ID FEDORA_2008-0199.NASLType nessusReporter TenableModified 2018-11-28T00:00:00
Description
Fixes AST-2008-001. See :
http://downloads.digium.com/pub/security/AST-2008-001.html
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2008-0199.
#
include("compat.inc");
if (description)
{
script_id(29848);
script_version ("1.13");
script_cvs_date("Date: 2018/11/28 22:47:42");
script_cve_id("CVE-2008-0095");
script_bugtraq_id(27110);
script_xref(name:"FEDORA", value:"2008-0199");
script_name(english:"Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Fixes AST-2008-001. See :
http://downloads.digium.com/pub/security/AST-2008-001.html
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
# http://downloads.digium.com/pub/security/AST-2008-001.html
script_set_attribute(
attribute:"see_also",
value:"https://downloads.digium.com/pub/security/AST-2008-001.html"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006520.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?e16e9ca9"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-alsa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-conference");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-curl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-fax");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-festival");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-jabber");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-misdn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-mobile");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-odbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-oss");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-postgresql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-radius");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-skinny");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-snmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-tds");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:asterisk-zaptel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:8");
script_set_attribute(attribute:"patch_publication_date", value:"2008/01/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2008/01/04");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2008-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 8.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC8", reference:"asterisk-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-alsa-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-conference-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-curl-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-debuginfo-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-devel-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-fax-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-festival-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-firmware-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-jabber-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-misdn-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-mobile-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-odbc-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-oss-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-postgresql-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-radius-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-skinny-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-snmp-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-tds-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-voicemail-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-voicemail-imap-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-voicemail-odbc-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-voicemail-plain-1.4.17-1.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"asterisk-zaptel-1.4.17-1.fc8")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "asterisk / asterisk-alsa / asterisk-conference / asterisk-curl / etc");
}
{"id": "FEDORA_2008-0199.NASL", "bulletinFamily": "scanner", "title": "Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)", "description": "Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2008-01-04T00:00:00", "modified": "2018-11-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=29848", "reporter": "Tenable", "references": ["http://www.nessus.org/u?e16e9ca9", "https://downloads.digium.com/pub/security/AST-2008-001.html"], "cvelist": ["CVE-2008-0095"], "type": "nessus", "lastseen": "2018-11-29T19:21:05", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:fedoraproject:fedora:asterisk-curl", "p-cpe:/a:fedoraproject:fedora:asterisk-mobile", "p-cpe:/a:fedoraproject:fedora:asterisk-fax", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap", "p-cpe:/a:fedoraproject:fedora:asterisk-misdn", "p-cpe:/a:fedoraproject:fedora:asterisk-devel", "p-cpe:/a:fedoraproject:fedora:asterisk-firmware", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain", "p-cpe:/a:fedoraproject:fedora:asterisk-tds", "p-cpe:/a:fedoraproject:fedora:asterisk-zaptel", "cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo", "p-cpe:/a:fedoraproject:fedora:asterisk-festival", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-conference", "p-cpe:/a:fedoraproject:fedora:asterisk-skinny", "p-cpe:/a:fedoraproject:fedora:asterisk-snmp", "p-cpe:/a:fedoraproject:fedora:asterisk-jabber", "p-cpe:/a:fedoraproject:fedora:asterisk-radius", "p-cpe:/a:fedoraproject:fedora:asterisk-postgresql", "p-cpe:/a:fedoraproject:fedora:asterisk-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-alsa", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail", "p-cpe:/a:fedoraproject:fedora:asterisk", "p-cpe:/a:fedoraproject:fedora:asterisk-oss"], "cvelist": ["CVE-2008-0095"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "e4a1d262d90c5ec4076d55ac8b703b12cacb8ded0cdb1eaf7aa784df09c2101e", "hashmap": [{"hash": "68547947a6c7aaa0365440a64f4d7f5f", "key": "cvelist"}, {"hash": "085cf2a6873a7986db74ba26e9dcedff", "key": "references"}, {"hash": "e1b41c140e717e2473c9321a0f964777", "key": "title"}, {"hash": "b3e9fe5973d6cbbd68c0c60557d18139", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0f42470855166a34f92474915dc63933", "key": "published"}, {"hash": "75ea6e6ac556322693c480e6f9548921", "key": "href"}, {"hash": "c3d0e36683c61cb59802cd124a70b65c", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6ab2ef9e3a9f4ed96fb1b77191e612d0", "key": "pluginID"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "55c15b2ee014f410bc35a2ea45f82539", "key": "modified"}, {"hash": "2d4b4b773cf2fad27114b42dc0886e8e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=29848", "id": "FEDORA_2008-0199.NASL", "lastseen": "2018-08-30T19:34:11", "modified": "2015-10-21T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "29848", "published": "2008-01-04T00:00:00", "references": ["http://www.nessus.org/u?e16e9ca9", "http://downloads.digium.com/pub/security/AST-2008-001.