Search...

Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)

2013-07-12T00:00:00

ID FEDORA_2013-11336.NASL
Type nessus
Reporter Tenable
Modified 2018-11-28T00:00:00

Description

Rebased to version 0.9.0

bugzilla: modify: add --dependson (Don Zickus)

bugzilla: new: add --groups option (Paul Frields)

bugzilla: modify: Allow setting nearly every bug parameter

NovellBugzilla implementation removed, can't get it to work

Gracefully handle private bugs (bz #963979)

Raise error if python-magic is needed (bz #951572)

CVE-2013-2191: Add SSL host and cert validation (bz #975961, bz #951594)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2013-11336.
#

include("compat.inc");

if (description)
{
  script_id(67306);
  script_version("1.6");
  script_cvs_date("Date: 2018/11/28 22:47:44");

  script_cve_id("CVE-2013-2191");
  script_bugtraq_id(60687);
  script_xref(name:"FEDORA", value:"2013-11336");

  script_name(english:"Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"  - Rebased to version 0.9.0

    - bugzilla: modify: add --dependson (Don Zickus)

    - bugzilla: new: add --groups option (Paul Frields)

    - bugzilla: modify: Allow setting nearly every bug
      parameter

    - NovellBugzilla implementation removed, can't get it to
      work

    - Gracefully handle private bugs (bz #963979)

    - Raise error if python-magic is needed (bz #951572)

    - CVE-2013-2191: Add SSL host and cert validation (bz
      #975961, bz #951594)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=951594"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2013-June/110328.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?b0cc9548"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected python-bugzilla package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:python-bugzilla");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/06/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" &gt;!&lt; release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC19", reference:"python-bugzilla-0.9.0-1.fc19")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python-bugzilla");
}

