss-systemd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-18018 | libpam-systemd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-4415 | libsystemd0-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-44879 | libudev1-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3502 | systemd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-4095 | systemd-sysv-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1420 | systemd-timesyncd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-3709 | udev-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-15794 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0213 | libpng16-16-1.6.37-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42328 | libpolkit-agent-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42329 | libpolkit-gobject-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42898 | policykit-1-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2015-3276 | libprotobuf-c1-1.3.3-1+b2.amd64 >= 0:0.0.0 |\n | | | | CVE-2011-4917 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-4756 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4189 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-16233 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2231 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4214 | libssl1.1-1.1.1n-0+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2014-9892 | openssl-1.1.1n-0+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-4677 | libxml2-2.9.10+dfsg-6.7+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-4996 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-12364 | linux-image-5.10.0-17-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2598 | linux-image-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-1000382 | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3426 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-0928 | openssh-client-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2097 | openssh-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-13084 | openssh-sftp-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-5135 | os-prober-1.79.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-9803 | ppp-2.4.9-1+1.amd64 >= 0:0.0.0 |\n | | | | CVE-2015-3243 | rsyslog-8.2102.0-2+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-0630 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2007-2768 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45941 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-10723 | wget-1.21-1+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3857 | wpasupplicant-2:2.9.0-21.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3658 | |\n | | | | CVE-2020-26142 | |\n | | | | CVE-2022-2208 | |\n | | | | CVE-2022-2873 | |\n | | | | CVE-2021-45346 | |\n | | | | CVE-2022-4662 | |\n | | | | CVE-2022-0714 | |\n | | | | CVE-2021-4023 | |\n | | | | CVE-2007-5686 | |\n | | | | CVE-2019-6129 | |\n | | | | CVE-2022-3061 | |\n | | | | CVE-2022-0171 | |\n | | | | CVE-2020-12363 | |\n | | | | CVE-2022-33070 | |\n | | | | CVE-2017-13694 | |\n | | | | CVE-2021-3714 | |\n | | | | CVE-2022-1184 | |\n | | | | CVE-2020-26143 | |\n | | | | CVE-2019-1010025 | |\n | | | | CVE-2020-13529 | |\n | | | | CVE-2019-16089 | |\n | | | | CVE-2022-0563 | |\n | | | | CVE-2019-15213 | |\n | | | | CVE-2019-12379 | |\n | | | | CVE-2014-9900 | |\n | | | | CVE-2022-2923 | |\n | | | | CVE-2019-5062 | |\n | | | | CVE-2021-30004 | |\n | | | | CVE-2016-9797 | |\n | | | | CVE-2016-9801 | |\n | | | | CVE-2017-13693 | |\n | | | | CVE-2007-2243 | |\n | | | | CVE-2019-6110 | |\n | | | | CVE-2022-0696 | |\n | | | | CVE-2019-12381 | |\n | | | | CVE-2021-4115 | |\n | | | | CVE-2019-16231 | |\n | | | | CVE-2019-12382 | |\n | | | | CVE-2022-3344 | |\n | | | | CVE-2020-14304 | |\n | | | | CVE-2022-23825 | |\n | | | | CVE-2019-12455 | |\n | | | | CVE-2004-0230 | |\n | | | | CVE-2022-3707 | |\n | | | | CVE-2019-16230 | |\n | | | | CVE-2019-1010024 | |\n | | | | CVE-2020-26140 | |\n | | | | CVE-2016-20012 | |\n | | | | CVE-2021-22922 | |\n | | | | CVE-2021-3759 | |\n | | | | CVE-2022-0480 | |\n | | | | CVE-2011-4916 | |\n | | | | CVE-2005-3660 | |\n | | | | CVE-2010-4563 | |\n | | | | CVE-2016-8660 | |\n | | | | CVE-2008-3234 | |\n | | | | CVE-2013-0340 | |\n | | | | CVE-2019-20794 | |\n | | | | CVE-2016-2781 | |\n | | | | CVE-2019-16232 | |\n | | | | CVE-2021-33061 | |\n | | | | CVE-2022-3628 | |\n | | | | CVE-2018-12928 | |\n | | | | CVE-2022-28735 | |\n | | | | CVE-2018-1121 | |\n | | | | CVE-2022-1462 | |\n | | | | CVE-2022-43552 | |\n | | | | CVE-2016-9800 | |\n | | | | CVE-2019-12378 | |\n | | | | CVE-2021-4149 | |\n | | | | CVE-2011-4915 | |\n | | | | CVE-2020-15802 | |\n | | | | CVE-2021-45940 | |\n | | | | CVE-2022-2153 | |\n | | | | CVE-2022-4543 | |\n | | | | CVE-2021-41229 | |\n | | | | CVE-2008-2544 | |\n | | | | CVE-2016-9802 | |\n | | | | CVE-2022-3606 | |\n | | | | CVE-2022-0400 | |\n | | | | CVE-2022-0319 | |\n | | | | CVE-2022-21505 | |\n | | | | CVE-2021-3733 | |\n | | | | CVE-2021-42373 | |\n | | | | CVE-2021-3695 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n \n\nAnd we can see that the APIs returned different detection results for the DSA/DLA bulletins. The intersection of the sets is empty.\n \n \n **Vulners \u2216 VulnsIO:** 3 {'DLA-3206-1', 'DSA-5287-1', 'DLA-3152-1'}\n **Vulners \u2229 VulnsIO:** 0 set()\n **VulnsIO \u2216 Vulners:** 4 {'DSA-5207-1', 'DSA-5235-1', 'DSA-5236-1', 'DSA-5251-1'}\n\nAt the same time, proofs look convincing at first glance. In this episode, I won't go into why there is such a difference in Debian vulnerability detection results. Perhaps the answer is in the operation of the API, and perhaps in the collection of data from the host. I think we will solve this with colleagues from Vulners and Vulns.io. I'm just pointing out again that vulnerability detection is not that easy and it's good when you can use several independent detection engines and compare the results.\n\n### Docker image \n\nNext, I check the vulnerabilities for the Docker image. It is also based on Debian 11.\n \n \n $ python3.8 scanvus.py --audit-service vulners --assessment-type \"docker_image\" --docker-image \"python:3.9.6-slim-bullseye\"\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: docker_image\n docker_image: python:3.9.6-slim-bullseye\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 105\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for python:3.9.6-slim-bullseye (docker_image, debian 11, linux kernel 5.4.0-135-generic, 105 packages)\n 22 vulnerabilities with levels ['Critical', 'High', 'Medium'] were found\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 1 | Critical | DEBIAN:DLA-2904-1:6B1FD | CVE-2021-45960 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 |\n | | | | CVE-2021-46143 | |\n | | | | CVE-2022-22822 | |\n | | | | CVE-2022-22823 | |\n | | | | CVE-2022-22824 | |\n | | | | CVE-2022-22825 | |\n | | | | CVE-2022-22826 | |\n | | | | CVE-2022-22827 | |\n | | | | CVE-2022-23852 | |\n | | | | CVE-2022-23990 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 2 | Critical | DEBIAN:DLA-3008-1:E2717 | CVE-2022-1292 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 3 | Critical | DEBIAN:DSA-5073-1:5DBA9 | CVE-2021-45960 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 |\n | | | | CVE-2021-46143 | |\n | | | | CVE-2022-22822 | |\n | | | | CVE-2022-22823 | |\n | | | | CVE-2022-22824 | |\n | | | | CVE-2022-22825 | |\n | | | | CVE-2022-22826 | |\n | | | | CVE-2022-22827 | |\n | | | | CVE-2022-23852 | |\n | | | | CVE-2022-23990 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 4 | Critical | DEBIAN:DSA-5139-1:0E208 | CVE-2022-1292 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 5 | Critical | DEBIAN:DSA-5169-1:87483 | CVE-2022-2068 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u3 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u3 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 6 | High | DEBIAN:DLA-2935-1:EEAAD | CVE-2022-23852 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 |\n | | | | CVE-2022-25235 | |\n | | | | CVE-2022-25236 | |\n | | | | CVE-2022-25313 | |\n | | | | CVE-2022-25315 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 7 | High | DEBIAN:DLA-3022-1:26EFE | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 8 | High | DEBIAN:DLA-3152-1:9B676 | CVE-2016-10228 | libc-bin 2.31-13 amd64 < 2.31-13+deb11u3 |\n | | | | CVE-2019-19126 | libc6 2.31-13 amd64 < 2.31-13+deb11u3 |\n | | | | CVE-2019-25013 | |\n | | | | CVE-2020-10029 | |\n | | | | CVE-2020-1752 | |\n | | | | CVE-2020-27618 | |\n | | | | CVE-2020-6096 | |\n | | | | CVE-2021-27645 | |\n | | | | CVE-2021-3326 | |\n | | | | CVE-2021-33574 | |\n | | | | CVE-2021-35942 | |\n | | | | CVE-2021-3999 | |\n | | | | CVE-2022-23218 | |\n | | | | CVE-2022-23219 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 9 | High | DEBIAN:DSA-4963-1:90BFC | CVE-2021-3711 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | CVE-2021-3712 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 10 | High | DEBIAN:DSA-4963-1:DA7BC | CVE-2021-3711 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | CVE-2021-3712 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 11 | High | DEBIAN:DSA-5085-1:EC5E7 | CVE-2022-25235 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u2 |\n | | | | CVE-2022-25236 | |\n | | | | CVE-2022-25313 | |\n | | | | CVE-2022-25314 | |\n | | | | CVE-2022-25315 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 12 | High | DEBIAN:DSA-5085-2:292DA | CVE-2022-25236 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u3 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 13 | High | DEBIAN:DSA-5147-1:638F9 | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 14 | Medium | DEBIAN:DLA-2766-1:9EFDC | CVE-2021-3712 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 15 | Medium | DEBIAN:DLA-2771-1:D1964 | CVE-2018-20217 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n | | | | CVE-2018-5729 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n | | | | CVE-2018-5730 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n | | | | CVE-2021-37750 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 16 | Medium | DEBIAN:DLA-2774-1:D8CE0 | CVE-2021-3712 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 17 | Medium | DEBIAN:DLA-2952-1:7651B | CVE-2019-1551 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n | | | | CVE-2022-0778 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 18 | Medium | DEBIAN:DLA-2953-1:551CB | CVE-2022-0778 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 19 | Medium | DEBIAN:DLA-3206-1:5481E | CVE-2019-14870 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-3671 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | |\n | | | | CVE-2022-42898 | |\n | | | | CVE-2022-44640 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 20 | Medium | DEBIAN:DSA-5103-1:C47DD | CVE-2021-4160 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n | | | | CVE-2022-0778 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 21 | Medium | DEBIAN:DSA-5174-1:32717 | CVE-2022-34903 | gpgv 2.2.27-2 amd64 < 2.2.27-2+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 22 | Medium | DEBIAN:DSA-5287-1:12BD4 | CVE-2021-3671 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-42898 | |\n | | | | CVE-2022-44640 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n \n \n \n $ python3.8 scanvus.py --audit-service vulnsio --assessment-type \"docker_image\" --docker-image \"python:3.9.6-slim-bullseye\" \n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: docker_image\n docker_image: python:3.9.6-slim-bullseye\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 105\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for python:3.9.6-slim-bullseye (docker_image, debian 11, linux kernel 5.4.0-135-generic, 105 packages)\n 19 vulnerabilities with levels ['Critical', 'High', 'Medium'] were found\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 1 | Critical | DSA-4963-1 | CVE-2021-3711 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u1 |\n | | | | CVE-2021-3712 | openssl-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 2 | Critical | DSA-5073-1 | CVE-2022-23852 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u1 |\n | | | | CVE-2022-23990 | |\n | | | | CVE-2021-46143 | |\n | | | | CVE-2022-22824 | |\n | | | | CVE-2022-22827 | |\n | | | | CVE-2021-45960 | |\n | | | | CVE-2022-22822 | |\n | | | | CVE-2022-22825 | |\n | | | | CVE-2022-22823 | |\n | | | | CVE-2022-22826 | |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 3 | Critical | DSA-5085-1 | CVE-2022-25236 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u2 |\n | | | | CVE-2022-25314 | |\n | | | | CVE-2022-25235 | |\n | | | | CVE-2022-25315 | |\n | | | | CVE-2022-25313 | |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 4 | Critical | DSA-5139-1 | CVE-2022-1292 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u2 |\n | | | | | openssl-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 5 | Critical | DSA-5147-1 | CVE-2022-1664 | dpkg-1.20.9.amd64 < 0:1.20.10 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 6 | Critical | DSA-5169-1 | CVE-2022-2068 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u3 |\n | | | | | openssl-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u3 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 7 | Critical | DSA-5218-1 | CVE-2022-37434 | zlib1g-1:1.2.11.dfsg-2.amd64 < 1:1.2.11.dfsg-2+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 8 | Critical | DSA-5236-1 | CVE-2022-40674 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u4 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 9 | Critical | no advisory | CVE-2022-23218 | libc-bin-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2022-46908 | libc6-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2019-1010022 | libdb5.3-5.3.28+dfsg1-0.8.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-23219 | libpcre2-8-0-10.36-2.amd64 < 0:10.36-2+deb11u1 |\n | | | | CVE-2019-8457 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-33574 | libtasn1-6-4.16.0-2.amd64 < 0:4.16.0-2+deb11u1 |\n | | | | CVE-2005-2541 | tar-1.34+dfsg-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1587 | |\n | | | | CVE-2022-1586 | |\n | | | | CVE-2021-46848 | |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 10 | High | DSA-5103-1 | CVE-2022-0778 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u2 |\n | | | | CVE-2021-4160 | openssl-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 11 | High | DSA-5111-1 | CVE-2018-25032 | zlib1g-1:1.2.11.dfsg-2.amd64 < 1:1.2.11.dfsg-2+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 12 | High | DSA-5122-1 | CVE-2022-1271 | gzip-1.10-4.amd64 < 0:1.10-4+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 13 | High | DSA-5123-1 | CVE-2022-1271 | liblzma5-5.2.5-2.amd64 < 0:5.2.5-2.1~deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 14 | High | DSA-5200-1 | CVE-2021-46828 | libtirpc-common-1.3.1-1.all < 0:1.3.1-1+deb11u1 |\n | | | | | libtirpc3-1.3.1-1.amd64 < 0:1.3.1-1+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 15 | High | DSA-5203-1 | CVE-2022-2509 | libgnutls30-3.7.1-5.amd64 < 0:3.7.1-5+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 16 | High | no advisory | CVE-2022-29458 | e2fsprogs-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-6829 | libcom-err2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-43618 | libext2fs2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-20838 | libss2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-36690 | logsave-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-19882 | libc-bin-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2011-4116 | libc6-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2022-1304 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u5 |\n | | | | CVE-2017-7246 | libgcrypt20-1.8.7-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-20796 | libgmp10-2:6.2.1+dfsg-1.amd64 < 2:6.2.1+dfsg-1+deb11u1 |\n | | | | CVE-2019-1010023 | libgssapi-krb5-2-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-39537 | libk5crypto3-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-16156 | libkrb5-3-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-43680 | libkrb5support0-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-5709 | libncursesw6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-9192 | libtinfo6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3999 | ncurses-base-6.2+20201114-2.all >= 0:0.0.0 |\n | | | | CVE-2017-7245 | ncurses-bin-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-11164 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-35737 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-43396 | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-33560 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | | perl-base-5.32.1-4+deb11u1.amd64 >= 0:0.0.0 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 17 | Medium | DSA-5055-1 | CVE-2021-3996 | bsdutils-1:2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | CVE-2021-3995 | libblkid1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | libmount1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | libsmartcols1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | libuuid1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | mount-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | util-linux-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 18 | Medium | DSA-5174-1 | CVE-2022-34903 | gpgv-2.2.27-2.amd64 < 0:2.2.27-2+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 19 | Medium | no advisory | CVE-2022-2097 | bash-5.1-2+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2013-4235 | bsdutils-1:2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010024 | libblkid1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-0928 | libmount1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4209 | libsmartcols1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-2781 | libuuid1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-16231 | mount-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42898 | util-linux-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-18018 | coreutils-8.32-4+b1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45346 | libc-bin-2.31-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-37750 | libc6-2.31-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2007-6755 | libexpat1-2.2.10-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-4756 | libgnutls30-3.7.1-5.amd64 >= 0:0.0.0 |\n | | | | CVE-2013-0340 | libgssapi-krb5-2-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2021-3997 | libk5crypto3-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2011-3389 | libkrb5-3-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2022-3715 | libkrb5support0-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2022-0563 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-13529 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-4415 | libssl1.1-1.1.1k-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010025 | openssl-1.1.1k-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2007-5686 | libsystemd0-247.3-6.amd64 < 0:247.3-7 |\n | | | | | libudev1-247.3-6.amd64 < 0:247.3-7 |\n | | | | | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n \n\nIn this case, more vulnerabilities were detected. We can also see a big difference in the results, but there is already some intersection of the sets.\n \n \n **Vulners \u2216 VulnsIO:** 13 {'DSA-5287-1', 'DLA-2771-1', 'DLA-2904-1', 'DLA-3022-1', 'DLA-3206-1', 'DLA-2766-1', 'DLA-2935-1', 'DLA-2774-1', 'DLA-3008-1', 'DLA-3152-1', 'DLA-2953-1', 'DSA-5085-2', 'DLA-2952-1'}\n **Vulners \u2229 VulnsIO:** 8 {'DSA-5147-1', 'DSA-5073-1', 'DSA-5174-1', 'DSA-4963-1', 'DSA-5169-1', 'DSA-5139-1', 'DSA-5085-1', 'DSA-5103-1'}\n **VulnsIO \u2216 Vulners:** 8 {'DSA-5111-1', 'DSA-5055-1', 'DSA-5123-1', 'DSA-5122-1', 'DSA-5236-1', 'DSA-5203-1', 'DSA-5218-1', 'DSA-5200-1'}\n\nWe can look at one bulletin that was detected by two APIs.\n\nVulners:\n \n \n | 13 | High | DEBIAN:DSA-5147-1:638F9 | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 |\n\nVulns.io:\n \n \n | 5 | Critical | DSA-5147-1 | CVE-2022-1664 | dpkg-1.20.9.amd64 < 0:1.20.10 |\n\nAs you can see from the proofs, the detection criteria are the same. And this is good. I would also like to draw attention to the different values of the criticality level for the bulletin. [Debian does not provide](<https://www.debian.org/security/2022/dsa-5147>) a this criticality level, apparently it is calculated by the vendors based on CVSS, but in different ways. \n\n## What's next?\n\nAs we can see, support for the Vulners.com and Vulns.io APIs in Scanvus opens up new opportunities for testing the correctness of the detection for all supported Linux distributions.