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-0199.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29848);\n script_version (\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/10/21 22:04:03 $\");\n\n script_cve_id(\"CVE-2008-0095\");\n script_bugtraq_id(27110);\n script_xref(name:\"FEDORA\", value:\"2008-0199\");\n\n script_name(english:\"Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.digium.com/pub/security/AST-2008-001.html\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006520.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e16e9ca9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-conference\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-fax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-festival\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-jabber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-misdn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-mobile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-oss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-skinny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-zaptel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-alsa-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-conference-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-curl-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-debuginfo-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-devel-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-fax-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-festival-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-firmware-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-jabber-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-misdn-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-mobile-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-oss-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-postgresql-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-radius-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-skinny-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-snmp-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-tds-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-imap-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-plain-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-zaptel-1.4.17-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk / asterisk-alsa / asterisk-conference / asterisk-curl / etc\");\n}\n", "title": "Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:34:11"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:fedoraproject:fedora:asterisk-curl", "p-cpe:/a:fedoraproject:fedora:asterisk-mobile", "p-cpe:/a:fedoraproject:fedora:asterisk-fax", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap", "p-cpe:/a:fedoraproject:fedora:asterisk-misdn", "p-cpe:/a:fedoraproject:fedora:asterisk-devel", "p-cpe:/a:fedoraproject:fedora:asterisk-firmware", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain", "p-cpe:/a:fedoraproject:fedora:asterisk-tds", "p-cpe:/a:fedoraproject:fedora:asterisk-zaptel", "cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo", "p-cpe:/a:fedoraproject:fedora:asterisk-festival", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-conference", "p-cpe:/a:fedoraproject:fedora:asterisk-skinny", "p-cpe:/a:fedoraproject:fedora:asterisk-snmp", "p-cpe:/a:fedoraproject:fedora:asterisk-jabber", "p-cpe:/a:fedoraproject:fedora:asterisk-radius", "p-cpe:/a:fedoraproject:fedora:asterisk-postgresql", "p-cpe:/a:fedoraproject:fedora:asterisk-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-alsa", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail", "p-cpe:/a:fedoraproject:fedora:asterisk", "p-cpe:/a:fedoraproject:fedora:asterisk-oss"], "cvelist": ["CVE-2008-0095"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "f464388c23d6ed8ccd8ce2d34cfffad6a7316b3622cb1dce6c1c21044007209d", "hashmap": [{"hash": "68547947a6c7aaa0365440a64f4d7f5f", "key": "cvelist"}, {"hash": "085cf2a6873a7986db74ba26e9dcedff", "key": "references"}, {"hash": "e1b41c140e717e2473c9321a0f964777", "key": "title"}, {"hash": "b3e9fe5973d6cbbd68c0c60557d18139", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0f42470855166a34f92474915dc63933", "key": "published"}, {"hash": "75ea6e6ac556322693c480e6f9548921", "key": "href"}, {"hash": "c3d0e36683c61cb59802cd124a70b65c", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6ab2ef9e3a9f4ed96fb1b77191e612d0", "key": "pluginID"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "55c15b2ee014f410bc35a2ea45f82539", "key": "modified"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "2d4b4b773cf2fad27114b42dc0886e8e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=29848", "id": "FEDORA_2008-0199.NASL", "lastseen": "2017-10-29T13:35:18", "modified": "2015-10-21T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "29848", "published": "2008-01-04T00:00:00", "references": ["http://www.nessus.org/u?e16e9ca9", "http://downloads.digium.com/pub/security/AST-2008-001.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-0199.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29848);\n script_version (\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/10/21 22:04:03 $\");\n\n script_cve_id(\"CVE-2008-0095\");\n script_bugtraq_id(27110);\n script_xref(name:\"FEDORA\", value:\"2008-0199\");\n\n script_name(english:\"Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.digium.com/pub/security/AST-2008-001.html\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006520.