JSON Vulners Source

Initial Source

{"id": "FEDORA_2013-11336.NASL", "bulletinFamily": "scanner", "title": "Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)", "description": "- Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2013-07-12T00:00:00", "modified": "2018-11-28T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67306", "reporter": "Tenable", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=951594", "http://www.nessus.org/u?b0cc9548"], "cvelist": ["CVE-2013-2191"], "type": "nessus", "lastseen": "2019-01-16T20:16:21", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2013-2191"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "- Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug parameter\n\n - NovellBugzilla implementation removed, can't get it to work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "a42eb54747250e978e534c33fe568399e1abf6bde4df3be11479e8127af63bf3", "hashmap": [{"hash": "e61a2fa7d238de9413c9a38bd8703799", "key": "references"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "d78ed43a170641fc75e2498d26655b57", "key": "cvelist"}, {"hash": "0360d29d9c13da0cd83ac0045b90b82d", "key": "title"}, {"hash": "b20cd1eede25e06c94fd32fb3a53f942", "key": "description"}, {"hash": "7401f535752b023095e38895d0757ecc", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0db193a0effe2d65dffecdb5e4d9c241", "key": "published"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "37d86d246a11feb96ff9459d78021a0b", "key": "pluginID"}, {"hash": "28033c5e0bf0c5f1073dc8996f5a8c76", "key": "modified"}, {"hash": "67b7656b24e7800deb44adccb2cd40d9", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67306", "id": "FEDORA_2013-11336.NASL", "lastseen": "2016-09-26T17:23:47", "modified": "2016-05-09T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.2", "pluginID": "67306", "published": "2013-07-12T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=951594", "http://www.nessus.org/u?b0cc9548"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-11336.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67306);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2016/05/09 15:36:32 $\");\n\n script_cve_id(\"CVE-2013-2191\");\n script_bugtraq_id(60687);\n script_xref(name:\"FEDORA\", value:\"2013-11336\");\n\n script_name(english:\"Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=951594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-June/110328.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0cc9548\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-bugzilla-0.9.0-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-bugzilla\");\n}\n", "title": "Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:23:47"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-bugzilla"], "cvelist": ["CVE-2013-2191"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "- Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug parameter\n\n - NovellBugzilla implementation removed, can't get it to work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "658a13cdfd0b189e68ac485e09e3b5d020ff74b9ff427bcfd3697b5d62a289bf", "hashmap": [{"hash": "e61a2fa7d238de9413c9a38bd8703799", "key": "references"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "d78ed43a170641fc75e2498d26655b57", "key": "cvelist"}, {"hash": "0360d29d9c13da0cd83ac0045b90b82d", "key": "title"}, {"hash": "b20cd1eede25e06c94fd32fb3a53f942", "key": "description"}, {"hash": "7401f535752b023095e38895d0757ecc", "key": "href"}, {"hash": "027d7577f5dc72838c8e81737b8714b4", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0db193a0effe2d65dffecdb5e4d9c241", "key": "published"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "37d86d246a11feb96ff9459d78021a0b", "key": "pluginID"}, {"hash": "28033c5e0bf0c5f1073dc8996f5a8c76", "key": "modified"}, {"hash": "67b7656b24e7800deb44adccb2cd40d9", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67306", "id": "FEDORA_2013-11336.NASL", "lastseen": "2017-10-29T13:35:26", "modified": "2016-05-09T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "67306", "published": "2013-07-12T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=951594", "http://www.nessus.org/u?b0cc9548"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-11336.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67306);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2016/05/09 15:36:32 $\");\n\n script_cve_id(\"CVE-2013-2191\");\n script_bugtraq_id(60687);\n script_xref(name:\"FEDORA\", value:\"2013-11336\");\n\n script_name(english:\"Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=951594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-June/110328.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0cc9548\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-bugzilla-0.9.0-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-bugzilla\");\n}\n", "title": "Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:35:26"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-bugzilla"], "cvelist": ["CVE-2013-2191"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "- Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug parameter\n\n - NovellBugzilla implementation removed, can't get it to work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "658a13cdfd0b189e68ac485e09e3b5d020ff74b9ff427bcfd3697b5d62a289bf", "hashmap": [{"hash": "e61a2fa7d238de9413c9a38bd8703799", "key": "references"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "d78ed43a170641fc75e2498d26655b57", "key": "cvelist"}, {"hash": "0360d29d9c13da0cd83ac0045b90b82d", "key": "title"}, {"hash": "b20cd1eede25e06c94fd32fb3a53f942", "key": "description"}, {"hash": "7401f535752b023095e38895d0757ecc", "key": "href"}, {"hash": "027d7577f5dc72838c8e81737b8714b4", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0db193a0effe2d65dffecdb5e4d9c241", "key": "published"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "37d86d246a11feb96ff9459d78021a0b", "key": "pluginID"}, {"hash": "28033c5e0bf0c5f1073dc8996f5a8c76", "key": "modified"}, {"hash": "67b7656b24e7800deb44adccb2cd40d9", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67306", "id": "FEDORA_2013-11336.NASL", "lastseen": "2018-09-01T23:38:09", "modified": "2016-05-09T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "67306", "published": "2013-07-12T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=951594", "http://www.nessus.org/u?b0cc9548"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-11336.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67306);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2016/05/09 15:36:32 $\");\n\n script_cve_id(\"CVE-2013-2191\");\n script_bugtraq_id(60687);\n script_xref(name:\"FEDORA\", value:\"2013-11336\");\n\n script_name(english:\"Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=951594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-June/110328.