\n\nCurrently, support for the Vulners.com API and support for the Vulns.io API are implemented equally, but they are implemented independently. The bash inventory scripts for each of the APIs are different. Two independent reporting functions are also used. It seems right to **unify the inventory script** so that the same inventory results can be checked with Vulners.com and Vulns.io. It also seems right to create a **single format for presenting detection results** and convert raw results from APIs into this format. This format could be used for reporting and further integrations. In this way, it will be possible to debug the scheme for adding new APIs to Scanvus.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-12-30T18:03:13", "type": "avleonov", "title": "Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0230", "CVE-2005-2541", "CVE-2005-3660", "CVE-2007-2243", "CVE-2007-2768", "CVE-2007-5686", "CVE-2007-6755", "CVE-2008-2544", "CVE-2008-3234", "CVE-2008-4609", "CVE-2008-4677", "CVE-2008-4996", "CVE-2008-5135", "CVE-2008-5366", "CVE-2008-5367", "CVE-2010-0928", "CVE-2010-4563", "CVE-2010-4756", "CVE-2010-5321", "CVE-2011-3389", "CVE-2011-4116", "CVE-2011-4915", "CVE-2011-4916", "CVE-2011-4917", "CVE-2012-0039", "CVE-2012-2663", "CVE-2012-4542", "CVE-2013-0340", "CVE-2013-4235", "CVE-2013-7445", "CVE-2014-9892", "CVE-2014-9900", "CVE-2015-20107", "CVE-2015-3243", "CVE-2015-3276", "CVE-2016-10228", "CVE-2016-10723", "CVE-2016-1585", "CVE-2016-20012", "CVE-2016-2568", "CVE-2016-2781", "CVE-2016-3709", "CVE-2016-8660", "CVE-2016-9797", "CVE-2016-9798", "CVE-2016-9799", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9803", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918", "CVE-2017-0630", "CVE-2017-1000382", "CVE-2017-11164", "CVE-2017-13084", "CVE-2017-13693", "CVE-2017-13694", "CVE-2017-14159", "CVE-2017-15131", "CVE-2017-16231", "CVE-2017-17740", "CVE-2017-18018", "CVE-2017-7245", "CVE-2017-7246", "CVE-2018-1000500", "CVE-2018-1121", "CVE-2018-12928", "CVE-2018-15919", "CVE-2018-17977", "CVE-2018-20217", "CVE-2018-20796", "CVE-2018-25032", "CVE-2018-5709", "CVE-2018-5729", "CVE-2018-5730", "CVE-2018-6829", "CVE-2018-7738", "CVE-2019-1010022", "CVE-2019-1010023", "CVE-2019-1010024", "CVE-2019-1010025", "CVE-2019-12378", "CVE-2019-12379", "CVE-2019-12380", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-12455", "CVE-2019-12456", "CVE-2019-14870", "CVE-2019-15213", "CVE-2019-15232", "CVE-2019-1551", "CVE-2019-15794", "CVE-2019-16089", "CVE-2019-16229", "CVE-2019-16230", "CVE-2019-16231", "CVE-2019-16232", "CVE-2019-16233", "CVE-2019-16234", "CVE-2019-19070", "CVE-2019-19126", "CVE-2019-19378", "CVE-2019-19449", "CVE-2019-19814", "CVE-2019-19882", "CVE-2019-20794", "CVE-2019-20838", "CVE-2019-25013", "CVE-2019-5062", "CVE-2019-6110", "CVE-2019-6129", "CVE-2019-8457", "CVE-2019-9192", "CVE-2020-0347", "CVE-2020-10029", "CVE-2020-11725", "CVE-2020-12362", "CVE-2020-12363", "CVE-2020-12364", "CVE-2020-12389", "CVE-2020-12390", "CVE-2020-13529", "CVE-2020-13576", "CVE-2020-14145", "CVE-2020-14304", "CVE-2020-15719", "CVE-2020-15778", "CVE-2020-15802", "CVE-2020-16156", "CVE-2020-1752", "CVE-2020-24504", "CVE-2020-26140", "CVE-2020-26142", "CVE-2020-26143", "CVE-2020-26555", "CVE-2020-26557", "CVE-2020-26559", "CVE-2020-26560", "CVE-2020-26972", "CVE-2020-27618", "CVE-2020-27619", "CVE-2020-36325", "CVE-2020-36516", "CVE-2020-6096", "CVE-2021-21240", "CVE-2021-21783", "CVE-2021-22922", "CVE-2021-22923", "CVE-2021-26934", "CVE-2021-27645", "CVE-2021-28831", "CVE-2021-28861", "CVE-2021-29462", "CVE-2021-29921", "CVE-2021-30004", "CVE-2021-30475", "CVE-2021-31879", "CVE-2021-32078", "CVE-2021-33061", "CVE-2021-3326", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3468", "CVE-2021-3502", "CVE-2021-35942", "CVE-2021-3658", "CVE-2021-3669", "CVE-2021-36690", "CVE-2021-3671", "CVE-2021-3695", "CVE-2021-3696", "CVE-2021-3697", "CVE-2021-3711", "CVE-2021-3712", "CVE-2021-3714", "CVE-2021-3733", "CVE-2021-3737", "CVE-2021-3759", "CVE-2021-3773", "CVE-2021-37750", "CVE-2021-38185", "CVE-2021-3847", "CVE-2021-3864", "CVE-2021-3872", "CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-39537", "CVE-2021-3968", "CVE-2021-39686", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-3995", "CVE-2021-3996", "CVE-2021-3997", "CVE-2021-3999", "CVE-2021-4019", "CVE-2021-4023", "CVE-2021-4037", "CVE-2021-4069", "CVE-2021-4115", "CVE-2021-41229", "CVE-2021-4136", "CVE-2021-4149", "CVE-2021-4160", "CVE-2021-41617", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4189", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-4204", "CVE-2021-4209", "CVE-2021-4214", "CVE-2021-42373", "CVE-2021-42374", "CVE-2021-42375", "CVE-2021-42376", "CVE-2021-42377", "CVE-2021-42378", "CVE-2021-42379", "CVE-2021-42380", "CVE-2021-42381", "CVE-2021-42382", "CVE-2021-42383", "CVE-2021-42384", "CVE-2021-42385", "CVE-2021-42386", "CVE-2021-43396", "CVE-2021-43400", "CVE-2021-43618", "CVE-2021-44758", "CVE-2021-44879", "CVE-2021-45346", "CVE-2021-45940", "CVE-2021-45941", "CVE-2021-45951", "CVE-2021-45952", "CVE-2021-45953", "CVE-2021-45954", "CVE-2021-45955", "CVE-2021-45956", "CVE-2021-45957", "CVE-2021-45960", "CVE-2021-46143", "CVE-2021-46828", "CVE-2021-46848", "CVE-2022-0156", "CVE-2022-0171", "CVE-2022-0204", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0391", "CVE-2022-0392", "CVE-2022-0393", "CVE-2022-0400", "CVE-2022-0407", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0417", "CVE-2022-0443", "CVE-2022-0480", "CVE-2022-0500", "CVE-2022-0554", "CVE-2022-0563", "CVE-2022-0572", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0696", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0778", "CVE-2022-0934", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1184", "CVE-2022-1247", "CVE-2022-1253", "CVE-2022-1271", "CVE-2022-1280", "CVE-2022-1292", "CVE-2022-1304", "CVE-2022-1420", "CVE-2022-1462", "CVE-2022-1586", "CVE-2022-1587", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1664", "CVE-2022-1674", "CVE-2022-1679", "CVE-2022-1720", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1882", "CVE-2022-1886", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129", "CVE-2022-21505", "CVE-2022-2153", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2231", "CVE-2022-2257", "CVE-2022-2264", "CVE-2022-22822", "CVE-2022-22823", "CVE-2022-22824", "CVE-2022-22825", "CVE-2022-22826", "CVE-2022-22827", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-23218", "CVE-2022-23219", "CVE-2022-23303", "CVE-2022-23304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345", "CVE-2022-23816", "CVE-2022-23825", "CVE-2022-23852", "CVE-2022-23990", "CVE-2022-24791", "CVE-2022-2509", "CVE-2022-2522", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25265", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-25315", "CVE-2022-2571", "CVE-2022-2581", "CVE-2022-2585", "CVE-2022-2586", "CVE-2022-2588", "CVE-2022-2598", "CVE-2022-2602", "CVE-2022-26373", "CVE-2022-2795", "CVE-2022-2816", "CVE-2022-2817", "CVE-2022-2819", "CVE-2022-28391", "CVE-2022-2845", "CVE-2022-2849", "CVE-2022-2862", "CVE-2022-2873", "CVE-2022-28733", "CVE-2022-28734", "CVE-2022-28735", "CVE-2022-28736", "CVE-2022-2874", "CVE-2022-2889", "CVE-2022-2923", "CVE-2022-2928", "CVE-2022-2929", "CVE-2022-29458", "CVE-2022-2946", "CVE-2022-29900", "CVE-2022-29901", "CVE-2022-30065", "CVE-2022-3061", "CVE-2022-3080", "CVE-2022-3176", "CVE-2022-31782", "CVE-2022-3297", "CVE-2022-33070", "CVE-2022-3344", "CVE-2022-3424", "CVE-2022-3437", "CVE-2022-34903", "CVE-2022-3491", "CVE-2022-3534", "CVE-2022-3542", "CVE-2022-35737", "CVE-2022-3586", "CVE-2022-3606", "CVE-2022-3628", "CVE-2022-36879", "CVE-2022-36946", "CVE-2022-3707", "CVE-2022-3715", "CVE-2022-37434", "CVE-2022-37454", "CVE-2022-3775", "CVE-2022-38177", "CVE-2022-38178", "CVE-2022-3857", "CVE-2022-40674", "CVE-2022-4095", "CVE-2022-4139", "CVE-2022-41916", "CVE-2022-42328", "CVE-2022-42329", "CVE-2022-42898", "CVE-2022-42919", "CVE-2022-43551", "CVE-2022-43552", "CVE-2022-43680", "CVE-2022-4378", "CVE-2022-4415", "CVE-2022-44640", "CVE-2022-4543", "CVE-2022-4662", "CVE-2022-46908"], "modified": "2022-12-30T18:03:13", "id": "AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987", "href": "https://avleonov.com/2022/12/30/scanvus-now-supports-vulners-and-vulns-io-vm-linux-vulnerability-detection-apis/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}

EulerOS Virtualization 3.0.2.2 : bluez (EulerOS-SA-2021-2129)

Description

Related