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e16e9ca9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-conference\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-fax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-festival\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-jabber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-misdn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-mobile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-oss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-skinny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-zaptel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-alsa-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-conference-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-curl-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-debuginfo-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-devel-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-fax-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-festival-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-firmware-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-jabber-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-misdn-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-mobile-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-oss-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-postgresql-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-radius-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-skinny-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-snmp-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-tds-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-imap-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-plain-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-zaptel-1.4.17-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk / asterisk-alsa / asterisk-conference / asterisk-curl / etc\");\n}\n", "title": "Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:35:18"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:fedoraproject:fedora:asterisk-curl", "p-cpe:/a:fedoraproject:fedora:asterisk-mobile", "p-cpe:/a:fedoraproject:fedora:asterisk-fax", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap", "p-cpe:/a:fedoraproject:fedora:asterisk-misdn", "p-cpe:/a:fedoraproject:fedora:asterisk-devel", "p-cpe:/a:fedoraproject:fedora:asterisk-firmware", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain", "p-cpe:/a:fedoraproject:fedora:asterisk-tds", "p-cpe:/a:fedoraproject:fedora:asterisk-zaptel", "cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo", "p-cpe:/a:fedoraproject:fedora:asterisk-festival", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-conference", "p-cpe:/a:fedoraproject:fedora:asterisk-skinny", "p-cpe:/a:fedoraproject:fedora:asterisk-snmp", "p-cpe:/a:fedoraproject:fedora:asterisk-jabber", "p-cpe:/a:fedoraproject:fedora:asterisk-radius", "p-cpe:/a:fedoraproject:fedora:asterisk-postgresql", "p-cpe:/a:fedoraproject:fedora:asterisk-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-alsa", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail", "p-cpe:/a:fedoraproject:fedora:asterisk", "p-cpe:/a:fedoraproject:fedora:asterisk-oss"], "cvelist": ["CVE-2008-0095"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "0a250e30d2fc836f7313823296074ef99ef2cd855df561705c84cab9df5411e1", "hashmap": [{"hash": "68547947a6c7aaa0365440a64f4d7f5f", "key": "cvelist"}, {"hash": "e1b41c140e717e2473c9321a0f964777", "key": "title"}, {"hash": "b3e9fe5973d6cbbd68c0c60557d18139", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e145933baf60ff34e77ad35c77d74478", "key": "modified"}, {"hash": "0f42470855166a34f92474915dc63933", "key": "published"}, {"hash": "75ea6e6ac556322693c480e6f9548921", "key": "href"}, {"hash": "8deb1f9cafaaa2d2d610466294f4fb0f", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6ab2ef9e3a9f4ed96fb1b77191e612d0", "key": "pluginID"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "f45d33c8554acf1481c5da8be8f14eba", "key": "references"}, {"hash": "2d4b4b773cf2fad27114b42dc0886e8e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=29848", "id": "FEDORA_2008-0199.NASL", "lastseen": "2018-11-21T05:39:23", "modified": "2018-11-20T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "29848", "published": "2008-01-04T00:00:00", "references": ["http://www.nessus.org/u?e16e9ca9", "https://downloads.digium.com/pub/security/AST-2008-001.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-0199.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29848);\n script_version (\"1.12\");\n script_cvs_date(\"Date: 2018/11/20 11:04:16\");\n\n script_cve_id(\"CVE-2008-0095\");\n script_bugtraq_id(27110);\n script_xref(name:\"FEDORA\", value:\"2008-0199\");\n\n script_name(english:\"Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://downloads.digium.com/pub/security/AST-2008-001.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://downloads.digium.com/pub/security/AST-2008-001.html\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006520.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e16e9ca9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-conference\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-fax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-festival\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-jabber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-misdn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-mobile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-oss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-skinny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-zaptel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-alsa-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-conference-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-curl-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-debuginfo-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-devel-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-fax-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-festival-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-firmware-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-jabber-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-misdn-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-mobile-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-oss-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-postgresql-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-radius-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-skinny-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-snmp-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-tds-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-imap-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-plain-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-zaptel-1.4.17-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk / asterisk-alsa / asterisk-conference / asterisk-curl / etc\");\n}\n", "title": "Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 5, "lastseen": "2018-11-21T05:39:23"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2008-0095"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "4f132e34ffb0313d3a0697848fb4d6e0efffeb4465637cac815b46abba38c67b", "hashmap": [{"hash": "68547947a6c7aaa0365440a64f4d7f5f", "key": "cvelist"}, {"hash": "085cf2a6873a7986db74ba26e9dcedff", "key": "references"}, {"hash": "e1b41c140e717e2473c9321a0f964777", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0f42470855166a34f92474915dc63933", "key": "published"}, {"hash": "75ea6e6ac556322693c480e6f9548921", "key": "href"}, {"hash": "c3d0e36683c61cb59802cd124a70b65c", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6ab2ef9e3a9f4ed96fb1b77191e612d0", "key": "pluginID"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "55c15b2ee014f410bc35a2ea45f82539", "key": "modified"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "2d4b4b773cf2fad27114b42dc0886e8e", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=29848", "id": "FEDORA_2008-0199.NASL", "lastseen": "2016-09-26T17:23:45", "modified": "2015-10-21T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.2", "pluginID": "29848", "published": "2008-01-04T00:00:00", "references": ["http://www.nessus.org/u?e16e9ca9", "http://downloads.digium.com/pub/security/AST-2008-001.