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0cc9548\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-bugzilla-0.9.0-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-bugzilla\");\n}\n", "title": "Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-01T23:38:09"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-bugzilla"], "cvelist": ["CVE-2013-2191"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "- Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug parameter\n\n - NovellBugzilla implementation removed, can't get it to work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "f10757de928440d19e27a6ea94b45911913105461f8ae99fca5ad49b3e1cc105", "hashmap": [{"hash": "e61a2fa7d238de9413c9a38bd8703799", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "d78ed43a170641fc75e2498d26655b57", "key": "cvelist"}, {"hash": "0360d29d9c13da0cd83ac0045b90b82d", "key": "title"}, {"hash": "b20cd1eede25e06c94fd32fb3a53f942", "key": "description"}, {"hash": "7401f535752b023095e38895d0757ecc", "key": "href"}, {"hash": "027d7577f5dc72838c8e81737b8714b4", "key": "cpe"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0db193a0effe2d65dffecdb5e4d9c241", "key": "published"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "37d86d246a11feb96ff9459d78021a0b", "key": "pluginID"}, {"hash": "28033c5e0bf0c5f1073dc8996f5a8c76", "key": "modified"}, {"hash": "67b7656b24e7800deb44adccb2cd40d9", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67306", "id": "FEDORA_2013-11336.NASL", "lastseen": "2018-08-30T19:34:27", "modified": "2016-05-09T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "67306", "published": "2013-07-12T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=951594", "http://www.nessus.org/u?b0cc9548"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-11336.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67306);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2016/05/09 15:36:32 $\");\n\n script_cve_id(\"CVE-2013-2191\");\n script_bugtraq_id(60687);\n script_xref(name:\"FEDORA\", value:\"2013-11336\");\n\n script_name(english:\"Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=951594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-June/110328.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0cc9548\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-bugzilla-0.9.0-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-bugzilla\");\n}\n", "title": "Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:34:27"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-bugzilla"], "cvelist": ["CVE-2013-2191"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "- Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug parameter\n\n - NovellBugzilla implementation removed, can't get it to work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "0b3512d0b61c76618917780a944cb3197dc647a559e41e74536a36e71710f69c", "hashmap": [{"hash": "e61a2fa7d238de9413c9a38bd8703799", "key": "references"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "d78ed43a170641fc75e2498d26655b57", "key": "cvelist"}, {"hash": "0360d29d9c13da0cd83ac0045b90b82d", "key": "title"}, {"hash": "b20cd1eede25e06c94fd32fb3a53f942", "key": "description"}, {"hash": "7401f535752b023095e38895d0757ecc", "key": "href"}, {"hash": "027d7577f5dc72838c8e81737b8714b4", "key": "cpe"}, {"hash": "460b12446c99e9f96de9e7fe92f5d167", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0db193a0effe2d65dffecdb5e4d9c241", "key": "published"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "37d86d246a11feb96ff9459d78021a0b", "key": "pluginID"}, {"hash": "9d3b423e814501fbf19abfdbc3808cf2", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67306", "id": "FEDORA_2013-11336.NASL", "lastseen": "2018-11-29T19:21:21", "modified": "2018-11-28T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "67306", "published": "2013-07-12T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=951594", "http://www.nessus.org/u?b0cc9548"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-11336.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67306);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2013-2191\");\n script_bugtraq_id(60687);\n script_xref(name:\"FEDORA\", value:\"2013-11336\");\n\n script_name(english:\"Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=951594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-June/110328.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0cc9548\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-bugzilla-0.9.0-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-bugzilla\");\n}\n", "title": "Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-11-29T19:21:21"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "027d7577f5dc72838c8e81737b8714b4"}, {"key": "cvelist", "hash": "d78ed43a170641fc75e2498d26655b57"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "de956ad4b4b6d11f05d31edafeb5111e"}, {"key": "href", "hash": "7401f535752b023095e38895d0757ecc"}, {"key": "modified", "hash": "460b12446c99e9f96de9e7fe92f5d167"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "37d86d246a11feb96ff9459d78021a0b"}, {"key": "published", "hash": "0db193a0effe2d65dffecdb5e4d9c241"}, {"key": "references", "hash": "e61a2fa7d238de9413c9a38bd8703799"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "9d3b423e814501fbf19abfdbc3808cf2"}, {"key": "title", "hash": "0360d29d9c13da0cd83ac0045b90b82d"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "3cad15510a509685cb262a2f586b1c396ad4d2613442868d0bcda7314142d5b1", "viewCount": 0, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-2191"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310866058", "OPENVAS:866057", "OPENVAS:866058", "OPENVAS:1361412562310866057"]}, {"type": "nessus", "idList": ["FEDORA_2013-11419.NASL", "FEDORA_2013-11397.NASL", "OPENSUSE-2013-562.NASL"]}], "modified": "2019-01-16T20:16:21"}, "vulnersScore": 2.1}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-11336.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67306);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2013-2191\");\n script_bugtraq_id(60687);\n script_xref(name:\"FEDORA\", value:\"2013-11336\");\n\n script_name(english:\"Fedora 19 : python-bugzilla-0.9.0-1.fc19 (2013-11336)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=951594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-June/110328.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0cc9548\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-bugzilla-0.9.0-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-bugzilla\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "67306", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-bugzilla"]}