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-0199.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29848);\n script_version (\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/10/21 22:04:03 $\");\n\n script_cve_id(\"CVE-2008-0095\");\n script_bugtraq_id(27110);\n script_xref(name:\"FEDORA\", value:\"2008-0199\");\n\n script_name(english:\"Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.digium.com/pub/security/AST-2008-001.html\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006520.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e16e9ca9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-conference\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-fax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-festival\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-jabber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-misdn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-mobile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-oss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-skinny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-zaptel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-alsa-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-conference-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-curl-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-debuginfo-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-devel-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-fax-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-festival-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-firmware-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-jabber-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-misdn-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-mobile-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-oss-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-postgresql-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-radius-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-skinny-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-snmp-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-tds-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-imap-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-plain-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-zaptel-1.4.17-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk / asterisk-alsa / asterisk-conference / asterisk-curl / etc\");\n}\n", "title": "Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:23:45"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:fedoraproject:fedora:asterisk-curl", "p-cpe:/a:fedoraproject:fedora:asterisk-mobile", "p-cpe:/a:fedoraproject:fedora:asterisk-fax", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap", "p-cpe:/a:fedoraproject:fedora:asterisk-misdn", "p-cpe:/a:fedoraproject:fedora:asterisk-devel", "p-cpe:/a:fedoraproject:fedora:asterisk-firmware", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain", "p-cpe:/a:fedoraproject:fedora:asterisk-tds", "p-cpe:/a:fedoraproject:fedora:asterisk-zaptel", "cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo", "p-cpe:/a:fedoraproject:fedora:asterisk-festival", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-conference", "p-cpe:/a:fedoraproject:fedora:asterisk-skinny", "p-cpe:/a:fedoraproject:fedora:asterisk-snmp", "p-cpe:/a:fedoraproject:fedora:asterisk-jabber", "p-cpe:/a:fedoraproject:fedora:asterisk-radius", "p-cpe:/a:fedoraproject:fedora:asterisk-postgresql", "p-cpe:/a:fedoraproject:fedora:asterisk-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-alsa", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail", "p-cpe:/a:fedoraproject:fedora:asterisk", "p-cpe:/a:fedoraproject:fedora:asterisk-oss"], "cvelist": ["CVE-2008-0095"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "f464388c23d6ed8ccd8ce2d34cfffad6a7316b3622cb1dce6c1c21044007209d", "hashmap": [{"hash": "68547947a6c7aaa0365440a64f4d7f5f", "key": "cvelist"}, {"hash": "085cf2a6873a7986db74ba26e9dcedff", "key": "references"}, {"hash": "e1b41c140e717e2473c9321a0f964777", "key": "title"}, {"hash": "b3e9fe5973d6cbbd68c0c60557d18139", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0f42470855166a34f92474915dc63933", "key": "published"}, {"hash": "75ea6e6ac556322693c480e6f9548921", "key": "href"}, {"hash": "c3d0e36683c61cb59802cd124a70b65c", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6ab2ef9e3a9f4ed96fb1b77191e612d0", "key": "pluginID"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "55c15b2ee014f410bc35a2ea45f82539", "key": "modified"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "2d4b4b773cf2fad27114b42dc0886e8e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=29848", "id": "FEDORA_2008-0199.NASL", "lastseen": "2018-09-01T23:37:36", "modified": "2015-10-21T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "29848", "published": "2008-01-04T00:00:00", "references": ["http://www.nessus.org/u?e16e9ca9", "http://downloads.digium.com/pub/security/AST-2008-001.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-0199.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29848);\n script_version (\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/10/21 22:04:03 $\");\n\n script_cve_id(\"CVE-2008-0095\");\n script_bugtraq_id(27110);\n script_xref(name:\"FEDORA\", value:\"2008-0199\");\n\n script_name(english:\"Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.digium.com/pub/security/AST-2008-001.html\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006520.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e16e9ca9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-conference\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-fax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-festival\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-jabber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-misdn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-mobile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-oss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-skinny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-zaptel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-alsa-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-conference-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-curl-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-debuginfo-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-devel-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-fax-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-festival-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-firmware-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-jabber-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-misdn-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-mobile-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-oss-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-postgresql-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-radius-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-skinny-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-snmp-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-tds-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-imap-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-plain-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-zaptel-1.4.17-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk / asterisk-alsa / asterisk-conference / asterisk-curl / etc\");\n}\n", "title": "Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 4, "lastseen": "2018-09-01T23:37:36"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "b3e9fe5973d6cbbd68c0c60557d18139"}, {"key": "cvelist", "hash": "68547947a6c7aaa0365440a64f4d7f5f"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "2d4b4b773cf2fad27114b42dc0886e8e"}, {"key": "href", "hash": "75ea6e6ac556322693c480e6f9548921"}, {"key": "modified", "hash": "460b12446c99e9f96de9e7fe92f5d167"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "6ab2ef9e3a9f4ed96fb1b77191e612d0"}, {"key": "published", "hash": "0f42470855166a34f92474915dc63933"}, {"key": "references", "hash": "f45d33c8554acf1481c5da8be8f14eba"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "075c4123d1ac610ca0d994107686bc9f"}, {"key": "title", "hash": "e1b41c140e717e2473c9321a0f964777"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "56af91c9811f160d710a0c67fbbe679e19eac2773b4a78edb865566c436da797", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-0199.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29848);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2018/11/28 22:47:42\");\n\n script_cve_id(\"CVE-2008-0095\");\n script_bugtraq_id(27110);\n script_xref(name:\"FEDORA\", value:\"2008-0199\");\n\n script_name(english:\"Fedora 8 : asterisk-1.4.17-1.fc8 (2008-0199)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://downloads.digium.com/pub/security/AST-2008-001.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://downloads.digium.com/pub/security/AST-2008-001.html\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006520.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e16e9ca9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-conference\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-fax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-festival\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-jabber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-misdn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-mobile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-oss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-skinny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-zaptel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-alsa-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-conference-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-curl-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-debuginfo-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-devel-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-fax-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-festival-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-firmware-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-jabber-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-misdn-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-mobile-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-oss-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-postgresql-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-radius-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-skinny-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-snmp-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-tds-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-imap-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-odbc-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-voicemail-plain-1.4.17-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"asterisk-zaptel-1.4.17-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk / asterisk-alsa / asterisk-conference / asterisk-curl / etc\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "29848", "cpe": ["p-cpe:/a:fedoraproject:fedora:asterisk-curl", "p-cpe:/a:fedoraproject:fedora:asterisk-mobile", "p-cpe:/a:fedoraproject:fedora:asterisk-fax", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap", "p-cpe:/a:fedoraproject:fedora:asterisk-misdn", "p-cpe:/a:fedoraproject:fedora:asterisk-devel", "p-cpe:/a:fedoraproject:fedora:asterisk-firmware", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain", "p-cpe:/a:fedoraproject:fedora:asterisk-tds", "p-cpe:/a:fedoraproject:fedora:asterisk-zaptel", "cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo", "p-cpe:/a:fedoraproject:fedora:asterisk-festival", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-conference", "p-cpe:/a:fedoraproject:fedora:asterisk-skinny", "p-cpe:/a:fedoraproject:fedora:asterisk-snmp", "p-cpe:/a:fedoraproject:fedora:asterisk-jabber", "p-cpe:/a:fedoraproject:fedora:asterisk-radius", "p-cpe:/a:fedoraproject:fedora:asterisk-postgresql", "p-cpe:/a:fedoraproject:fedora:asterisk-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-alsa", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail", "p-cpe:/a:fedoraproject:fedora:asterisk", "p-cpe:/a:fedoraproject:fedora:asterisk-oss"]}