{"cve": [{"lastseen": "2018-11-01T05:14:10", "bulletinFamily": "NVD", "description": "python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate.", "modified": "2018-10-30T12:27:34", "published": "2014-02-07T19:55:06", "id": "CVE-2013-2191", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2191", "title": "CVE-2013-2191", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2019-01-16T20:16:21", "bulletinFamily": "scanner", "description": "- Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-11-28T00:00:00", "published": "2013-07-12T00:00:00", "id": "FEDORA_2013-11397.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67308", "title": "Fedora 17 : python-bugzilla-0.9.0-1.fc17 (2013-11397)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-11397.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67308);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2013-2191\");\n script_bugtraq_id(60687);\n script_xref(name:\"FEDORA\", value:\"2013-11397\");\n\n script_name(english:\"Fedora 17 : python-bugzilla-0.9.0-1.fc17 (2013-11397)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=951594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111123.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ddeb5f9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"python-bugzilla-0.9.0-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-bugzilla\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:16:21", "bulletinFamily": "scanner", "description": "- Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-11-28T00:00:00", "published": "2013-07-12T00:00:00", "id": "FEDORA_2013-11419.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67311", "title": "Fedora 18 : python-bugzilla-0.9.0-1.fc18 (2013-11419)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-11419.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67311);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2013-2191\");\n script_bugtraq_id(60687);\n script_xref(name:\"FEDORA\", value:\"2013-11419\");\n\n script_name(english:\"Fedora 18 : python-bugzilla-0.9.0-1.fc18 (2013-11419)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Rebased to version 0.9.0\n\n - bugzilla: modify: add --dependson (Don Zickus)\n\n - bugzilla: new: add --groups option (Paul Frields)\n\n - bugzilla: modify: Allow setting nearly every bug\n parameter\n\n - NovellBugzilla implementation removed, can't get it to\n work\n\n - Gracefully handle private bugs (bz #963979)\n\n - Raise error if python-magic is needed (bz #951572)\n\n - CVE-2013-2191: Add SSL host and cert validation (bz\n #975961, bz #951594)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=951594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111077.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ecdacfaa\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"python-bugzilla-0.9.0-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-bugzilla\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:49", "bulletinFamily": "scanner", "description": "This python-bugzilla update fixes a SSL verification issue.\n\n - CVE-2013-2191 (bnc#825876) - validate SSL certificates\n and hostnames", "modified": "2018-11-10T00:00:00", "published": "2014-06-13T00:00:00", "id": "OPENSUSE-2013-562.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75076", "title": "openSUSE Security Update : python-bugzilla (openSUSE-SU-2013:1154-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-562.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75076);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:50:01\");\n\n script_cve_id(\"CVE-2013-2191\");\n script_bugtraq_id(60687);\n\n script_name(english:\"openSUSE Security Update : python-bugzilla (openSUSE-SU-2013:1154-1)\");\n script_summary(english:\"Check for the openSUSE-2013-562 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This python-bugzilla update fixes a SSL verification issue.\n\n - CVE-2013-2191 (bnc#825876) - validate SSL certificates\n and hostnames\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=825876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-07/msg00025.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"python-bugzilla-0.6.2-6.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-bugzilla-0.6.2-8.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-bugzilla\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2018-01-19T15:09:01", "bulletinFamily": "scanner", "description": "Check for the Version of python-bugzilla", "modified": "2018-01-19T00:00:00", "published": "2013-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=866057", "id": "OPENVAS:866057", "title": "Fedora Update for python-bugzilla FEDORA-2013-11397", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-bugzilla FEDORA-2013-11397\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"python-bugzilla on Fedora 17\";\ntag_insight = \"python-bugzilla is a python library for interacting with bugzilla instances\n over XML-RPC. This package also includes the 'bugzilla' command-line tool\n for interacting with bugzilla from shell scripts.