{"cve": [{"lastseen": "2018-10-16T10:52:02", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/39361", "http://securityreason.com/securityalert/3520", "http://www.securityfocus.com/archive/1/485727/100/0/threaded", "http://www.vupen.com/english/advisories/2008/0019", "http://bugs.digium.com/view.php?id=11637", "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html", "http://www.securitytracker.com/id?1019152", "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html", "http://www.securityfocus.com/bid/27110", "http://downloads.digium.com/pub/security/AST-2008-001.html"], "description": "The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference.", "edition": 3, "reporter": "NVD", "published": "2008-01-07T21:46:00", "title": "CVE-2008-0095", "type": "cve", "enchantments": {"score": {"modified": "2018-10-16T10:52:02", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2008-0095"], "scanner": [], "modified": "2018-10-15T17:57:47", "cpe": ["cpe:/a:asterisk:open_source:1.4.16", "cpe:/a:asterisk:asterisknow:beta_6", "cpe:/a:asterisk:s800i:1.0.3.3", "cpe:/a:asterisk:asterisk_appliance_developer_kit:1.4_revision_95945", "cpe:/a:asterisk:asterisk_business_edition:c.1.0beta7"], "id": "CVE-2008-0095", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0095", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-25T10:57:06", "references": ["https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html", "2008-0198"], "pluginID": "860433", "description": "Check for the Version of asterisk", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-02-17T00:00:00", "title": "Fedora Update for asterisk FEDORA-2008-0198", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0095"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=860433", "id": "OPENVAS:860433", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2008-0198\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"asterisk on Fedora 7\";\ntag_insight = \"Asterisk is a complete PBX in software. It runs on Linux and provides\n all of the features you would expect from a PBX and more. Asterisk\n does voice over IP in three protocols, and can interoperate with\n almost all standards-based telephony equipment using relatively\n inexpensive hardware.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html\");\n script_id(860433);\n script_cve_id(\"CVE-2008-0095\");\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:12:43 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-0198\");\n script_name( \"Fedora Update for asterisk FEDORA-2008-0198\");\n\n script_summary(\"Check for the Version of asterisk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-debuginfo\", rpm:\"asterisk-debuginfo~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-zaptel\", rpm:\"asterisk-zaptel~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-plain\", rpm:\"asterisk-voicemail-plain~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-odbc\", rpm:\"asterisk-voicemail-odbc~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-imap\", rpm:\"asterisk-voicemail-imap~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail\", rpm:\"asterisk-voicemail~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-tds\", rpm:\"asterisk-tds~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-snmp\", rpm:\"asterisk-snmp~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-skinny\", rpm:\"asterisk-skinny~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-radius\", rpm:\"asterisk-radius~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-postgresql\", rpm:\"asterisk-postgresql~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-oss\", rpm:\"asterisk-oss~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-odbc\", rpm:\"asterisk-odbc~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-mobile\", rpm:\"asterisk-mobile~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-misdn\", rpm:\"asterisk-misdn~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-jabber\", rpm:\"asterisk-jabber~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-firmware\", rpm:\"asterisk-firmware~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-festival\", rpm:\"asterisk-festival~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-fax\", rpm:\"asterisk-fax~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-devel\", rpm:\"asterisk-devel~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-curl\", rpm:\"asterisk-curl~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-conference\", rpm:\"asterisk-conference~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-alsa\", rpm:\"asterisk-alsa~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-alsa\", rpm:\"asterisk-alsa~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-debuginfo\", rpm:\"asterisk-debuginfo~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-oss\", rpm:\"asterisk-oss~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-zaptel\", rpm:\"asterisk-zaptel~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail\", rpm:\"asterisk-voicemail~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-plain\", rpm:\"asterisk-voicemail-plain~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-skinny\", rpm:\"asterisk-skinny~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-jabber\", rpm:\"asterisk-jabber~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-tds\", rpm:\"asterisk-tds~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-mobile\", rpm:\"asterisk-mobile~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-snmp\", rpm:\"asterisk-snmp~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-fax\", rpm:\"asterisk-fax~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-odbc\", rpm:\"asterisk-voicemail-odbc~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-odbc\", rpm:\"asterisk-odbc~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-festival\", rpm:\"asterisk-festival~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-conference\", rpm:\"asterisk-conference~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-misdn\", rpm:\"asterisk-misdn~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-radius\", rpm:\"asterisk-radius~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-curl\", rpm:\"asterisk-curl~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-firmware\", rpm:\"asterisk-firmware~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-imap\", rpm:\"asterisk-voicemail-imap~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-postgresql\", rpm:\"asterisk-postgresql~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-devel\", rpm:\"asterisk-devel~1.4.17~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:54", "references": ["2008-0199", "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html"], "pluginID": "860909", "description": "Check for the Version of asterisk", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-02-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for asterisk FEDORA-2008-0199", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0095"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=860909", "id": "OPENVAS:860909", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2008-0199\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"asterisk on Fedora 8\";\ntag_insight = \"Asterisk is a complete PBX in software. It runs on Linux and provides\n all of the features you would expect from a PBX and more. Asterisk\n does voice over IP in three protocols, and can interoperate with\n almost all standards-based telephony equipment using relatively\n inexpensive hardware.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html\");\n script_id(860909);\n script_cve_id(\"CVE-2008-0095\");\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:12:43 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-0199\");\n script_name( \"Fedora Update for asterisk FEDORA-2008-0199\");\n\n script_summary(\"Check for the Version of asterisk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-skinny\", rpm:\"asterisk-skinny~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-curl\", rpm:\"asterisk-curl~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-conference\", rpm:\"asterisk-conference~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-odbc\", rpm:\"asterisk-odbc~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-snmp\", rpm:\"asterisk-snmp~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-odbc\", rpm:\"asterisk-voicemail-odbc~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-tds\", rpm:\"asterisk-tds~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-imap\", rpm:\"asterisk-voicemail-imap~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-fax\", rpm:\"asterisk-fax~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-zaptel\", rpm:\"asterisk-zaptel~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-misdn\", rpm:\"asterisk-misdn~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-plain\", rpm:\"asterisk-voicemail-plain~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-alsa\", rpm:\"asterisk-alsa~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-devel\", rpm:\"asterisk-devel~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-firmware\", rpm:\"asterisk-firmware~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-oss\", rpm:\"asterisk-oss~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-mobile\", rpm:\"asterisk-mobile~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-radius\", rpm:\"asterisk-radius~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-jabber\", rpm:\"asterisk-jabber~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-postgresql\", rpm:\"asterisk-postgresql~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-debuginfo\", rpm:\"asterisk-debuginfo~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-festival\", rpm:\"asterisk-festival~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail\", rpm:\"asterisk-voicemail~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-debuginfo\", rpm:\"asterisk-debuginfo~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-zaptel\", rpm:\"asterisk-zaptel~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-plain\", rpm:\"asterisk-voicemail-plain~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-odbc\", rpm:\"asterisk-voicemail-odbc~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail-imap\", rpm:\"asterisk-voicemail-imap~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-voicemail\", rpm:\"asterisk-voicemail~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-tds\", rpm:\"asterisk-tds~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-snmp\", rpm:\"asterisk-snmp~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-skinny\", rpm:\"asterisk-skinny~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-radius\", rpm:\"asterisk-radius~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-postgresql\", rpm:\"asterisk-postgresql~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-oss\", rpm:\"asterisk-oss~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-odbc\", rpm:\"asterisk-odbc~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-mobile\", rpm:\"asterisk-mobile~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-misdn\", rpm:\"asterisk-misdn~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-jabber\", rpm:\"asterisk-jabber~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-firmware\", rpm:\"asterisk-firmware~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-festival\", rpm:\"asterisk-festival~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-fax\", rpm:\"asterisk-fax~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-devel\", rpm:\"asterisk-devel~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-curl\", rpm:\"asterisk-curl~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-conference\", rpm:\"asterisk-conference~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk-alsa\", rpm:\"asterisk-alsa~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.4.17~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:35", "references": [], "description": "## Technical Description\nSuccessful exploitation requires that a dialog has already been established.\n## Solution Description\nUpgrade to version version C.1.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nAsterisk BYE/Also Transfer Method DoS\n## References:\nVendor Specific News/Changelog Entry: http://bugs.digium.com/view.php?id=11637\nVendor Specific News/Changelog Entry: http://downloads.digium.com/pub/security/AST-2008-001.html\nSecurity Tracker: 1019152\n[Secunia Advisory ID:28312](https://secuniaresearch.flexerasoftware.com/advisories/28312/)\n[Secunia Advisory ID:28299](https://secuniaresearch.flexerasoftware.com/advisories/28299/)\nOther Advisory URL: http://downloads.digium.com/pub/security/AST-2008-001.html\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html\nFrSIRT Advisory: ADV-2008-0019\n[CVE-2008-0095](https://vulners.com/cve/CVE-2008-0095)\nBugtraq ID: 27110\n", "edition": 1, "reporter": "Grey VoIP()", "published": "2008-01-03T20:19:16", "title": "Asterisk BYE/Also Transfer Method DoS", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2008-0095"], "modified": "2008-01-03T20:19:16", "href": "https://vulners.com/osvdb/OSVDB:39841", "id": "OSVDB:39841", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-03T13:33:58", "osvdbidlist": ["39841"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "Asterisk 1.x BYE Message Remote Denial of Service Vulnerability. CVE-2008-0095. Dos exploits for multiple platform", "reporter": "greyvoip", "published": "2008-01-02T00:00:00", "type": "exploitdb", "title": "Asterisk 1.x - BYE Message Remote Denial of Service Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2008-0095"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2008-01-02T00:00:00", "id": "EDB-ID:30974", "href": "https://www.exploit-db.com/exploits/30974/", "sourceData": "source: http://www.securityfocus.com/bid/27110/info\r\n\r\nAsterisk is prone to a remote denial-of-service vulnerability.