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(866057);\n script_version(\"$Revision: 8466 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 07:58:30 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-11 10:26:22 +0530 (Thu, 11 Jul 2013)\");\n script_cve_id(\"CVE-2013-2191\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Fedora Update for python-bugzilla FEDORA-2013-11397\");\n\n script_xref(name: \"FEDORA\", value: \"2013-11397\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111123.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of python-bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-bugzilla\", rpm:\"python-bugzilla~0.9.0~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-25T10:52:10", "bulletinFamily": "scanner", "description": "Check for the Version of python-bugzilla", "modified": "2017-07-10T00:00:00", "published": "2013-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=866058", "id": "OPENVAS:866058", "title": "Fedora Update for python-bugzilla FEDORA-2013-11419", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-bugzilla FEDORA-2013-11419\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"python-bugzilla on Fedora 18\";\ntag_insight = \"python-bugzilla is a python library for interacting with bugzilla instances\n over XML-RPC. This package also includes the 'bugzilla' command-line tool\n for interacting with bugzilla from shell scripts.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(866058);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-11 10:26:23 +0530 (Thu, 11 Jul 2013)\");\n script_cve_id(\"CVE-2013-2191\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Fedora Update for python-bugzilla FEDORA-2013-11419\");\n\n script_xref(name: \"FEDORA\", value: \"2013-11419\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111077.html\");\n script_summary(\"Check for the Version of python-bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-bugzilla\", rpm:\"python-bugzilla~0.9.0~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:56:09", "bulletinFamily": "scanner", "description": "Check for the Version of python-bugzilla", "modified": "2018-04-06T00:00:00", "published": "2013-07-11T00:00:00", "id": "OPENVAS:1361412562310866058", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866058", "title": "Fedora Update for python-bugzilla FEDORA-2013-11419", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-bugzilla FEDORA-2013-11419\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"python-bugzilla on Fedora 18\";\ntag_insight = \"python-bugzilla is a python library for interacting with bugzilla instances\n over XML-RPC. This package also includes the 'bugzilla' command-line tool\n for interacting with bugzilla from shell scripts.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866058\");\n script_version(\"$Revision: 9372 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:56:37 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-11 10:26:23 +0530 (Thu, 11 Jul 2013)\");\n script_cve_id(\"CVE-2013-2191\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Fedora Update for python-bugzilla FEDORA-2013-11419\");\n\n script_xref(name: \"FEDORA\", value: \"2013-11419\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111077.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of python-bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-bugzilla\", rpm:\"python-bugzilla~0.9.0~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:57:45", "bulletinFamily": "scanner", "description": "Check for the Version of python-bugzilla", "modified": "2018-04-06T00:00:00", "published": "2013-07-11T00:00:00", "id": "OPENVAS:1361412562310866057", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866057", "title": "Fedora Update for python-bugzilla FEDORA-2013-11397", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-bugzilla FEDORA-2013-11397\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"python-bugzilla on Fedora 17\";\ntag_insight = \"python-bugzilla is a python library for interacting with bugzilla instances\n over XML-RPC. This package also includes the 'bugzilla' command-line tool\n for interacting with bugzilla from shell scripts.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866057\");\n script_version(\"$Revision: 9353 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-11 10:26:22 +0530 (Thu, 11 Jul 2013)\");\n script_cve_id(\"CVE-2013-2191\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Fedora Update for python-bugzilla FEDORA-2013-11397\");\n\n script_xref(name: \"FEDORA\", value: \"2013-11397\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111123.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of python-bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-bugzilla\", rpm:\"python-bugzilla~0.9.0~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}