\r\n\r\nExploiting this issue allows remote attackers to cause the application to crash, effectively denying service to legitimate users. \r\n\r\nBYE sip:303@10.0.0.15 SIP/2.0\r\nVia: SIP/2.0/UDP 10.0.0.100:7279;branch=z9hG4bK976ed70381c64bc6a5ec25b63f3df402\r\nTo: <sip:303@10.0.0.15>;tag=as664746ba\r\nFrom: <sip:user@10.0.0.15>;tag=0509943750\r\nCall-ID: 11f5ae5ba1e04a25a1184ff158654371\r\nCSeq: 3 BYE\r\nMax-Forwards: 70\r\nAlso: sip:303@10.0.0.15", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/30974/"}], "zdt": [{"lastseen": "2018-03-14T09:18:57", "references": [], "edition": 2, "description": "Exploit for multiple platform in category dos / poc", "reporter": "greyvoip", "published": "2014-04-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "zdt", "title": "Asterisk 1.x - BYE Message Remote Denial of Service Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-0095"], "modified": "2014-04-09T00:00:00", "id": "1337DAY-ID-22123", "href": "https://0day.today/exploit/description/22123", "sourceData": "source: http://www.securityfocus.com/bid/27110/info\r\n \r\nAsterisk is prone to a remote denial-of-service vulnerability.\r\n \r\nExploiting this issue allows remote attackers to cause the application to crash, effectively denying service to legitimate users.\r\n \r\nBYE sip:[email\u00a0protected] SIP/2.0\r\nVia: SIP/2.0/UDP 10.0.0.100:7279;branch=z9hG4bK976ed70381c64bc6a5ec25b63f3df402\r\nTo: <sip:[email\u00a0protected]>;tag=as664746ba\r\nFrom: <sip:[email\u00a0protected]>;tag=0509943750\r\nCall-ID: 11f5ae5ba1e04a25a1184ff158654371\r\nCSeq: 3 BYE\r\nMax-Forwards: 70\r\nAlso: sip:[email\u00a0protected]\n\n# 0day.today [2018-03-14] #", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://0day.today/exploit/22123"}], "nessus": [{"lastseen": "2018-11-21T06:01:26", "references": ["http://www.nessus.org/u?047c3079", "https://downloads.digium.com/pub/security/AST-2008-001.html"], "pluginID": "29847", "description": "Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2008-01-04T00:00:00", "title": "Fedora 7 : asterisk-1.4.17-1.fc7 (2008-0198)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0095"], "modified": "2018-11-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:asterisk-curl", "p-cpe:/a:fedoraproject:fedora:asterisk-mobile", "p-cpe:/a:fedoraproject:fedora:asterisk-fax", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap", "p-cpe:/a:fedoraproject:fedora:asterisk-misdn", "p-cpe:/a:fedoraproject:fedora:asterisk-devel", "p-cpe:/a:fedoraproject:fedora:asterisk-firmware", "cpe:/o:fedoraproject:fedora:7", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain", "p-cpe:/a:fedoraproject:fedora:asterisk-tds", "p-cpe:/a:fedoraproject:fedora:asterisk-zaptel", "p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo", "p-cpe:/a:fedoraproject:fedora:asterisk-festival", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-conference", "p-cpe:/a:fedoraproject:fedora:asterisk-skinny", "p-cpe:/a:fedoraproject:fedora:asterisk-snmp", "p-cpe:/a:fedoraproject:fedora:asterisk-jabber", "p-cpe:/a:fedoraproject:fedora:asterisk-radius", "p-cpe:/a:fedoraproject:fedora:asterisk-postgresql", "p-cpe:/a:fedoraproject:fedora:asterisk-odbc", "p-cpe:/a:fedoraproject:fedora:asterisk-alsa", "p-cpe:/a:fedoraproject:fedora:asterisk-voicemail", "p-cpe:/a:fedoraproject:fedora:asterisk", "p-cpe:/a:fedoraproject:fedora:asterisk-oss"], "id": "FEDORA_2008-0198.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=29847", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-0198.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29847);\n script_version (\"1.11\");\n script_cvs_date(\"Date: 2018/11/20 11:04:16\");\n\n script_cve_id(\"CVE-2008-0095\");\n script_xref(name:\"FEDORA\", value:\"2008-0198\");\n\n script_name(english:\"Fedora 7 : asterisk-1.4.17-1.fc7 (2008-0198)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes AST-2008-001. See :\n\nhttp://downloads.digium.com/pub/security/AST-2008-001.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://downloads.digium.com/pub/security/AST-2008-001.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://downloads.digium.com/pub/security/AST-2008-001.html\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006519.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?047c3079\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-conference\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-fax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-festival\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-jabber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-misdn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-mobile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-oss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-skinny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-voicemail-plain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk-zaptel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-alsa-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-conference-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-curl-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-debuginfo-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-devel-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-fax-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-festival-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-firmware-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-jabber-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-misdn-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-mobile-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-odbc-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-oss-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-postgresql-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-radius-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-skinny-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-snmp-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-tds-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-voicemail-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-voicemail-imap-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-voicemail-odbc-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-voicemail-plain-1.4.17-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"asterisk-zaptel-1.4.17-1.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk / asterisk-alsa / asterisk-conference / asterisk-curl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}
